Report - www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/

Report Overview

Visited public
2023-12-27 13:13:29
Tags
URL
www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Finishing URL
www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
IP / ASN
188.114.96.1
#13335 CLOUDFLARENET
Title
(1) New Message!

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.1337xx.to	375725	unknown	2020-02-24 09:05:17	2023-12-04 23:23:08	18 kB	1.2 MB	188.114.96.1
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-27 10:09:27	1.1 kB	33 kB	216.58.211.3
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12 17:15:41	2023-12-26 15:23:59	454 B	104 kB	45.133.44.10
trainedhomecoming.com	unknown	2023-12-20	2023-12-20 10:05:06	2023-12-24 21:38:04	900 B	46 kB	192.243.59.13
banquetunarmedgrater.com	unknown	2022-08-04	2022-08-04 17:12:50	2023-12-26 12:53:28	423 B	833 B	104.21.86.121
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15 17:46:22	2023-12-26 22:57:24	2.3 kB	173 kB	172.64.109.10
unseenreport.com	unknown	2022-03-30	2022-03-30 16:33:17	2023-12-25 23:51:23	1.5 kB	846 B	192.243.59.20
sanet.pics	465281	2017-02-05	2017-02-06 12:05:10	2023-11-17 20:47:24	467 B	18 kB	104.21.60.27
forestsfatal.com	unknown	2023-12-11	2023-12-20 13:39:44	2023-12-27 12:21:48	7.9 kB	8.5 kB	173.233.137.44
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2023-12-26 14:05:22	878 B	840 B	3.124.14.40
subjectedtearingstew.com	unknown	2023-12-11	2023-12-20 13:36:34	2023-12-20 15:27:47	501 B	467 B	192.243.61.227
cdn.barscreative1.com	25648	2021-09-08	2021-09-16 13:14:42	2023-12-26 16:34:09	496 B	827 B	45.133.44.3
friendshipmale.com	unknown	2022-10-21	2022-10-21 14:15:25	2023-12-26 06:49:27	822 B	173 kB	104.21.234.33
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-27 11:19:10	430 B	7.5 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-27 13:07:04	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-12-27 13:07:04	medium	Client IP	Internal IP	ET DNS Query for .to TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-27	medium	trainedhomecoming.com	Sinkholed
2023-12-27	medium	trainedhomecoming.com	Sinkholed
2023-12-27	medium	subjectedtearingstew.com	Sinkholed
2023-12-27	medium	forestsfatal.com	Sinkholed
2023-12-27	medium	forestsfatal.com	Sinkholed
2023-12-27	medium	unseenreport.com	Sinkholed
2023-12-27	medium	unseenreport.com	Sinkholed
2023-12-27	medium	forestsfatal.com	Sinkholed
2023-12-27	medium	forestsfatal.com	Sinkholed
2023-12-27	medium	forestsfatal.com	Sinkholed
2023-12-27	medium	forestsfatal.com	Sinkholed
2023-12-27	medium	forestsfatal.com	Sinkholed
2023-12-27	medium	forestsfatal.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (19)

	URL	From	Size	First Seen	Last Seen
	www.1337xx.to/static/js/pagination.js	ScriptElement	3.0 kB	2023-03-07	2025-05-29
Pretty URL www.1337xx.to/static/js/pagination.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27 Last Seen2025-05-29 23:33 Times Seen65 Hash 9f98cf860838ec75816a8300bb88d4ba 9a3cec7d3773f0971dffd9cfc2f578010bdc9432 be1a851a36499a153ca9578b4f76bab92d737253b444c62276d7e57b82998d39 Loading...

	www.1337xx.to/static/js/scrollbar.js	ScriptElement	40 kB	2023-03-07	2025-05-29
Pretty URL www.1337xx.to/static/js/scrollbar.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-05-29 23:33 Times Seen207 Hash a9dbd5c265a5fbb9c24df23438b5492d f05001780b0223d840b7ec19221ac21bd659fa58 027643f8d1ed4fad0eb9f35c0a4909e60385a799f45091cf9ba6a3aa8877197b Loading...

	www.1337xx.to/static/js/jquery-1.11.0.min.js	ScriptElement	96 kB	2023-03-07	2025-05-29
Pretty URL www.1337xx.to/static/js/jquery-1.11.0.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-05-29 23:33 Times Seen890 Hash eaec1712551cd2792f4607f39fab12e7 2439711705752fac5dd1a6a8d6b1be63ffcbc76d 746e54e89161118a67bd59103c4ab55e3060735cc85c1d047c2cf04d4b12043d Loading...

	www.1337xx.to/static/js/tab.js	ScriptElement	1.8 kB	2023-03-07	2025-05-29
Pretty URL www.1337xx.to/static/js/tab.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-05-29 23:33 Times Seen224 Hash bdccba90d093432de58bc0d3fc151a95 d6db9210b8d67d8486babaf2fa88fb1a3ef2c781 b44a83c3140140106709bd4a0a8e6500086f01b87b4480fcc0f3cdf196a268bb Loading...

	www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/	ScriptElement	162 B	2023-03-07	2025-05-29
Pretty URL www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:07 Last Seen2025-05-29 19:12 Times Seen171 Hash 6b26e0d7c60ad2d5e9b365cc38781505 61683cc8cc94abc3c575f67ed24f73aa04149554 d3f53af7a31fc88722569c2f5c00621dc0f5dcee2e46ac98d28ab0f5f55904dc Loading...

	trainedhomecoming.com/bd/6c/33/bd6c3375a35d155e03aef20bbbe563ea.js	ScriptElement	74 kB	2024-08-20	2024-08-20
Pretty URL trainedhomecoming.com/bd/6c/33/bd6c3375a35d155e03aef20bbbe563ea.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 14:51 Last Seen2024-08-20 14:51 Times Seen1 Hash 31e066abe50809de8cea684f0991595d 462655bfcbc7ae23b5b69261aa79d22b9d4e962f fee04ac6faf8960e73f712369f93f4d4c13c71e72a4bdb80ab2e5577c0f01979 Loading...

	trainedhomecoming.com/75/eb/7b/75eb7bf55a6322e200a2e7f9c09f7eab.js	ScriptElement	43 kB	2024-08-20	2024-08-20
Pretty URL trainedhomecoming.com/75/eb/7b/75eb7bf55a6322e200a2e7f9c09f7eab.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 14:51 Last Seen2024-08-20 14:51 Times Seen1 Hash 221b9e19e4b93eaadf0fbe60849b024b 4a7158603207837689d529a44e61d46fdcd2ba7d d534b273a79ffe30046ff5e072c32f789ac3d5e1b1ea174d1b05e50e903951dc Loading...

	banquetunarmedgrater.com/advertisers.js	ScriptElement	0 B	0001-01-01	2025-05-30
Pretty URL banquetunarmedgrater.com/advertisers.js IP 104.21.86.121 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-30 23:28 Times Seen4799642 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	friendshipmale.com/sfp.js	ScriptElement	86 kB	2023-11-23	2024-08-20
Pretty URL friendshipmale.com/sfp.js IP 104.21.234.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-23 18:35 Last Seen2024-08-20 18:08 Times Seen6307 Hash 924e967bca1d599992556a8d139b1c5a 222b09dbf164ddc03d39100fd0524a22018d28b2 ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95 Loading...

	www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/	ScriptElement	1.9 kB	2024-08-20	2024-08-20
Pretty URL www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 14:51 Last Seen2024-08-20 14:51 Times Seen1 Hash 546e8069dc1222ce91523536c73416f0 d4675939c24bc1abbf941a89be35fa9162dd1917 91827f2d26fbc0f48ddbd662170089ced501c63844951dea7186207d9948285b Loading...

	unknown	ScriptElement	1.1 kB	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 14:51 Last Seen2024-08-20 14:51 Times Seen1 Hash ef9c0023ed29d4efeff440d129650ee5 0a187c103ab18b80688ed641ef67acb3dad4c695 b0713af2b70d7553df8f48b120dbca0738e64937367561980dd4a7e8476acd0b Loading...

	www.1337xx.to/static/js/lazyload.min.js	ScriptElement	3.4 kB	2023-03-07	2025-05-30
Pretty URL www.1337xx.to/static/js/lazyload.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:04 Last Seen2025-05-30 21:30 Times Seen1326 Hash 5c01d7aff077b4ed0804b71c2e3ab4a1 56b4c94cff0d5fdfca579eac85da28a767607644 80351098c2478918bb80008d7836499305bf6f4d4b2abf742b8823255bbb0d8e Loading...

	www.1337xx.to/static/js/modal.js	ScriptElement	10 kB	2023-03-07	2025-05-29
Pretty URL www.1337xx.to/static/js/modal.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27 Last Seen2025-05-29 23:33 Times Seen83 Hash 8289720aa01982ad7b48c62b7f96dd93 7c5370aa27127c0cafb643b671dd2c9a906a8b8e a2589ffb2fd098b789870f1b48c8d83614c29df22739921ee3347d741b57dd4a Loading...

	www.1337xx.to/static/js/equalheight.js	ScriptElement	307 B	2023-03-07	2025-05-29
Pretty URL www.1337xx.to/static/js/equalheight.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-05-29 23:33 Times Seen207 Hash c5400113e82af2006936f4da906de973 4fcb2efc6c62d22351539de5120b971195727cb9 dfcfd312395fac51053cb661b4bece35f269d95ebbdfcd9f63a878eccef60396 Loading...

	www.1337xx.to/static/js/auto-searchv2.js	ScriptElement	716 B	2023-03-07	2025-05-29
Pretty URL www.1337xx.to/static/js/auto-searchv2.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-05-29 23:33 Times Seen248 Hash a4b57f03005db04060dfef0775e3d90b c4744701caefc235077f3843e1223117749cd0d9 453701e481d63aa42e7a0a6b2300d65a3c592073ae8f1f0158f6ef46400d4770 Loading...

	www.1337xx.to/static/js/main.js?v=1	ScriptElement	1.6 kB	2023-03-07	2025-05-29
Pretty URL www.1337xx.to/static/js/main.js?v=1 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27 Last Seen2025-05-29 19:12 Times Seen71 Hash 5c87297596179b890841cf19f434c4ba a956aeeb2e1cd686c21f4adac5688730e06638af 19c273d0582b3b6392302ece922088dfad5be1e094fb8510f1ed62320a3d2b26 Loading...

	www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/	ScriptElement	428 B	2023-03-07	2025-05-29
Pretty URL www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:27 Last Seen2025-05-29 19:12 Times Seen60 Hash 656b67527c95d13ef36ec5abe70d1279 2711b65273da5acc4f014640c9db74e5b65ad42e 3c1144a637dfe2abd3dc1c5c8627ea444a7b05d6355a22145402e5297bef7ede Loading...

	cdn.creative-bars1.com/sb/ssp/vpn/os-box/small/js/jquery.min.js	ScriptElement	84 kB	2023-03-07	2025-05-30
Pretty URL cdn.creative-bars1.com/sb/ssp/vpn/os-box/small/js/jquery.min.js IP 172.64.109.10 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-30 21:56 Times Seen7575 Hash 4a356126b9573eb7bd1e9a7494737410 8258d046f17dd3c15a5d3984e1868b7b5d1db329 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5 Loading...

	www.1337xx.to/static/js/jquery-ui.js	ScriptElement	307 kB	2023-03-07	2025-05-29
Pretty URL www.1337xx.to/static/js/jquery-ui.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-05-29 23:33 Times Seen247 Hash 7ddac2a3d1e7091bd51f23f0250a7fea 5537fb7969f7a8349e0292ce9710df8daae5ad3c ebdadbb78c8a4e8433168bcdb49b87d0cb4809bbca7aaf29fbe36a9c77be5e35 Loading...

HTTP Transactions (64)

URL IP Response Size

sanet.pics/storage-7/1121/k6r6DKzzhjWPVcE4Y7g0tQbdY648XNdo.jpg

104.21.60.27

200 OK

18 kB

URL GET HTTP/2
sanet.pics/storage-7/1121/k6r6DKzzhjWPVcE4Y7g0tQbdY648XNdo.jpg
IP
104.21.60.27:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subjectsanet.pics
FingerprintA4:E4:5D:7B:08:20:FE:9A:22:A0:57:5A:DB:F1:2A:72:DE:AA:27:F4
ValiditySat, 04 Nov 2023 17:58:57 GMT - Fri, 02 Feb 2024 17:58:56 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 309x454, components 3
Size
18 kB (17453 bytes)
Hash
7acdba69593a091c8a75dd660f11a219
982e6245505ac26e5679a6edcc9dc12423a9e5d9
27c7ddbc4ccc39a237772141098aa270b8c08260bdbbab76b30383ecd9d341f0

HTTP Headers

GET /storage-7/1121/k6r6DKzzhjWPVcE4Y7g0tQbdY648XNdo.jpg HTTP/1.1
Host: sanet.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: image/jpeg
content-length: 17453
last-modified: Tue, 30 Nov 2021 10:35:37 GMT
etag: "61a5fe79-442d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: DENY
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIShr1HC2jT1jjxGIQXdyFPCnT5D%2Fsb4CIJDFke1kYO1ixdHW4eqFTzNQfbkUqww9CA6kMLGDH1KVJrL9gNFXjlsS92%2BYdXaPHD9ApxEJedQ4Ym7drhTGrSxvgIX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83c1d18e8c0eb515-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.1337xx.to/css/images/body-bg.jpg

188.114.96.1

200 OK

2.5 kB

URL GET HTTP/3
www.1337xx.to/css/images/body-bg.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3
Size
2.5 kB (2454 bytes)
Hash
57176455b267a90c419d442f311cab4a
8ce7305a8e73bf2cea887b1b011c349e41b426d3
44411fdbd6a244c923866126c233c854cae07718591506d315a86e34e159f20b

HTTP Headers

GET /css/images/body-bg.jpg HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: image/jpg; charset=utf-8
content-length: 2454
x-powered-by: PHP/5.6.36
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7teRmkc9IyoyWqe98vGs3TnTOoq1%2BrxJZwHnqtd8zmm%2FmDJKqQt7DcxyHLKgg2beqE7fug6VlQ5uY4NetJ45fZSuc%2F3h%2FZG3Dd0vWHv0UV1H8GdCip54HC%2F2QM2%2F7gn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d18f7eb80b3d-OSL
alt-svc: h3=":443"; ma=86400

www.1337xx.to/css/webfonts/opensans-regular.woff

188.114.96.1

200 OK

23 kB

URL GET HTTP/3
www.1337xx.to/css/webfonts/opensans-regular.woff
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
Web Open Font Format, TrueType, length 22660, version 1.0
Size
23 kB (22660 bytes)
Hash
79515ad0788973c533405f7012dfeccd
5092881fad2caffdc6bf71bdab1ea547b73d3564
22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40

HTTP Headers

GET /css/webfonts/opensans-regular.woff HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: application/font-woff
content-length: 22660
last-modified: Wed, 22 Jun 2022 05:25:44 GMT
etag: "62b2a7d8-5884"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIucYokoSseR%2Bwh%2BsGfPz16F%2BQVb63l%2BIzqB6nnChNOZCJ0imFQm5FH5PFn1bdYpxWBg%2FohVV02b7F6zTWhEX8I%2BZYnvSFhZ%2Fv3x0OgLGr4DMGYiy2nbLr1qulwUlWER"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d18f8ebf0b3d-OSL
alt-svc: h3=":443"; ma=86400

www.1337xx.to/css/webfonts/oswald-regular.woff

188.114.96.1

200 OK

25 kB

URL GET HTTP/3
www.1337xx.to/css/webfonts/oswald-regular.woff
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
Web Open Font Format, TrueType, length 25248, version 1.0
Size
25 kB (25248 bytes)
Hash
77f9ec053e5256b45207e37effb5a1b1
b881bffa5a7dd80494d621ec6f72c3f5545448f3
c5bccac5053a0089da4fb1a1693579ed4893a75b8fdc1c4f43a9151a2a9fb754

HTTP Headers

GET /css/webfonts/oswald-regular.woff HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: application/font-woff
content-length: 25248
last-modified: Wed, 22 Jun 2022 05:25:48 GMT
etag: "62b2a7dc-62a0"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mqljcxdWxgz8EmdtH6aK4xbn9RhobN8UxpQFdGGaGDvPO3h005yJSK0C%2BM4gxuNWxsbvYJoL23HRuCYEamUTIpDfDrXshdvE51fEneWdRg0jQ6nd8d9zGqMC9MQb55P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d18fdef60b3d-OSL
alt-svc: h3=":443"; ma=86400

www.1337xx.to/css/images/nav-bg.png

188.114.96.1

200 OK

616 B

URL GET HTTP/3
www.1337xx.to/css/images/nav-bg.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
PNG image data, 224 x 38, 8-bit/color RGBA, non-interlaced
Size
616 B (616 bytes)
Hash
ad83550eff315bb6a02e2cfd2cfde3ad
055c467e7c93ee76a9653e8b898f6823197dae8e
3794019a41c0284bee7a232dc11d922b847c614bc439cdac17de2c0175199752

HTTP Headers

GET /css/images/nav-bg.png HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: image/png; charset=utf-8
content-length: 616
x-powered-by: PHP/5.6.36
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GvrJlGNz%2F4AbycWmEL4SDep3lrosdb%2FGirGd%2B1ODcxIRHo5addVX8VgADiH5DMl%2BhxMXJhTOFIFv9FrOaKNX%2ByeGCLVCV4tFm%2BD0aXnQ09Wh25WMHC%2B7dYH8nUi0bFhO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d1900f170b3d-OSL
alt-svc: h3=":443"; ma=86400

www.1337xx.to/css/images/sep.png

188.114.96.1

200 OK

979 B

URL GET HTTP/3
www.1337xx.to/css/images/sep.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
PNG image data, 4 x 20, 8-bit/color RGBA, non-interlaced
Size
979 B (979 bytes)
Hash
f5ad1e8afade5211d93125e993a936ba
cfda5224a37a1c391afc574ac33e7e9bde1e98ed
fde5dfff31f2e819031fe7cf8a2729fe1c81ab96576167b5f4cebb3ca4c160d5

HTTP Headers

GET /css/images/sep.png HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: image/png; charset=utf-8
content-length: 979
x-powered-by: PHP/5.6.36
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVd%2FpypGxIGppCWOOGuy0Ku1WSuq%2FM4Q8EbKNUp7AjARO3ih0TiU74tQ1hgaQR3rWMBLZDLvcfZ9tEzcS90dNwiJvXFq1It5DcdAoC7MkBSqiTrzcuGoPVSayC59D0hQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d1900f190b3d-OSL
alt-svc: h3=":443"; ma=86400

www.1337xx.to/css/images/nav-hover.jpg

188.114.96.1

200 OK

1.2 kB

URL GET HTTP/3
www.1337xx.to/css/images/nav-hover.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 20x20, components 3
Size
1.2 kB (1208 bytes)
Hash
248a62fead4580264aee0ab8fdbf5d1b
46be6ecdbf1f20fbc3d007d70b69383857a8a2b7
48c3b716c25fb706acee3f768b06eec4722ca83174ae484b031b8447d126f8de

HTTP Headers

GET /css/images/nav-hover.jpg HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: image/jpg; charset=utf-8
content-length: 1208
x-powered-by: PHP/5.6.36
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TqX%2FtsasGY%2BW9151wcqScfqv%2FnCuemJvvOOv0jbQv0JtVO56vLeSt0k3scin37gI1AUoCcnlV74yBEIHGm96trsV2gF69YI6afz5vejmOTmUVedtuQr8Gp8%2FI9W708JT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d1900f1a0b3d-OSL
alt-svc: h3=":443"; ma=86400

www.1337xx.to/static/js/jquery-1.11.0.min.js

188.114.96.1

200 OK

36 kB

URL GET HTTP/3
www.1337xx.to/static/js/jquery-1.11.0.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
ASCII text, with very long lines (32341), with CRLF line terminators
Size
36 kB (35977 bytes)
Hash
eaec1712551cd2792f4607f39fab12e7
2439711705752fac5dd1a6a8d6b1be63ffcbc76d
746e54e89161118a67bd59103c4ab55e3060735cc85c1d047c2cf04d4b12043d

HTTP Headers

GET /static/js/jquery-1.11.0.min.js HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 05:27:25 GMT
vary: Accept-Encoding
etag: W/"62b2a83d-17881"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYYFIsbIWUpgUt1PLdLQAGLCVA%2FYatXdCBFx0VtkeF38jy%2B3GqclDGLYuEUSQgFusu1ethYEbGDWNo8Stsdi3JAmqcD0Hw4bNBkjBUNmoa73DbLtubkcARfuzdvE%2BgEn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d18e3dd50b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.1337xx.to/css/images/notfication-bg.png

188.114.96.1

200 OK

121 B

URL GET HTTP/3
www.1337xx.to/css/images/notfication-bg.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
PNG image data, 4 x 4, 8-bit/color RGBA, non-interlaced
Size
121 B (121 bytes)
Hash
831c43c31346a124b70b6475490313f7
6bf7b325c7e207f9da08188af23723195ee5d3a3
19af91163505935886535f7b68b1528f99eb97d003fc03972e140da02c11d242

HTTP Headers

GET /css/images/notfication-bg.png HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/static/css/torrent.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: image/png; charset=utf-8
content-length: 121
x-powered-by: PHP/5.6.36
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=His5CA2XtYcoat0OUpJJpX5Ia7fG6C8BdylVp87Wj%2B6dHhdSvbyeiIG%2Fy%2FKandB8rrOyPkZgmOLkAjKOlPwaQP67nRoPmUz%2B9LEAsX6J2OWXVVinK0rMH7kyyb3NFOMn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d1900f1f0b3d-OSL
alt-svc: h3=":443"; ma=86400

www.1337xx.to/static/js/auto-searchv2.js

188.114.96.1

200 OK

23 kB

URL GET HTTP/3
www.1337xx.to/static/js/auto-searchv2.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
ASCII text, with very long lines (517)
Size
23 kB (22838 bytes)
Hash
a4b57f03005db04060dfef0775e3d90b
c4744701caefc235077f3843e1223117749cd0d9
453701e481d63aa42e7a0a6b2300d65a3c592073ae8f1f0158f6ef46400d4770

HTTP Headers

GET /static/js/auto-searchv2.js HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 05:27:20 GMT
etag: W/"62b2a838-2cc"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ekrQP4R9fKJx42L0ZlxeHAEaVLKHek4LFr5MM1AbgLGp9s3gG52bT3nqXaGXHHa7YF3EF999ElC%2F1djswR12pp5uB8BAJPqjFmPXarogFn7PyjD49hvaOGJDvadEyI6K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d18e3dd80b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.1337xx.to/static/css/images/detail-bg.jpg

188.114.96.1

200 OK

1.3 kB

URL GET HTTP/3
www.1337xx.to/static/css/images/detail-bg.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 4x4, components 3
Size
1.3 kB (1339 bytes)
Hash
22f4af1c6d3dfb8e7defd15cd4727660
2c00eaafee91994085bae813fcbe2275e71c0b39
7009cc20bd7c267c5950a4cf3d75c16e4f342f3c7d1ecb6082b199da1a71df80

HTTP Headers

GET /static/css/images/detail-bg.jpg HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/static/css/torrent.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: image/jpg; charset=utf-8
content-length: 1339
x-powered-by: PHP/5.6.36
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rYUjRqs6ZpwZbTCwR2z7Lf1ZL7ywYxc97%2B2SPL7dClxoLnzSZ9DqBWEYffsjfWKXRlWJ0amTn7c1YH4qraNOzFLzDcU%2FUPFabyR704rkvsKoqMPoufWmm6CwvQtEGMk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d1900f1d0b3d-OSL
alt-svc: h3=":443"; ma=86400

www.1337xx.to/css/images/tabs-nav-bg.jpg

188.114.96.1

200 OK

946 B

URL GET HTTP/3
www.1337xx.to/css/images/tabs-nav-bg.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
PNG image data, 10 x 46, 8-bit/color RGB, non-interlaced
Size
946 B (946 bytes)
Hash
74484aff30458cf3eef0104c2b48d070
7cf67e90bafd3519f360d4640c2ee0e029b500f8
879de89af5f1ff7a9174f0fc861a5d1bbd509584ea760b9c5c3168c97a10feb8

HTTP Headers

GET /css/images/tabs-nav-bg.jpg HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: image/jpg; charset=utf-8
content-length: 946
x-powered-by: PHP/5.6.36
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcX%2B5bas2G1LYinF0%2BARabMUG5kz1Af3sRboy9r8f7NjdVxAp0kM9sM7vcqzUZ7kjFLOAjvEIMM2OlQjzZbMsaSurttykR%2B2Pi6QN9KCOdz1Y0R3ESGgOOMJ5qjlyETp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d1900f200b3d-OSL
alt-svc: h3=":443"; ma=86400

www.1337xx.to/static/css/scrollbar.css

188.114.96.1

200 OK

32 kB

URL GET HTTP/3
www.1337xx.to/static/css/scrollbar.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
ASCII text, with very long lines (43122), with no line terminators
Size
32 kB (31824 bytes)
Hash
623cff5077cfc4bd395df29169b62883
e64507b0cb896794fdf04d14008639bc8edae0c6
b983b9a17054f789d9873cd4b4ba2dedc7c040234e81b29edef8d0a455f13063

HTTP Headers

GET /static/css/scrollbar.css HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: text/css
last-modified: Wed, 22 Jun 2022 05:26:34 GMT
vary: Accept-Encoding
etag: W/"62b2a80a-a872"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tGbhUpPJ3X08n9%2BgVglo8kNfegFBQ0InTvN%2BlkBA08qOe7SqQD%2B6FcmBXs8EhuD5PYZkk%2BSHdzXLXmH6hoM8vyuP4lTf2sueAv%2FmRSi9EBq2j4lm1gqKwpsodPjrktF8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d18e2dc50b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.1337xx.to/static/js/main.js?v=1

188.114.96.1

200 OK

23 kB

URL GET HTTP/3
www.1337xx.to/static/js/main.js?v=1
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
ASCII text
Size
23 kB (23175 bytes)
Hash
5c87297596179b890841cf19f434c4ba
a956aeeb2e1cd686c21f4adac5688730e06638af
19c273d0582b3b6392302ece922088dfad5be1e094fb8510f1ed62320a3d2b26

HTTP Headers

GET /static/js/main.js?v=1 HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 05:27:30 GMT
vary: Accept-Encoding
etag: W/"62b2a842-63e"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrIgS39rZnZe5hPQfyCdmjknXgQ0Cd9nYDdwb29potRzY296VUq7WNmFsAlppDE64YxRVtHCxOKKDdN1Yj7R5BXgKVI%2FSEJs5%2BQtV2NjdqfshSWCmZpCMOUIOX%2Bs6Xav"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d18e4ddd0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.1337xx.to/static/js/lazyload.min.js

188.114.96.1

200 OK

24 kB

URL GET HTTP/3
www.1337xx.to/static/js/lazyload.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
ASCII text, with very long lines (3309)
Size
24 kB (23854 bytes)
Hash
5c01d7aff077b4ed0804b71c2e3ab4a1
56b4c94cff0d5fdfca579eac85da28a767607644
80351098c2478918bb80008d7836499305bf6f4d4b2abf742b8823255bbb0d8e

HTTP Headers

GET /static/js/lazyload.min.js HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 05:27:28 GMT
vary: Accept-Encoding
etag: W/"62b2a840-d35"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lNNEVxoeJlcPDMUC4UjZlYPh4srAvwFlCvtI8fHYcc3lvTA2y%2FokdcPTmRqcF0Kr%2FeMBP4nNsCK2NDrjO6kkL2RsbT0uar6kErR%2Bs8k%2F%2FhXID6%2BQDYT5HhHkeA7d63L3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d18e4dec0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

trainedhomecoming.com/bd/6c/33/bd6c3375a35d155e03aef20bbbe563ea.js

192.243.59.13

200 OK

29 kB

URL GET HTTP/1.1
trainedhomecoming.com/bd/6c/33/bd6c3375a35d155e03aef20bbbe563ea.js
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerLet's Encrypt
Subjecttrainedhomecoming.com
Fingerprint2E:02:89:E0:DE:11:94:8D:55:35:C4:E6:25:A3:2C:27:36:44:E5:6B
ValidityWed, 20 Dec 2023 08:04:17 GMT - Tue, 19 Mar 2024 08:04:16 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
29 kB (29172 bytes)
Hash
31e066abe50809de8cea684f0991595d
462655bfcbc7ae23b5b69261aa79d22b9d4e962f
fee04ac6faf8960e73f712369f93f4d4c13c71e72a4bdb80ab2e5577c0f01979

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bd/6c/33/bd6c3375a35d155e03aef20bbbe563ea.js HTTP/1.1
Host: trainedhomecoming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 27 Dec 2023 13:13:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_FEATURES-1671-layer=0; expires=Thu, 11 Jan 2024 13:13:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ea61fb650bb77ed7ae4bf87ef4d28f37
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

trainedhomecoming.com/75/eb/7b/75eb7bf55a6322e200a2e7f9c09f7eab.js

192.243.59.13

200 OK

16 kB

URL GET HTTP/1.1
trainedhomecoming.com/75/eb/7b/75eb7bf55a6322e200a2e7f9c09f7eab.js
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerLet's Encrypt
Subjecttrainedhomecoming.com
Fingerprint2E:02:89:E0:DE:11:94:8D:55:35:C4:E6:25:A3:2C:27:36:44:E5:6B
ValidityWed, 20 Dec 2023 08:04:17 GMT - Tue, 19 Mar 2024 08:04:16 GMT

File type
ASCII text, with very long lines (43114), with no line terminators
Size
16 kB (15500 bytes)
Hash
221b9e19e4b93eaadf0fbe60849b024b
4a7158603207837689d529a44e61d46fdcd2ba7d
d534b273a79ffe30046ff5e072c32f789ac3d5e1b1ea174d1b05e50e903951dc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /75/eb/7b/75eb7bf55a6322e200a2e7f9c09f7eab.js HTTP/1.1
Host: trainedhomecoming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 27 Dec 2023 13:13:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0216c80b0ab039007af5a1a96edd8e8b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

proftrafficcounter.com/stats

3.124.14.40

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
3.124.14.40:443
ASN
#16509 AMAZON-02

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
8fef9a88e2808e7b13728aabbd05a853
644a790d23947f8a97aa3a757ccd919b1d954f2c
285eb102d6d48ae5305da1de816ab5a200cff95f945c1e7f1db78752ff7e1536

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 27 Dec 2023 13:13:03 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.1337xx.to
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=4249ee13-319f-4f1f-8571-6f44edc543a7:2:1; expires=Sat, 24 Dec 2033 13:13:03 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

3.124.14.40

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
3.124.14.40:443
ASN
#16509 AMAZON-02

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
5886a6509a16c60c620dfb56f91c5c4e
a87a858eb92484e0678d999063f8138ca65c10e5
f1dee766e5e3c3c07b64028cce24c1e7c4bc8270c1ad1453f73c0e863780fc26

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 27 Dec 2023 13:13:03 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.1337xx.to
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=5502afdf-f04c-45e5-ae3e-3e8c2ebb3fb6:3:1; expires=Sat, 24 Dec 2033 13:13:03 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

banquetunarmedgrater.com/advertisers.js

104.21.86.121

200 OK

0 B

URL GET HTTP/2
banquetunarmedgrater.com/advertisers.js
IP
104.21.86.121:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subjectbanquetunarmedgrater.com
Fingerprint92:8E:AD:72:AC:AD:3B:21:99:CD:21:A0:9F:BD:F2:AF:0D:98:D8:57
ValidityThu, 09 Nov 2023 11:40:15 GMT - Wed, 07 Feb 2024 11:40:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 27 Dec 2023 13:13:03 GMT
content-type: application/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=172800
x-request-id: 7f55908289201a092c56d6bbd0ff4fd7
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 27 Dec 2023 13:13:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLXM1FvyCopr9nMZHviyDQya99N46tx4u0s2efesC5c7pqy3dUcTaXGG9hltSbtAg6g4XZCqNxDqEP22AMHuW4vjiljfqNOpQPkIwWfXvX5fSn8j3uWhXTyZg0NSEirfGktexoMcqgLTGZY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83c1d194dfb456c9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

subjectedtearingstew.com/pixel/purst?dl=0&th=0&sc=0&rs=1552&rd=1552&fd=884&bv=23.12.v.10&tmpl=70

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
subjectedtearingstew.com/pixel/purst?dl=0&th=0&sc=0&rs=1552&rd=1552&fd=884&bv=23.12.v.10&tmpl=70
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerLet's Encrypt
Subjectsubjectedtearingstew.com
Fingerprint70:31:AC:F8:C7:C6:AF:09:97:A0:9A:A8:B4:71:0C:7C:73:05:CD:27
ValidityMon, 11 Dec 2023 08:12:10 GMT - Sun, 10 Mar 2024 08:12:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1552&rd=1552&fd=884&bv=23.12.v.10&tmpl=70 HTTP/1.1
Host: subjectedtearingstew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 27 Dec 2023 13:13:03 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

forestsfatal.com/sbar.json?key=75eb7bf55a6322e200a2e7f9c09f7eab&uuid=4249ee13-319f-4f1f-8571-6f44edc543a7%3A2%3A1

173.233.137.44

200 OK

3.4 kB

URL GET HTTP/1.1
forestsfatal.com/sbar.json?key=75eb7bf55a6322e200a2e7f9c09f7eab&uuid=4249ee13-319f-4f1f-8571-6f44edc543a7%3A2%3A1
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerLet's Encrypt
Subjectforestsfatal.com
Fingerprint1E:5B:AC:BA:40:81:9D:56:24:1E:99:1F:C2:47:8C:34:2A:CF:96:19
ValidityMon, 11 Dec 2023 07:45:28 GMT - Sun, 10 Mar 2024 07:45:27 GMT

File type
JSON data
Size
3.4 kB (3434 bytes)
Hash
6a08be1bbca53cb4344d581ee6303f5d
f6c5d9db12aaa3ba585c5b8080386b8f555697d3
1516a9c5bcd911fbd92102f3221380a129f5b3b3b11154101baeb670a5f22ff9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=75eb7bf55a6322e200a2e7f9c09f7eab&uuid=4249ee13-319f-4f1f-8571-6f44edc543a7%3A2%3A1 HTTP/1.1
Host: forestsfatal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 27 Dec 2023 13:13:04 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.1337xx.to
Access-Control-Allow-Origin: https://www.1337xx.to
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16578592; expires=Thu, 28 Dec 2023 13:13:04 GMT; secure; SameSite=None
uid_id2=4249ee13-319f-4f1f-8571-6f44edc543a7:2:1; expires=Wed, 03 Jan 2024 13:13:04 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 28 Dec 2023 13:13:04 GMT; secure; SameSite=None
uncs=1; expires=Thu, 28 Dec 2023 13:13:04 GMT; secure; SameSite=None
pdhtkv29=true; expires=Thu, 28 Dec 2023 13:13:04 GMT; secure; SameSite=None
uncs29=1; expires=Thu, 28 Dec 2023 13:13:04 GMT; secure; SameSite=None
slec75eb7bf55a6322e200a2e7f9c09f7eab=[4857767]; expires=Wed, 27 Dec 2023 13:13:09 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a91763e83d970f5148590443414aa264
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

forestsfatal.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitjslJEA255BBsxIOB7Gz%2F3NkxSjDmB9G4uySRPVd1Vc%2BWW9PVVHVPz46XxYDk4GFy0mPvm90s0RgMeBVl1ossiBkPsgcX%2FQ8EIQiKyMwOLH6H%2Bn687%2FDeq%2B%2FjrfKQ%2BCjpwcp7ui%2BVovNxw3NfW5UZ15V1l%2B64vtfwLrqrMluILrq9yWO6r%2Fte3PDOu9dFsq7nA8%2F3PN%2Fz3WvSiFT35qcoZP6o5TdaXiMKGn4coWf%2B39vSgaUOePeQnIbk41NrPzyBTEbIOl9dEXa90PmFq51S0UIbdPnu%2B9l6pqsMneMyNQ7SbHe2DW3HhHx2AjrbnSmA7m5PFIDJMXF%2B8cGy3RlNsO7OEVOmIDIw%2Fjyq7ghCjSDpCIm%2BC8mfEiDhWFpG1nmwpE1FN45QOkHH5OSzPyGrMTn56xlknceXley5t7UqC6kzi15aQ%2FZGkO0R8nIPRd%2BBrPaQFB9B8h%2FJ%2FLObyDrby1ZpSH7wahRELSH8cC70W%2BlclPrp3GLc9OcW0igSPImjkDanFkk5gkxHUGIAak%2BgtA5K6aBMHZS5gw4%2FcGncSj2vmbI0DBejJEnCMEnixQUe8zBaTD2UyUTDAEU%2BQKIGSMwmcrOJdXn%2FaXwapvwOdq2G5Q5sQdDlNSpBUFmCihJUkqAqCKpuvcOVDWz9gCtbMn%2BWg1kO66Eu2lt0RxdtkRFQM9jKD8lLU%2F%2F%2B%2BcvFujhwm7FgTZbGMV0Ig0AEnkcD0UxbiddKm4IyWFlD2hOg1kFfjsnZN68il2Ny6tN%2FwegerNpDIl8ELc%2BBVsNm4IGuDaNFD%2F3soR%2BGzV6vUWhwXSMvTqLYcLbUITk7JfHOy7sQyT6ZBRJTIzc1PpDfE7TVveEtXZHtW7qy5MlyXsiO7NPJB98uaCGcz98VG5U2%2FMYVO3j4VjIBJuWjO8IWN2nGZda25IvLknNhrmmTCPLNDbsq2Epp1y6XJivzmytvX7vRyY2wVupsBDo51i9dJHJMXrhwbnq859%2F4G9KMYMoanfKYq9R7SPJN2Hz%2F0k%2BzmdUERh3vsNxBVdZDE7DjoZIEShz3lNWwYv%2FS1%2F3frz8%2B8yGY2P%2F2jyNsy95D2zigxV1knRpdU6OralA1gC2fGxa52b%2F0czgNMOUMmTLONlNG3T8y18oDV8SplwovECxtsbRJPd5KoxajLV80WUx9FHYsPnnlt%2F8AAAD%2F%2FwEAAP%2F%2F7dzUd5QEAAA%3D

173.233.137.44

200 OK

7 B

URL GET HTTP/1.1
forestsfatal.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitjslJEA255BBsxIOB7Gz%2F3NkxSjDmB9G4uySRPVd1Vc%2BWW9PVVHVPz46XxYDk4GFy0mPvm90s0RgMeBVl1ossiBkPsgcX%2FQ8EIQiKyMwOLH6H%2Bn687%2FDeq%2B%2FjrfKQ%2BCjpwcp7ui%2BVovNxw3NfW5UZ15V1l%2B64vtfwLrqrMluILrq9yWO6r%2Fte3PDOu9dFsq7nA8%2F3PN%2Fz3WvSiFT35qcoZP6o5TdaXiMKGn4coWf%2B39vSgaUOePeQnIbk41NrPzyBTEbIOl9dEXa90PmFq51S0UIbdPnu%2B9l6pqsMneMyNQ7SbHe2DW3HhHx2AjrbnSmA7m5PFIDJMXF%2B8cGy3RlNsO7OEVOmIDIw%2Fjyq7ghCjSDpCIm%2BC8mfEiDhWFpG1nmwpE1FN45QOkHH5OSzPyGrMTn56xlknceXley5t7UqC6kzi15aQ%2FZGkO0R8nIPRd%2BBrPaQFB9B8h%2FJ%2FLObyDrby1ZpSH7wahRELSH8cC70W%2BlclPrp3GLc9OcW0igSPImjkDanFkk5gkxHUGIAak%2BgtA5K6aBMHZS5gw4%2FcGncSj2vmbI0DBejJEnCMEnixQUe8zBaTD2UyUTDAEU%2BQKIGSMwmcrOJdXn%2FaXwapvwOdq2G5Q5sQdDlNSpBUFmCihJUkqAqCKpuvcOVDWz9gCtbMn%2BWg1kO66Eu2lt0RxdtkRFQM9jKD8lLU%2F%2F%2B%2BcvFujhwm7FgTZbGMV0Ig0AEnkcD0UxbiddKm4IyWFlD2hOg1kFfjsnZN68il2Ny6tN%2FwegerNpDIl8ELc%2BBVsNm4IGuDaNFD%2F3soR%2BGzV6vUWhwXSMvTqLYcLbUITk7JfHOy7sQyT6ZBRJTIzc1PpDfE7TVveEtXZHtW7qy5MlyXsiO7NPJB98uaCGcz98VG5U2%2FMYVO3j4VjIBJuWjO8IWN2nGZda25IvLknNhrmmTCPLNDbsq2Epp1y6XJivzmytvX7vRyY2wVupsBDo51i9dJHJMXrhwbnq859%2F4G9KMYMoanfKYq9R7SPJN2Hz%2F0k%2BzmdUERh3vsNxBVdZDE7DjoZIEShz3lNWwYv%2FS1%2F3frz8%2B8yGY2P%2F2jyNsy95D2zigxV1knRpdU6OralA1gC2fGxa52b%2F0czgNMOUMmTLONlNG3T8y18oDV8SplwovECxtsbRJPd5KoxajLV80WUx9FHYsPnnlt%2F8AAAD%2F%2FwEAAP%2F%2F7dzUd5QEAAA%3D
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerLet's Encrypt
Subjectforestsfatal.com
Fingerprint1E:5B:AC:BA:40:81:9D:56:24:1E:99:1F:C2:47:8C:34:2A:CF:96:19
ValidityMon, 11 Dec 2023 07:45:28 GMT - Sun, 10 Mar 2024 07:45:27 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitjslJEA255BBsxIOB7Gz%2F3NkxSjDmB9G4uySRPVd1Vc%2BWW9PVVHVPz46XxYDk4GFy0mPvm90s0RgMeBVl1ossiBkPsgcX%2FQ8EIQiKyMwOLH6H%2Bn687%2FDeq%2B%2FjrfKQ%2BCjpwcp7ui%2BVovNxw3NfW5UZ15V1l%2B64vtfwLrqrMluILrq9yWO6r%2Fte3PDOu9dFsq7nA8%2F3PN%2Fz3WvSiFT35qcoZP6o5TdaXiMKGn4coWf%2B39vSgaUOePeQnIbk41NrPzyBTEbIOl9dEXa90PmFq51S0UIbdPnu%2B9l6pqsMneMyNQ7SbHe2DW3HhHx2AjrbnSmA7m5PFIDJMXF%2B8cGy3RlNsO7OEVOmIDIw%2Fjyq7ghCjSDpCIm%2BC8mfEiDhWFpG1nmwpE1FN45QOkHH5OSzPyGrMTn56xlknceXley5t7UqC6kzi15aQ%2FZGkO0R8nIPRd%2BBrPaQFB9B8h%2FJ%2FLObyDrby1ZpSH7wahRELSH8cC70W%2BlclPrp3GLc9OcW0igSPImjkDanFkk5gkxHUGIAak%2BgtA5K6aBMHZS5gw4%2FcGncSj2vmbI0DBejJEnCMEnixQUe8zBaTD2UyUTDAEU%2BQKIGSMwmcrOJdXn%2FaXwapvwOdq2G5Q5sQdDlNSpBUFmCihJUkqAqCKpuvcOVDWz9gCtbMn%2BWg1kO66Eu2lt0RxdtkRFQM9jKD8lLU%2F%2F%2B%2BcvFujhwm7FgTZbGMV0Ig0AEnkcD0UxbiddKm4IyWFlD2hOg1kFfjsnZN68il2Ny6tN%2FwegerNpDIl8ELc%2BBVsNm4IGuDaNFD%2F3soR%2BGzV6vUWhwXSMvTqLYcLbUITk7JfHOy7sQyT6ZBRJTIzc1PpDfE7TVveEtXZHtW7qy5MlyXsiO7NPJB98uaCGcz98VG5U2%2FMYVO3j4VjIBJuWjO8IWN2nGZda25IvLknNhrmmTCPLNDbsq2Epp1y6XJivzmytvX7vRyY2wVupsBDo51i9dJHJMXrhwbnq859%2F4G9KMYMoanfKYq9R7SPJN2Hz%2F0k%2BzmdUERh3vsNxBVdZDE7DjoZIEShz3lNWwYv%2FS1%2F3frz8%2B8yGY2P%2F2jyNsy95D2zigxV1knRpdU6OralA1gC2fGxa52b%2F0czgNMOUMmTLONlNG3T8y18oDV8SplwovECxtsbRJPd5KoxajLV80WUx9FHYsPnnlt%2F8AAAD%2F%2FwEAAP%2F%2F7dzUd5QEAAA%3D HTTP/1.1
Host: forestsfatal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Cookie: u_pl=16578592; uid_id2=4249ee13-319f-4f1f-8571-6f44edc543a7:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec75eb7bf55a6322e200a2e7f9c09f7eab=[4857767]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 27 Dec 2023 13:13:04 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b5d977d3b5746a7e5b9df9ca348f3989
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.barscreative1.com/sb/au/ef/6d/9c/ef6d9ce2996acaba379ea30acdea20ae/1632400430.html

45.133.44.3

200 OK

441 B

URL GET HTTP/2
cdn.barscreative1.com/sb/au/ef/6d/9c/ef6d9ce2996acaba379ea30acdea20ae/1632400430.html
IP
45.133.44.3:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerLet's Encrypt
Subjectcdn.barscreative1.com
Fingerprint55:06:B7:F1:EF:E9:55:FB:7C:8C:4F:5D:DB:05:C9:15:19:90:9B:2F
ValiditySat, 11 Nov 2023 03:00:51 GMT - Fri, 09 Feb 2024 03:00:50 GMT

File type
HTML document, ASCII text
Size
441 B (441 bytes)
Hash
234da4bb07714a581560d0b1ebd2e6bb
4123538d1f998ee2a3761c47e727e3d73dc85f26
b3d0eac77c745a41091c5bdc2426e3a05d8be341077cb2aac5025af015d201d1

HTTP Headers

GET /sb/au/ef/6d/9c/ef6d9ce2996acaba379ea30acdea20ae/1632400430.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 27 Dec 2023 13:13:04 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Thu, 23 Sep 2021 12:33:57 GMT
etag: W/"614c7435-4c2"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Wed, 27 Dec 2023 14:13:04 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/vpn/os-box/small/img/close.png

172.64.109.10

200 OK

769 B

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/vpn/os-box/small/img/close.png
IP
172.64.109.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint49:C8:A4:CE:31:56:FC:06:71:93:06:7A:69:DD:ED:B2:EF:C9:41:97
ValidityTue, 19 Dec 2023 15:02:46 GMT - Mon, 18 Mar 2024 15:02:45 GMT

File type
PNG image data, 23 x 23, 8-bit/color RGBA, non-interlaced
Size
769 B (769 bytes)
Hash
13b3b0cc6ce924780c0eec0b24c40c33
53b78225158a60f9327e135be26e365eb842f0df
7907c875d2dd81230f15826dffe1faa695cfb1f385adbb4d9480058d0d0112ad

HTTP Headers

GET /sb/ssp/vpn/os-box/small/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 27 Dec 2023 13:13:04 GMT
content-type: image/png
content-length: 769
last-modified: Tue, 21 Sep 2021 12:06:12 GMT
etag: "6149cab4-301"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 930415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2FOhlyVk15W1tdKSX8WoDBQABgaGzT2tzvPth4vUki4dxJVf%2BbZvvO8Su%2BPBNVOaehOiXdcNHwJnLKA%2FRMqt1a6XpGnPvHLsJgWxciTiKDoAUc5NAksZwXM1fhwBLr%2BuaoMNdge9Hfjp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83c1d19b08f279c9-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.1337xx.to/static/js/equalheight.js

188.114.96.1

200 OK

63 kB

URL GET HTTP/3
www.1337xx.to/static/js/equalheight.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
ASCII text, with very long lines (307), with no line terminators
Size
63 kB (62746 bytes)
Hash
c5400113e82af2006936f4da906de973
4fcb2efc6c62d22351539de5120b971195727cb9
dfcfd312395fac51053cb661b4bece35f269d95ebbdfcd9f63a878eccef60396

HTTP Headers

GET /static/js/equalheight.js HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 05:27:22 GMT
etag: W/"62b2a83a-133"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NV3hIIxA3PbDzsPraUu4LLM2ZpxGysijLOeZMblsZPb8Gsk9hPEt%2BCxhszaBMrDDVeibwV%2By8zmdifPm01KECssgJahIGtQugZi1WCrIP6AXDLy1B34kds%2BjpjoEs5d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d18e4de50b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

unseenreport.com/pxf.gif?uuid=5502afdf-f04c-45e5-ae3e-3e8c2ebb3fb6&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=bd6c3375a35d155e03aef20bbbe563ea&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13

192.243.59.20

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=5502afdf-f04c-45e5-ae3e-3e8c2ebb3fb6&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=bd6c3375a35d155e03aef20bbbe563ea&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint79:45:7F:58:D5:82:45:0A:7D:1E:FF:7A:98:05:26:E9:D6:FE:91:14
ValidityWed, 22 Nov 2023 07:56:28 GMT - Tue, 20 Feb 2024 07:56:27 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=5502afdf-f04c-45e5-ae3e-3e8c2ebb3fb6&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=bd6c3375a35d155e03aef20bbbe563ea&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 27 Dec 2023 13:13:04 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a97d7accee3cca6afa24d729859febbc
Strict-Transport-Security: max-age=0; includeSubdomains

www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/

188.114.96.1

200 OK

111 kB

URL User Request GET HTTP/2
www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2187), with CRLF, LF line terminators
Size
111 kB (111391 bytes)
Hash
da7eed7616a9ac4f860e5fe67a797777
b2de76ba100d5b3d543169b71bef8a686cc53423
4cc6c0e722786103a95698516e486a1539cf0c6094d79d9b85ac7ec8289bbeaa

HTTP Headers

GET /torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/ HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 27 Dec 2023 13:13:01 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.36
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tqT2LDI7m2Cylv%2FuWtaGkAQxEN0g8pay7F0K%2B5flZksKoX9AYCriIWSsSLx3FVCXVjnynJk4FxwghJEZ4RR0Podj5nxyAT%2FhEt7DWdA%2Bxny3PXZtBqLkmPlA6K%2BveLT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d189eeb156aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=5502afdf-f04c-45e5-ae3e-3e8c2ebb3fb6&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=75eb7bf55a6322e200a2e7f9c09f7eab&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13

192.243.59.20

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=5502afdf-f04c-45e5-ae3e-3e8c2ebb3fb6&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=75eb7bf55a6322e200a2e7f9c09f7eab&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint79:45:7F:58:D5:82:45:0A:7D:1E:FF:7A:98:05:26:E9:D6:FE:91:14
ValidityWed, 22 Nov 2023 07:56:28 GMT - Tue, 20 Feb 2024 07:56:27 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=5502afdf-f04c-45e5-ae3e-3e8c2ebb3fb6&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=75eb7bf55a6322e200a2e7f9c09f7eab&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 27 Dec 2023 13:13:04 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 80d90c5a08a1068cb716ef2bc5f9abc7
Strict-Transport-Security: max-age=0; includeSubdomains

www.1337xx.to/images/logo.svg

188.114.96.1

200 OK

2.9 kB

URL GET HTTP/3
www.1337xx.to/images/logo.svg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
SVG Scalable Vector Graphics image
Size
2.9 kB (2946 bytes)
Hash
4c0fa201642007f3e76abdda20900070
798caabbbc90a5e23970312a14cfd1d9ffb23521
c15260e312333f246afb6421f825168bc850caca363e53dce0c2e1f308918b41

HTTP Headers

GET /images/logo.svg HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: image/svg+xml
last-modified: Wed, 22 Jun 2022 05:23:45 GMT
etag: W/"62b2a761-f94"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opSGbQn6EWu7mlnb3KvEsEi7jBrUPImg3oNblx3LAOxKBhd8BJMe4c00xpUKH7MG2Ux%2B2D%2BZ7ZbYaCrvVn2KZe%2BurqHyFb%2Fr8F8Vu%2FCA4xe21o4RvDTcRhCM0Yq0YiSv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d18e3dd40b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.211.3

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.1337xx.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Dec 2023 19:43:02 GMT
expires: Tue, 24 Dec 2024 19:43:02 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 149402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.211.3

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.1337xx.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 23 Dec 2023 00:53:44 GMT
expires: Sun, 22 Dec 2024 00:53:44 GMT
cache-control: public, max-age=31536000
age: 389960
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

forestsfatal.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitjslJEA255BBsxIOB7Gz%2F3J4xSjDmB9GYhCSSc3VV9Wy5NV1NVff0ZLwEA5KDh8lJj71vdrNEYzDgVZRZL7IgZjzIHlz0PxCEICgiMzuw%2BB3q%2B%2FG%2Bw3uvvo%2FXqz3io6K7197TQ6kUXY5bnvvaLZlzXVv3yk3X91reafeWzFei0%2B5g9pj%2B674Xt7yT7kXB1vRy4Pme53u%2Be0EakenB8hyFLB51%2FFbHa0VBy48jDMz%2Fe1s5sNQB7%2B%2BRo5B8emT1hyeQbIK899U5YddKXZw636sULbVBn2%2B9n6%2Flus7ROygz4yDLtxbb0HZKyGeHoPOthQLo%2FsZMAVI5Jc4vPtJ8a0ETaX9zn2mqIHKk%2FHnU%2FQmEmkDSCZi%2BC8mfEoBxXLmKvPfgijY1vb2P0hk6JYef%2FQlZT8nhX48h7z0%2Bq%2BTAvaFVVUqdWwyyBnIwgexOUFTbKIcOZL0NVn4EyX8ky88uI%2B9tXLVKQ%2FLdV6Mg6gjhh0uh38mWoszPltpx4i%2BtZFEkOIujkCZzi6ScQGYTKDECtYdQWQeVdFBlDqrCQY%2FvujTuZJ6XZGkWhu2IMRaGjMXtFR7zMGpnHio20zBCWYzA1AjM3EFh7mBN3n8aH4WpvoNdbWC5A1sS9HmDWhDUlqCmBLUkqEuCut9scmUD2zzgylapv8jBIofNWJfddbqpy67ICagZrRd75KW5f%2F%2F85WJN7LpJLNIkzeKYroRBIALPo4FIsg7zOlkiaAorG0h7CNQ6GMopOf7meRRySo58%2Bi9Sug2rtsHki6DVCdB6nAQe6Oo4ansY5g%2F9MEwGg1apwXWDojyM8razrvbI8TmJd17egmA7ZBFgpkFhGnwgvyfoqnvj67omG9d1bcmTq0Upe3JIZx98o6SlcD5%2FV9yuteGXztnRw7fYDJiVj24KW16mOZd515IvzkrOhbmgDRPkm0v2lkivVXb1bGXyqrh87e0Ll3qFEdZKnU9AZ8f6pQsmp%2BSFUyfmx3vyjb8hzQSmatCrDrhKvQ1W3IEtds78tJhZTWDUwU5aOKirZmyC9GCoJIESBz1NG1ixc%2Bbr4e8XHx%2F7EKnY%2BfaPfWzd3kPXOKDlXeS9Bn3ToK8aUDWCrZ4bl4XZOfNzOA%2BkyhmnyjgbqTLq%2Fr65Vu66sR%2BJdtpOGOepYNxPgrAdel7AeZR0hN9Baafik1d%2B%2Bw8AAP%2F%2FAQAA%2F%2F%2F51FqRlAQAAA%3D%3D

173.233.137.44

200 OK

7 B

URL GET HTTP/1.1
forestsfatal.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitjslJEA255BBsxIOB7Gz%2F3J4xSjDmB9GYhCSSc3VV9Wy5NV1NVff0ZLwEA5KDh8lJj71vdrNEYzDgVZRZL7IgZjzIHlz0PxCEICgiMzuw%2BB3q%2B%2FG%2Bw3uvvo%2FXqz3io6K7197TQ6kUXY5bnvvaLZlzXVv3yk3X91reafeWzFei0%2B5g9pj%2B674Xt7yT7kXB1vRy4Pme53u%2Be0EakenB8hyFLB51%2FFbHa0VBy48jDMz%2Fe1s5sNQB7%2B%2BRo5B8emT1hyeQbIK899U5YddKXZw636sULbVBn2%2B9n6%2Flus7ROygz4yDLtxbb0HZKyGeHoPOthQLo%2FsZMAVI5Jc4vPtJ8a0ETaX9zn2mqIHKk%2FHnU%2FQmEmkDSCZi%2BC8mfEoBxXLmKvPfgijY1vb2P0hk6JYef%2FQlZT8nhX48h7z0%2Bq%2BTAvaFVVUqdWwyyBnIwgexOUFTbKIcOZL0NVn4EyX8ky88uI%2B9tXLVKQ%2FLdV6Mg6gjhh0uh38mWoszPltpx4i%2BtZFEkOIujkCZzi6ScQGYTKDECtYdQWQeVdFBlDqrCQY%2FvujTuZJ6XZGkWhu2IMRaGjMXtFR7zMGpnHio20zBCWYzA1AjM3EFh7mBN3n8aH4WpvoNdbWC5A1sS9HmDWhDUlqCmBLUkqEuCut9scmUD2zzgylapv8jBIofNWJfddbqpy67ICagZrRd75KW5f%2F%2F85WJN7LpJLNIkzeKYroRBIALPo4FIsg7zOlkiaAorG0h7CNQ6GMopOf7meRRySo58%2Bi9Sug2rtsHki6DVCdB6nAQe6Oo4ansY5g%2F9MEwGg1apwXWDojyM8razrvbI8TmJd17egmA7ZBFgpkFhGnwgvyfoqnvj67omG9d1bcmTq0Upe3JIZx98o6SlcD5%2FV9yuteGXztnRw7fYDJiVj24KW16mOZd515IvzkrOhbmgDRPkm0v2lkivVXb1bGXyqrh87e0Ll3qFEdZKnU9AZ8f6pQsmp%2BSFUyfmx3vyjb8hzQSmatCrDrhKvQ1W3IEtds78tJhZTWDUwU5aOKirZmyC9GCoJIESBz1NG1ixc%2Bbr4e8XHx%2F7EKnY%2BfaPfWzd3kPXOKDlXeS9Bn3ToK8aUDWCrZ4bl4XZOfNzOA%2BkyhmnyjgbqTLq%2Fr65Vu66sR%2BJdtpOGOepYNxPgrAdel7AeZR0hN9Baafik1d%2B%2Bw8AAP%2F%2FAQAA%2F%2F%2F51FqRlAQAAA%3D%3D
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerLet's Encrypt
Subjectforestsfatal.com
Fingerprint1E:5B:AC:BA:40:81:9D:56:24:1E:99:1F:C2:47:8C:34:2A:CF:96:19
ValidityMon, 11 Dec 2023 07:45:28 GMT - Sun, 10 Mar 2024 07:45:27 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitjslJEA255BBsxIOB7Gz%2F3J4xSjDmB9GYhCSSc3VV9Wy5NV1NVff0ZLwEA5KDh8lJj71vdrNEYzDgVZRZL7IgZjzIHlz0PxCEICgiMzuw%2BB3q%2B%2FG%2Bw3uvvo%2FXqz3io6K7197TQ6kUXY5bnvvaLZlzXVv3yk3X91reafeWzFei0%2B5g9pj%2B674Xt7yT7kXB1vRy4Pme53u%2Be0EakenB8hyFLB51%2FFbHa0VBy48jDMz%2Fe1s5sNQB7%2B%2BRo5B8emT1hyeQbIK899U5YddKXZw636sULbVBn2%2B9n6%2Flus7ROygz4yDLtxbb0HZKyGeHoPOthQLo%2FsZMAVI5Jc4vPtJ8a0ETaX9zn2mqIHKk%2FHnU%2FQmEmkDSCZi%2BC8mfEoBxXLmKvPfgijY1vb2P0hk6JYef%2FQlZT8nhX48h7z0%2Bq%2BTAvaFVVUqdWwyyBnIwgexOUFTbKIcOZL0NVn4EyX8ky88uI%2B9tXLVKQ%2FLdV6Mg6gjhh0uh38mWoszPltpx4i%2BtZFEkOIujkCZzi6ScQGYTKDECtYdQWQeVdFBlDqrCQY%2FvujTuZJ6XZGkWhu2IMRaGjMXtFR7zMGpnHio20zBCWYzA1AjM3EFh7mBN3n8aH4WpvoNdbWC5A1sS9HmDWhDUlqCmBLUkqEuCut9scmUD2zzgylapv8jBIofNWJfddbqpy67ICagZrRd75KW5f%2F%2F85WJN7LpJLNIkzeKYroRBIALPo4FIsg7zOlkiaAorG0h7CNQ6GMopOf7meRRySo58%2Bi9Sug2rtsHki6DVCdB6nAQe6Oo4ansY5g%2F9MEwGg1apwXWDojyM8razrvbI8TmJd17egmA7ZBFgpkFhGnwgvyfoqnvj67omG9d1bcmTq0Upe3JIZx98o6SlcD5%2FV9yuteGXztnRw7fYDJiVj24KW16mOZd515IvzkrOhbmgDRPkm0v2lkivVXb1bGXyqrh87e0Ll3qFEdZKnU9AZ8f6pQsmp%2BSFUyfmx3vyjb8hzQSmatCrDrhKvQ1W3IEtds78tJhZTWDUwU5aOKirZmyC9GCoJIESBz1NG1ixc%2Bbr4e8XHx%2F7EKnY%2BfaPfWzd3kPXOKDlXeS9Bn3ToK8aUDWCrZ4bl4XZOfNzOA%2BkyhmnyjgbqTLq%2Fr65Vu66sR%2BJdtpOGOepYNxPgrAdel7AeZR0hN9Baafik1d%2B%2Bw8AAP%2F%2FAQAA%2F%2F%2F51FqRlAQAAA%3D%3D HTTP/1.1
Host: forestsfatal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Cookie: u_pl=16578592; uid_id2=4249ee13-319f-4f1f-8571-6f44edc543a7:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec75eb7bf55a6322e200a2e7f9c09f7eab=[4857767]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 27 Dec 2023 13:13:04 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8aa332fa93d97473f8fef44ecd3c573b
Strict-Transport-Security: max-age=0; includeSubdomains

forestsfatal.com/pixel/sbls?bv=23.51.2179&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fos-box%2Fsmall%2Fcss%2Fanimate.css&l=79249&fd=112

192.243.61.225

200 OK

0 B

URL GET HTTP/1.1
forestsfatal.com/pixel/sbls?bv=23.51.2179&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fos-box%2Fsmall%2Fcss%2Fanimate.css&l=79249&fd=112
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerLet's Encrypt
Subjectforestsfatal.com
Fingerprint1E:5B:AC:BA:40:81:9D:56:24:1E:99:1F:C2:47:8C:34:2A:CF:96:19
ValidityMon, 11 Dec 2023 07:45:28 GMT - Sun, 10 Mar 2024 07:45:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=23.51.2179&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fos-box%2Fsmall%2Fcss%2Fanimate.css&l=79249&fd=112 HTTP/1.1
Host: forestsfatal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Cookie: u_pl=16578592; uid_id2=4249ee13-319f-4f1f-8571-6f44edc543a7:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec75eb7bf55a6322e200a2e7f9c09f7eab=[4857767]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 27 Dec 2023 13:13:04 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

forestsfatal.com/pixel/sbs?c=1

173.233.137.44

200 OK

0 B

URL GET HTTP/1.1
forestsfatal.com/pixel/sbs?c=1
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerLet's Encrypt
Subjectforestsfatal.com
Fingerprint1E:5B:AC:BA:40:81:9D:56:24:1E:99:1F:C2:47:8C:34:2A:CF:96:19
ValidityMon, 11 Dec 2023 07:45:28 GMT - Sun, 10 Mar 2024 07:45:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: forestsfatal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Cookie: u_pl=16578592; uid_id2=4249ee13-319f-4f1f-8571-6f44edc543a7:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec75eb7bf55a6322e200a2e7f9c09f7eab=[4857767]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 27 Dec 2023 13:13:05 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

www.1337xx.to/static/css/torrent.css

188.114.96.1

200 OK

2.5 kB

URL GET HTTP/3
www.1337xx.to/static/css/torrent.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
ASCII text, with very long lines (2665), with no line terminators
Size
2.5 kB (2476 bytes)
Hash
57123b93bf2966605efa018f2ea675cd
f71a3f02ae6c6b2a756b5e3aa5da350e7549595f
73df6f77191d3da5e00460867c13489e701075ebd93b8927c5dc4e680ca3e03d

HTTP Headers

GET /static/css/torrent.css HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: text/css
last-modified: Wed, 22 Jun 2022 05:26:38 GMT
vary: Accept-Encoding
etag: W/"62b2a80e-9ac"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8j%2B%2FXbaFikhwqQfQXFwQbHF6uG6LPx9PFcm0ZziiirFbPnPLZv0AsYzB8mSCR5DF5w9haHvHgkz1eevCHvHNJ2OXr5ANYDFVmIW1CVrzjL8DN9Kgb0hyPQvrV0vYuqO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d18e2dc90b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

friendshipmale.com/sfp.js

104.21.234.33

200 OK

86 kB

URL GET HTTP/2
friendshipmale.com/sfp.js
IP
104.21.234.33:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85468 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 27 Dec 2023 13:13:03 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: a6b9378b90c19e58338fcc1e8f64177a
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 27 Dec 2023 13:13:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwnP5nXHFMTL4ynlep8E57%2FCiVvffa7XRBkBKftlVYGlEQeGTQOUgOwjPkGpIhGrbtVGb467BkJD4xE2S5dgeC5SV5GqllP4xz5aVh2RJ1n2cjjdiYGCvD8cu1if7rAVk6vSUXs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83c1d193c9bd5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

forestsfatal.com/pixel/sbls?bv=23.51.2179&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fos-box%2Fsmall%2Fjs%2Fscript.js&l=775&fd=33

173.233.137.44

200 OK

0 B

URL GET HTTP/1.1
forestsfatal.com/pixel/sbls?bv=23.51.2179&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fos-box%2Fsmall%2Fjs%2Fscript.js&l=775&fd=33
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerLet's Encrypt
Subjectforestsfatal.com
Fingerprint1E:5B:AC:BA:40:81:9D:56:24:1E:99:1F:C2:47:8C:34:2A:CF:96:19
ValidityMon, 11 Dec 2023 07:45:28 GMT - Sun, 10 Mar 2024 07:45:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=23.51.2179&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fos-box%2Fsmall%2Fjs%2Fscript.js&l=775&fd=33 HTTP/1.1
Host: forestsfatal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Cookie: u_pl=16578592; uid_id2=4249ee13-319f-4f1f-8571-6f44edc543a7:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec75eb7bf55a6322e200a2e7f9c09f7eab=[4857767]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 27 Dec 2023 13:13:04 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

www.1337xx.to/css/images/black-gradient-bg.jpg

188.114.96.1

200 OK

1.2 kB

URL GET HTTP/3
www.1337xx.to/css/images/black-gradient-bg.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 10x163, components 3
Size
1.2 kB (1180 bytes)
Hash
cb17ba9d17b5dc975e48c45b4e257d65
1708d0bf5fd0bf4c5f4ca9f3ec54b9e56c2e8b1f
320b0fb44f87a3c51be6bbf2ea264f231667131016616d32918d31b31bb45a6f

HTTP Headers

GET /css/images/black-gradient-bg.jpg HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: image/jpg; charset=utf-8
content-length: 1180
x-powered-by: PHP/5.6.36
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fREF8rrmhxUF3v4tMU7HfspPQjKY6lQ76rqjGRcCjcbvwOOcsNnBbz2qpT%2FRnqdGPfwzEHkyHk%2BbjAThmr7UxybY9u%2FCUtu4smF2Siw3aNF6k%2F72Rnt75uhF7gsMqcGF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d1900f1c0b3d-OSL
alt-svc: h3=":443"; ma=86400

www.1337xx.to/static/js/jquery-ui.js

188.114.96.1

200 OK

307 kB

URL GET HTTP/3
www.1337xx.to/static/js/jquery-ui.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
ASCII text, with very long lines (4492)
Size
307 kB (307192 bytes)
Hash
7ddac2a3d1e7091bd51f23f0250a7fea
5537fb7969f7a8349e0292ce9710df8daae5ad3c
ebdadbb78c8a4e8433168bcdb49b87d0cb4809bbca7aaf29fbe36a9c77be5e35

HTTP Headers

GET /static/js/jquery-ui.js HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 05:27:28 GMT
vary: Accept-Encoding
etag: W/"62b2a840-4aff8"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTdlovkDwbBT9%2Fr%2BIBX2EezV3%2Bw%2BTETsNHJ7Rkky4culYNPUTLIV5yYSS6a6t9BEN760ZoItXTWdfMZtHm2%2FamZmQ7bX8Ltzdykonp0M3NC94DodyIC5qafdHYiNZbsz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d18e3dd70b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.1337xx.to/css/webfonts/opensans-bold.woff

188.114.96.1

200 OK

22 kB

URL GET HTTP/3
www.1337xx.to/css/webfonts/opensans-bold.woff
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
Web Open Font Format, TrueType, length 22432, version 1.0
Size
22 kB (22432 bytes)
Hash
2e90d5152ce92858b62ba053c7b9d2cb
8cf65f42a2a8c349ccd6ab63b6cbd17c96fd665c
a0357cb694b5284870c77c0dbcaf33f238004800419288afde313317b0dbd0b7

HTTP Headers

GET /css/webfonts/opensans-bold.woff HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: application/font-woff
content-length: 22432
last-modified: Wed, 22 Jun 2022 05:25:42 GMT
etag: "62b2a7d6-57a0"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmJe5d%2BuJiHNNfKLCG%2F2FdsMlhmtD9Mp3sHcxrfFOpQLmP4eTPCcebAdjS2KzWQlXqSpn8nNC%2F57FxUsE4wMtMOwVW%2FUkDGZG340EWh53ioQl6JNW4EUtveBowlVzZju"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d1901f310b3d-OSL
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/ssp/vpn/os-box/small/js/script.js

172.64.109.10

200 OK

775 B

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/vpn/os-box/small/js/script.js
IP
172.64.109.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint49:C8:A4:CE:31:56:FC:06:71:93:06:7A:69:DD:ED:B2:EF:C9:41:97
ValidityTue, 19 Dec 2023 15:02:46 GMT - Mon, 18 Mar 2024 15:02:45 GMT

File type
ASCII text, with very long lines (814), with no line terminators
Size
775 B (775 bytes)
Hash
02e0b12913f440b4ab59250f58b75806
20246fdd851e1a051748890c3b8ac80e5e9e1bd5
ebab9bf7235857b1d7680aa23aa5590587f5a05552a6c8d760a06a017131e516

HTTP Headers

GET /sb/ssp/vpn/os-box/small/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 27 Dec 2023 13:13:04 GMT
content-type: application/javascript
last-modified: Tue, 21 Sep 2021 12:06:14 GMT
etag: W/"6149cab6-307"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 309819
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=idXMKPEKtYj%2B9JMw5GujxiUwdQYzmBVKn28U3a7LXsvd0tiHA4ia4VrH5JnwVRGYdveMok3EWHSrsYJby4yVH9bs1TDp9ZygFw1eO97WN%2FW3fgISaAhsC%2F7C%2FfqLjO5AFiY4fIO%2BZ85E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83c1d19bfa5879c9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.1337xx.to/static/css/jquery-ui.css?v=1.3

188.114.96.1

200 OK

29 kB

URL GET HTTP/3
www.1337xx.to/static/css/jquery-ui.css?v=1.3
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
ASCII text, with very long lines (27411), with CRLF line terminators
Size
29 kB (29134 bytes)
Hash
316041ab3b238141b76d82ae38c16f1a
e7b8969e26035b7331d9e3bbad44413dc6772c3f
2703365754030d176a91731daf96d79d7125e0c939a7b6cc704181ab2f7166c4

HTTP Headers

GET /static/css/jquery-ui.css?v=1.3 HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: text/css
last-modified: Wed, 22 Jun 2022 05:26:31 GMT
vary: Accept-Encoding
etag: W/"62b2a807-71ce"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Ji3Ch3rLPPybPE8ufVvgjhhAaGiqPmjj7s8%2F9L92q9i82NDChw49gUNwLN7JkCqzmy1Ab22N%2Fx936t77z3iRDgD00j8rWboDskEQDZXhwl9%2BQsM%2BItBO5relPz2Mcu3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d18e1db50b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.1337xx.to/static/js/modal.js

188.114.96.1

200 OK

10 kB

URL GET HTTP/3
www.1337xx.to/static/js/modal.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
ASCII text, with CRLF line terminators
Size
10 kB (10327 bytes)
Hash
8289720aa01982ad7b48c62b7f96dd93
7c5370aa27127c0cafb643b671dd2c9a906a8b8e
a2589ffb2fd098b789870f1b48c8d83614c29df22739921ee3347d741b57dd4a

HTTP Headers

GET /static/js/modal.js HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 05:27:30 GMT
vary: Accept-Encoding
etag: W/"62b2a842-2857"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0M0rYFD2yDMNbs%2BKdzNdnFsYvlSgZNgglQC2owKgtgP2FBrx1ZvZojsWG0KR%2BkKILTnBph6YX%2BZaVDWXbMXB9D5SGWZ6b%2Fb%2FK3QGNHGzoh0Q7KI%2Fvw92%2FJaxfeSlPq6H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d18e5df40b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/ssp/vpn/os-box/small/css/animate.css

172.64.109.10

200 OK

79 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/vpn/os-box/small/css/animate.css
IP
172.64.109.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint49:C8:A4:CE:31:56:FC:06:71:93:06:7A:69:DD:ED:B2:EF:C9:41:97
ValidityTue, 19 Dec 2023 15:02:46 GMT - Mon, 18 Mar 2024 15:02:45 GMT

File type
ASCII text
Size
79 kB (79249 bytes)
Hash
e1d8acd5ee9d1a90ea09313cbd8f2b02
8a8327b115d1356715e63270d1ce6d46124c7b1a
3028c87fc798ac3741f02079034e6c23462afc0c5e6c8d321188ce3716c8472a

HTTP Headers

GET /sb/ssp/vpn/os-box/small/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 27 Dec 2023 13:13:04 GMT
content-type: text/css
last-modified: Tue, 21 Sep 2021 12:06:11 GMT
etag: W/"6149cab3-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 309820
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHQVB8t7o007kN3ebbawzGPHH%2FQjscvma01AInlwMeq8fyV2ANyNqYsZenaPHi%2BTwbm4YaW7bRW%2FNZv2j9nP5Y6DbO6HOWEJgeeiDAx%2F391vIdTHlCeh7acgiFoFRuUZoGLo597ZwriG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83c1d19ad8ca79c9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/80/94/40/80944027e39b657a79c0469e87cff87c/1703505104.png

45.133.44.10

200 OK

104 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/80/94/40/80944027e39b657a79c0469e87cff87c/1703505104.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
PNG image data, 320 x 180, 8-bit/color RGBA, non-interlaced
Size
104 kB (104006 bytes)
Hash
3992c117a9ca556ede29133cc2405003
2ae311b6ddebf9e598eb725437a16f136db49f6e
59acf3864548151167250d2ea201d55bc70746ed4a3afa2652f5f51b32c6f603

HTTP Headers

GET /si/80/94/40/80944027e39b657a79c0469e87cff87c/1703505104.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 27 Dec 2023 13:13:04 GMT
content-type: image/png
content-length: 104006
server: nginx/1.21.6
last-modified: Mon, 25 Dec 2023 11:51:52 GMT
etag: "65896cd8-19646"
expires: Fri, 29 Dec 2023 13:13:04 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.1337xx.to/static/js/tab.js

188.114.96.1

200 OK

1.8 kB

URL GET HTTP/3
www.1337xx.to/static/js/tab.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
ASCII text, with very long lines (1905), with no line terminators
Size
1.8 kB (1820 bytes)
Hash
9ee5ac6b22a1e59309dbd8794b24faae
c19677da78198a60d01929021c86e96e54d0de30
cfdac7baf19cf6c80ec5852659d523a9f893f726b2353c71378ba67e1fd51fe5

HTTP Headers

GET /static/js/tab.js HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 05:27:34 GMT
vary: Accept-Encoding
etag: W/"62b2a846-71c"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzaqYW0g5SsDPOPk%2BoQfbNTYXOlVJl2jQ69nZt4sIAWIbM8y16VttN16DvajAaze3%2B0fOGLDIZIWoB%2BfazfiFrh5MC5khdUtKxyBBMUBjZLOJGAVIZ0nF9Qg6qkNQnIK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d18e4deb0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2

188.114.96.1

200 OK

128 kB

URL GET HTTP/3
www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
128 kB (127773 bytes)
Hash
87e7470ed575fe2c31903e92fc0051a9
e46f7be29ccedf3cfe9803ad266c3a434e456b94
c5a77784312d1bddfc0c82e54d49291a16d73a45e2e8589ec27dba3d8201a85e

HTTP Headers

GET /css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2 HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.36
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4G0EZMZB8BcGRA0o76CO8n1kg4k3Ah1qc5DPpOyZSgD6Bsg98c099RcOK1YYm9%2B1WIyOUCQdXifAqcRGokeBAT5i%2BYO2vxbGQUjqScbg%2B0zc4mBSul1QEoVHKiZwBh0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d18e1dc20b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.1337xx.to/static/fonts/Flaticon.woff

188.114.96.1

200 OK

27 kB

URL GET HTTP/3
www.1337xx.to/static/fonts/Flaticon.woff
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
Web Open Font Format, TrueType, length 27404, version 0.0
Size
27 kB (27404 bytes)
Hash
1dbab8d47aa2e11c55216ab3286d6f69
c7a7f3ddf37063ac02273eb4fe7ebc98e9cf97bf
ef35a8d776774a5fba83f188738af52b85e278c4bf7c5695700161febdc36b05

HTTP Headers

GET /static/fonts/Flaticon.woff HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/static/css/icons.css?v=1.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: application/font-woff
content-length: 27404
last-modified: Wed, 22 Jun 2022 05:26:45 GMT
etag: "62b2a815-6b0c"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSgFvrs4NF8ySopuvhYY7PwLKFXFNcIURk32YdtKEqXc19anEQgDJYHfODaz9vtasXFwEnFy%2F3j333thUJKrTm3PhLp46UyU9QctX9oyVPk7yRbvFQqOGLSlUA0lK%2BeF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d1900f220b3d-OSL
alt-svc: h3=":443"; ma=86400

www.1337xx.to/favicon.ico

188.114.96.1

200 OK

1.2 kB

URL GET HTTP/3
www.1337xx.to/favicon.ico
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
769362362d52b0cfc3271ecb6dec43fb
9df2439bce4e08d28c14c37cd2f74fc678465b23
7d524db2f0ca2d20b89f7f197110cb9a5bbaea45b19939dc6e30dc366d20eb61

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=5502afdf-f04c-45e5-ae3e-3e8c2ebb3fb6%3A3%3A1; pp_main_bd6c3375a35d155e03aef20bbbe563ea=1; sb_page_75eb7bf55a6322e200a2e7f9c09f7eab=1; sb_onpage_75eb7bf55a6322e200a2e7f9c09f7eab=1; sb_main_75eb7bf55a6322e200a2e7f9c09f7eab=1; sb_count_75eb7bf55a6322e200a2e7f9c09f7eab=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:04 GMT
content-type: image/x-icon
last-modified: Wed, 22 Jun 2022 05:22:57 GMT
etag: W/"62b2a731-47e"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQN0IzGd7nCcYZycMElcsP%2BhEvCcfB%2FqHOlN%2BgfRCihxrlg%2BMmB3U6%2Fa6ujPHzlSl4PDjqA18f3U5smObaPJ4Lg2gfTm0E0gGDljCC2rtGveR2LjvI4LnyuYEjndxdPd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d197dc970b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.1337xx.to/static/css/fancySelect.css?v=1.3

188.114.96.1

200 OK

4.3 kB

URL GET HTTP/3
www.1337xx.to/static/css/fancySelect.css?v=1.3
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
ASCII text, with very long lines (4632), with no line terminators
Size
4.3 kB (4250 bytes)
Hash
53c1791dc3336e0a63ef55543784dfd9
99402c02f48ff465f35ec9cf44115f00f6832f4f
517e93e8e1c37a3a770c086f53b333d037af5098a8e0c08ebb5978e45827d067

HTTP Headers

GET /static/css/fancySelect.css?v=1.3 HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.36
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJ%2B9jaZeuAfg%2FE0ZhWQRhM3fFAdVk05AGaocBZ3LRM4xmQ2LTQbvnB%2BYQ7nQkBGsOBccxZGjBR0pYlpb1ZjKVW06LRVkjvFhSbuQMSVlCVV%2BkTWe7cq5OZikA7OSKcc2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d18e1dbf0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

forestsfatal.com/pixel/sbls?bv=23.51.2179&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fef%2F6d%2F9c%2Fef6d9ce2996acaba379ea30acdea20ae%2F1632400430.html&l=1218&fd=134

173.233.137.44

200 OK

0 B

URL GET HTTP/1.1
forestsfatal.com/pixel/sbls?bv=23.51.2179&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fef%2F6d%2F9c%2Fef6d9ce2996acaba379ea30acdea20ae%2F1632400430.html&l=1218&fd=134
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerLet's Encrypt
Subjectforestsfatal.com
Fingerprint1E:5B:AC:BA:40:81:9D:56:24:1E:99:1F:C2:47:8C:34:2A:CF:96:19
ValidityMon, 11 Dec 2023 07:45:28 GMT - Sun, 10 Mar 2024 07:45:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=23.51.2179&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fef%2F6d%2F9c%2Fef6d9ce2996acaba379ea30acdea20ae%2F1632400430.html&l=1218&fd=134 HTTP/1.1
Host: forestsfatal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Cookie: u_pl=16578592; uid_id2=4249ee13-319f-4f1f-8571-6f44edc543a7:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec75eb7bf55a6322e200a2e7f9c09f7eab=[4857767]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 27 Dec 2023 13:13:04 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

200 OK

6.8 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT

File type
ASCII text, with very long lines (7013), with no line terminators
Size
6.8 kB (6824 bytes)
Hash
49475c425d6c00477bb339179326c49b
bd97deeb753f44f43a21feafa92d98239fa511bd
598841a98ad357d2896d2f093ea3e4e1d44e24b3351268ffd45e61ff8c1d0e09

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 27 Dec 2023 13:13:04 GMT
date: Wed, 27 Dec 2023 13:13:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/vpn/os-box/small/js/jquery.min.js

172.64.109.10

200 OK

84 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/vpn/os-box/small/js/jquery.min.js
IP
172.64.109.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint49:C8:A4:CE:31:56:FC:06:71:93:06:7A:69:DD:ED:B2:EF:C9:41:97
ValidityTue, 19 Dec 2023 15:02:46 GMT - Mon, 18 Mar 2024 15:02:45 GMT

File type
ASCII text, with very long lines (32025)
Size
84 kB (84380 bytes)
Hash
4a356126b9573eb7bd1e9a7494737410
8258d046f17dd3c15a5d3984e1868b7b5d1db329
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

HTTP Headers

GET /sb/ssp/vpn/os-box/small/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 27 Dec 2023 13:13:04 GMT
content-type: application/javascript
last-modified: Tue, 21 Sep 2021 12:06:14 GMT
etag: W/"6149cab6-1499c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4084796
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wGaKBHh%2B0KeRY6q3bC80RUdMDfjoPgE01mGJ8KPyEjfVSkGbeR9tGtDDixdMt5qWA8b031UwgLCVZHj2eit1EoTw%2BppLuzwfuA7X6jyGA8gQsIyYLSECIhvnEagHn83TxNFONHS2m%2BBO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83c1d19b697179c9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.1337xx.to/static/css/modal.css

188.114.96.1

200 OK

4.2 kB

URL GET HTTP/3
www.1337xx.to/static/css/modal.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
ASCII text, with very long lines (4614), with no line terminators
Size
4.2 kB (4158 bytes)
Hash
40915d0f2491d6b2209d7dc681566a7d
56917d83d1a767ed2124256e369220ec63161653
af70640187e0a061c8dbcc448833492f42e400326d8e7788158710e3cf8f70ab

HTTP Headers

GET /static/css/modal.css HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: text/css
last-modified: Wed, 22 Jun 2022 05:26:32 GMT
vary: Accept-Encoding
etag: W/"62b2a808-103e"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2Wo7CGoq85R0E%2BjP9HeVIlhf7fsiIOkhyYxwvpVQPrcuOzSD7xY8wFK3skp7AswYbHHY3NdjovptZR7IpUaZc0fIQpQcF%2B3VoOrl3DtHD%2BoyGrky9ELFSvcMXxYaFRX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d18e2dc70b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.1337xx.to/static/js/scrollbar.js

188.114.96.1

200 OK

40 kB

URL GET HTTP/3
www.1337xx.to/static/js/scrollbar.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
ASCII text, with very long lines (2564)
Size
40 kB (40221 bytes)
Hash
a9dbd5c265a5fbb9c24df23438b5492d
f05001780b0223d840b7ec19221ac21bd659fa58
027643f8d1ed4fad0eb9f35c0a4909e60385a799f45091cf9ba6a3aa8877197b

HTTP Headers

GET /static/js/scrollbar.js HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 05:27:34 GMT
vary: Accept-Encoding
etag: W/"62b2a846-9d1d"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHf0ZNoeFrdER5HGFAxTAgUq6csFE%2F90ckwyL8wZgXw28veJHril5GgHof1a35lVwiVjXBXYns15zxs5mO%2FtxPrrzcnYiCICbiNdYiZ1%2FOB8rnA4OkjqyNXNY2Qh8VZe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d18e4de80b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.1337xx.to/css/webfonts/oswald-light.woff

188.114.96.1

200 OK

23 kB

URL GET HTTP/3
www.1337xx.to/css/webfonts/oswald-light.woff
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
Web Open Font Format, TrueType, length 22568, version 1.0
Size
23 kB (22568 bytes)
Hash
a4d5b8f448ec86ddb2e57a2912a3fcd6
579df89a925a4e5e46d63fe5ad84492a810ed3be
dc1e478c0ada70ebba3817df17ad49d0b288351d777cf6582dba4a5390be73e3

HTTP Headers

GET /css/webfonts/oswald-light.woff HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: application/font-woff
content-length: 22568
last-modified: Wed, 22 Jun 2022 05:25:46 GMT
etag: "62b2a7da-5828"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eFbNtw%2BpiEd9Ox7LccAhxTA0DmLYOf9z15FBOJL1lawXlsjfoRtFOgILXLesDS94IQXedG36a%2BDSqU76uQ7L1by07Xb%2BTsfKNo1sHPRXNh5LkhzDQRjKzxXruuTV0AHa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d190cfa90b3d-OSL
alt-svc: h3=":443"; ma=86400

www.1337xx.to/css/images/main-bg.png

188.114.96.1

200 OK

130 kB

URL GET HTTP/3
www.1337xx.to/css/images/main-bg.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
PNG image data, 935 x 788, 8-bit/color RGBA, non-interlaced
Size
130 kB (129988 bytes)
Hash
8fc059a7e1758ad0c0e17be4b0575b93
df3d910563829c3b2e6fb0767038f75af4d4fcbd
6be2d61547095ffeb30a1fd03fd7d6aba9009edc719144812c5610bd2e27fb97

HTTP Headers

GET /css/images/main-bg.png HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: image/png; charset=utf-8
x-powered-by: PHP/5.6.36
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0N5xuChRfrbsWJ9PusamJgKcRtnzmmMUdC6NssCJTtZl%2BwtCWL80vhSDow6pmHYYPOyWq7IF%2B1gOv53y%2FVHsCaZFZsf9ohVmpERPf%2Bn%2FMUfgO1RH07bLRPRjxMPJxu81"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d18f7ebc0b3d-OSL
alt-svc: h3=":443"; ma=86400

www.1337xx.to/css/webfonts/oswald-bold.woff

188.114.96.1

200 OK

22 kB

URL GET HTTP/3
www.1337xx.to/css/webfonts/oswald-bold.woff
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
Web Open Font Format, TrueType, length 22548, version 1.0
Size
22 kB (22548 bytes)
Hash
5737d9a70b478e869c68cd1dc1b67cbc
f8095e94a0765bf23b164e9c06cf5112b3d50f3c
a9ef49b82729c7b1961f04aa67ea4a305cf7d0e8391981a8164997001c5918e9

HTTP Headers

GET /css/webfonts/oswald-bold.woff HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: application/font-woff
content-length: 22548
last-modified: Wed, 22 Jun 2022 05:25:45 GMT
etag: "62b2a7d9-5814"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSNXpTWx2UPX7eroDkoVLUpAkGC845B7U%2Boh61bY4Yuls8aaapG12XDysCYYCrethKfFBc4x%2B4v0jz0d59pJEnmY9hsWg4%2F81loMljpqk3TAVmdwtTlA8kKZYq5HxIcc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d1901f250b3d-OSL
alt-svc: h3=":443"; ma=86400

forestsfatal.com/pixel/sbls?bv=23.51.2179&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fos-box%2Fsmall%2Fcss%2Fstyle.css&l=3672&fd=111

173.233.137.44

200 OK

0 B

URL GET HTTP/1.1
forestsfatal.com/pixel/sbls?bv=23.51.2179&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fos-box%2Fsmall%2Fcss%2Fstyle.css&l=3672&fd=111
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerLet's Encrypt
Subjectforestsfatal.com
Fingerprint1E:5B:AC:BA:40:81:9D:56:24:1E:99:1F:C2:47:8C:34:2A:CF:96:19
ValidityMon, 11 Dec 2023 07:45:28 GMT - Sun, 10 Mar 2024 07:45:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=23.51.2179&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fos-box%2Fsmall%2Fcss%2Fstyle.css&l=3672&fd=111 HTTP/1.1
Host: forestsfatal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Cookie: u_pl=16578592; uid_id2=4249ee13-319f-4f1f-8571-6f44edc543a7:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec75eb7bf55a6322e200a2e7f9c09f7eab=[4857767]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 27 Dec 2023 13:13:04 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

www.1337xx.to/static/css/icons.css?v=1.3

188.114.96.1

200 OK

8.3 kB

URL GET HTTP/3
www.1337xx.to/static/css/icons.css?v=1.3
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
ASCII text, with very long lines (8886), with no line terminators
Size
8.3 kB (8333 bytes)
Hash
03a7d25cbaa604c87875716deeb2da04
c47032142d8a0d788df4b96cdeb522add38e3c66
59996ec83d1cd237295189dd8f91492e20f689f61ed374fdf95859f9c740937f

HTTP Headers

GET /static/css/icons.css?v=1.3 HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: text/css
last-modified: Wed, 22 Jun 2022 05:26:31 GMT
vary: Accept-Encoding
etag: W/"62b2a807-208d"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EVI0lZpV23yuedVPh2l5o%2F%2BwR703406sccsmslLN1zWQQp3AibUmGheqqe6gQHww9eYLL74%2F1tkaiL8il2bDR%2FHIzgsoNWxMTH5miBbchdMXpsp%2BGMBME3rKH39Zw9UH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d18e1db90b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.1337xx.to/static/js/pagination.js

188.114.96.1

200 OK

3.0 kB

URL GET HTTP/3
www.1337xx.to/static/js/pagination.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
Fingerprint4F:9E:B8:6F:68:17:FF:77:F9:A1:6D:C3:6D:FE:84:40:78:43:30:C3
ValidityMon, 13 Nov 2023 02:45:03 GMT - Sun, 11 Feb 2024 02:45:02 GMT

File type
ASCII text, with very long lines (3079), with no line terminators
Size
3.0 kB (3020 bytes)
Hash
944d2b6146c4fb28fe31a23a35e64f06
c42d9b8961e312a6b129439b6c451de2d5210659
378d0a91ccab057c7b92d0ae0a9cc5764be1d55b376e85f357c1845636db0f38

HTTP Headers

GET /static/js/pagination.js HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 27 Dec 2023 13:13:02 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 05:27:31 GMT
vary: Accept-Encoding
etag: W/"62b2a843-bcc"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DjypYQu0TPkhv%2B5veu7MCY1rYoVgQ7axJchziUwOtWYl36XrGgsZKbvwS%2FIsRfeKYiA6CrOLWzsPhkV%2B9z5WOPtE2BdVvp64e6Nweers4GQqbIH0Nw%2BQnRzkrXZ2vBzK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83c1d18e4ded0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

friendshipmale.com/sfp.js

104.21.234.33

200 OK

86 kB

URL GET HTTP/2
friendshipmale.com/sfp.js
IP
104.21.234.33:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85468 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 27 Dec 2023 13:13:03 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 2541273011116f06f248f8560b934f48
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 27 Dec 2023 13:13:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u82UAxn7ddYqfB0n25Dm806JIHLbt1ajHXLBeyIC3W3IqotBYV0yE1Apr0KoQ8px5Q5gNSVFhQhd6%2FFfM9tyuOA%2FokvHnTYrUbyxgcUB3amtaCuKAKTr10Ui2MUOhBLQH1bz1PE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83c1d193d9bf5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/vpn/os-box/small/css/style.css

172.64.109.10

200 OK

3.7 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/vpn/os-box/small/css/style.css
IP
172.64.109.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/torrent/5353128/Wondershare-Filmora-11-4-7-358-x64-Multilingual-FileCR/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint49:C8:A4:CE:31:56:FC:06:71:93:06:7A:69:DD:ED:B2:EF:C9:41:97
ValidityTue, 19 Dec 2023 15:02:46 GMT - Mon, 18 Mar 2024 15:02:45 GMT

File type
ASCII text, with very long lines (3887), with no line terminators
Size
3.7 kB (3672 bytes)
Hash
36ebbb6bc9811179b02cd3b3e0422996
283a220fc12827388721d949d14f473d92daa396
59931a589d8f6dd2282411347370bf625dbc8358ca1e97ef009ae499df31ad36

HTTP Headers

GET /sb/ssp/vpn/os-box/small/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 27 Dec 2023 13:13:04 GMT
content-type: text/css
last-modified: Mon, 24 Jan 2022 10:19:55 GMT
etag: W/"61ee7d4b-e58"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 646624
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j89ZoAcrvm2%2FzHo%2FR2v6ZtmeJJNFmk1cS0%2BIfDXAM6DQVfktivCrrOi99GQ1u8%2FkuAtJhmq71qVmYTGfj8wHPcFAmR%2FlYG6Xp%2Bb%2BBCskbTaoZtlolHKT%2FbNOFQoDPHcN9G5QaM67fgPZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83c1d19ad8c379c9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by