Report - 1337xx.to/

Report Overview

Visited public
2024-07-06 15:52:24
Tags
Submit Tags
URL
1337xx.to/
Finishing URL
www.1337xx.to/
IP / ASN
172.67.131.213
#13335 CLOUDFLARENET
Title
(1) New Message!

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27 13:27:45	2024-07-05 20:43:29	412 B	375 B	172.240.253.132
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12 17:15:41	2024-07-05 19:31:37	896 B	104 kB	45.133.44.10
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-07-05 18:16:37	1.0 kB	33 kB	216.58.207.227
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-07-05 18:12:12	2.0 kB	5.3 kB	23.36.76.249
prizegrantedrevision.com	unknown	2024-06-03	2024-06-12 23:14:20	2024-06-17 13:22:46	884 B	102 kB	192.243.61.227
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2024-07-05 19:35:35	854 B	840 B	3.124.140.205
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-07-05 18:12:23	654 B	1.8 kB	23.36.76.225
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2024-07-05 18:16:34	676 B	1.9 kB	143.204.53.97
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15 17:46:22	2024-07-05 19:31:40	1.9 kB	57 kB	104.21.70.253
cdn.barscreative1.com	25648	2021-09-08	2021-09-16 13:14:42	2024-07-05 08:34:03	484 B	875 B	45.133.44.3
www.1337xx.to	375725	unknown	2020-02-24 09:05:17	2024-04-17 20:08:44	8.8 kB	597 kB	104.21.11.234
1337xx.to	174738	unknown	2018-12-23 21:28:09	2024-04-18 02:38:34	464 B	31 kB	104.21.11.234
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-07-05 18:19:31	1.3 kB	2.8 kB	142.250.74.67
criticizewiggle.com	unknown	2024-04-29	2024-04-30 07:16:08	2024-07-01 21:25:34	485 B	469 B	192.243.61.227
poundswarden.com	unknown	2024-06-29	2024-07-04 10:24:14	2024-07-05 21:07:34	7.9 kB	13 kB	172.240.127.234
unseenreport.com	unknown	2022-03-30	2022-03-30 16:33:17	2024-07-05 19:08:51	1.5 kB	942 B	192.243.59.20
recordedthereby.com	unknown	2024-05-08	2024-05-14 07:24:53	2024-07-05 20:43:29	800 B	173 kB	188.114.96.1
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-07-05 18:24:36	418 B	7.6 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-07-06	medium	unseenreport.com	Sinkholed
2024-07-06	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (12)

	URL	From	Size	First Seen	Last Seen
	www.1337xx.to/	ScriptElement	0 B	0001-01-01	2025-07-05
Pretty URL www.1337xx.to/ IP 104.21.11.234 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-05 04:51 Times Seen5283866 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2024-05-17	2025-01-21
Pretty URL recordedthereby.com/sfp.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-17 16:43 Last Seen2025-01-21 11:22 Times Seen13574 Hash 7e3e44049654b6e244c1777e68ffb8e7 8f2a8298666d607afd92a0baa362ef4dc9ccd039 4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b Loading...

	www.1337xx.to/static/js/jquery-1.11.0.min.js	ScriptElement	96 kB	2023-03-07	2025-07-03
Pretty URL www.1337xx.to/static/js/jquery-1.11.0.min.js IP 104.21.11.234 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-07-03 23:25 Times Seen951 Hash eaec1712551cd2792f4607f39fab12e7 2439711705752fac5dd1a6a8d6b1be63ffcbc76d 746e54e89161118a67bd59103c4ab55e3060735cc85c1d047c2cf04d4b12043d Loading...

	www.1337xx.to/static/js/jquery-ui.js	ScriptElement	307 kB	2023-03-07	2025-06-29
Pretty URL www.1337xx.to/static/js/jquery-ui.js IP 104.21.11.234 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-06-29 08:43 Times Seen255 Hash 7ddac2a3d1e7091bd51f23f0250a7fea 5537fb7969f7a8349e0292ce9710df8daae5ad3c ebdadbb78c8a4e8433168bcdb49b87d0cb4809bbca7aaf29fbe36a9c77be5e35 Loading...

	www.1337xx.to/static/js/auto-searchv2.js	ScriptElement	716 B	2023-03-07	2025-06-29
Pretty URL www.1337xx.to/static/js/auto-searchv2.js IP 104.21.11.234 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-06-29 08:43 Times Seen256 Hash a4b57f03005db04060dfef0775e3d90b c4744701caefc235077f3843e1223117749cd0d9 453701e481d63aa42e7a0a6b2300d65a3c592073ae8f1f0158f6ef46400d4770 Loading...

	www.1337xx.to/	ScriptElement	0 B	0001-01-01	2025-07-05
Pretty URL www.1337xx.to/ IP 104.21.11.234 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-05 04:51 Times Seen5283866 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	capaciousdrewreligion.com/advertisers.js	ScriptElement	0 B	0001-01-01	2025-07-05
Pretty URL capaciousdrewreligion.com/advertisers.js IP 172.240.253.132 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-07-05 04:51 Times Seen5283866 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	ScriptElement	601 B	2023-03-07	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:20 Last Seen2024-08-20 15:05 Times Seen15 Hash f0bb306c676ad7bbe6ad07e14649e943 eac69f15cbe35dc4ff71a5abc41183406b4912ea 7e62d141ba5363e3645f25777195b3da716c5c7c526c36894b95c78159ec1398 Loading...

	www.1337xx.to/	ScriptElement	0 B	0001-01-01	2025-07-05
Pretty URL www.1337xx.to/ IP 104.21.11.234 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-05 04:51 Times Seen5283866 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.1337xx.to/static/js/main.js?v=1	ScriptElement	1.6 kB	2023-03-07	2025-06-28
Pretty URL www.1337xx.to/static/js/main.js?v=1 IP 104.21.11.234 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27 Last Seen2025-06-28 13:22 Times Seen73 Hash 5c87297596179b890841cf19f434c4ba a956aeeb2e1cd686c21f4adac5688730e06638af 19c273d0582b3b6392302ece922088dfad5be1e094fb8510f1ed62320a3d2b26 Loading...

	prizegrantedrevision.com/bd/6c/33/bd6c3375a35d155e03aef20bbbe563ea.js	ScriptElement	84 kB	2024-08-19	2024-08-19
Pretty URL prizegrantedrevision.com/bd/6c/33/bd6c3375a35d155e03aef20bbbe563ea.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 17:49 Last Seen2024-08-19 17:49 Times Seen1 Hash 023401ad91d739294bbcc0eebab83c3e d90386b55833f0d7cfd551bb98c04287720152ff 4b45abd6ee016e882b2f0c75d495204eb369d5dd01a456c15ce9bd1fda8f2b4c Loading...

	prizegrantedrevision.com/75/eb/7b/75eb7bf55a6322e200a2e7f9c09f7eab.js	ScriptElement	45 kB	2024-08-19	2024-08-19
Pretty URL prizegrantedrevision.com/75/eb/7b/75eb7bf55a6322e200a2e7f9c09f7eab.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 17:49 Last Seen2024-08-19 17:49 Times Seen1 Hash 1f6802d2f240d877319a8521539636de 13c56f06519c0b1c281066ca2746c4f009d0316c 69d48595383a71bd9603b551fb58f97df15ba875701e2c2f7d9d83c52022168a Loading...

HTTP Transactions (62)

URL IP Response Size

r10.o.lencr.org/

23.36.76.249

504 B

URL
r10.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
f63e8d9e64abf0e5b2784ca051160e84
d15d17504ed5c584ba42145060cf745fdb41c1d0
652ee033c72bc8eadcf29c25a5387bc303bf86e6c57f262c576117f659f15eab

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "652EE033C72BC8EADCF29C25A5387BC303BF86E6C57F262C576117F659F15EAB"
Last-Modified: Fri, 05 Jul 2024 13:53:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4561
Expires: Sat, 06 Jul 2024 17:07:57 GMT
Date: Sat, 06 Jul 2024 15:51:56 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.249

504 B

URL
r10.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
e9a839fbbf2a5bc4f1a01cd5fca04d5e
ff4396bb2dcc9211b70f2e3266720172ee2ce085
3bb2a3698d452f1de2ff4f283a89fc427d9fe01c02ad968f215bee1834b1c1e3

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "3BB2A3698D452F1DE2FF4F283A89FC427D9FE01C02AD968F215BEE1834B1C1E3"
Last-Modified: Thu, 04 Jul 2024 15:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2757
Expires: Sat, 06 Jul 2024 16:37:53 GMT
Date: Sat, 06 Jul 2024 15:51:56 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.249

504 B

URL
r10.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
508d0867e7982df7cfa6ad58e05ce470
6f4e15b94e527d02e8dd38f8b69b493cfae84c56
376a5286b71a4a7e90b3eece9b39480f50435d5ef3c7793828481f590d04bc77

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "376A5286B71A4A7E90B3EECE9B39480F50435D5EF3C7793828481F590D04BC77"
Last-Modified: Thu, 04 Jul 2024 23:47:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13899
Expires: Sat, 06 Jul 2024 19:43:35 GMT
Date: Sat, 06 Jul 2024 15:51:56 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.249

504 B

URL
r10.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
7a665c357c9589136708e266c9f9a140
e75c705088f540933589402929fb9dcbb39e7747
73dfddabe9477748a0f32d3c2105cc266659ed6cecee3b16ef8e8908192de269

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "73DFDDABE9477748A0F32D3C2105CC266659ED6CECEE3B16EF8E8908192DE269"
Last-Modified: Thu, 04 Jul 2024 16:21:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18274
Expires: Sat, 06 Jul 2024 20:56:30 GMT
Date: Sat, 06 Jul 2024 15:51:56 GMT
Connection: keep-alive

GET www.1337xx.to/static/js/auto-searchv2.js

104.21.11.234

200 OK

909 B

URL GET HTTP/3
www.1337xx.to/static/js/auto-searchv2.js
IP
104.21.11.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
FingerprintE7:90:EC:5E:77:06:53:09:72:B0:33:C5:F3:F7:65:BD:95:9C:08:4C
ValidityWed, 08 May 2024 14:05:50 GMT - Tue, 06 Aug 2024 14:05:49 GMT

File type
JavaScript source, ASCII text, with very long lines (517)
Size
909 B (909 bytes)
Hash
a4b57f03005db04060dfef0775e3d90b
c4744701caefc235077f3843e1223117749cd0d9
453701e481d63aa42e7a0a6b2300d65a3c592073ae8f1f0158f6ef46400d4770

HTTP Headers

GET /static/js/auto-searchv2.js HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 15:51:57 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2024 02:11:02 GMT
etag: W/"66398db6-2cc"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xvYIRVmg%2FgRY410kuBV0zDV07W6UI3dfSWjXRDP96YjdwVxvTPYkBNmDMzY77IZnSf1WEKqfLdintyFBeCf99%2Bz53Z18n6FLKIZV88nQLxrJCxbJvqMdc9B7eGDtpp6F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f0c2578f675687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET www.1337xx.to/static/images/body-bg.jpg

104.21.11.234

200 OK

2.5 kB

URL GET HTTP/3
www.1337xx.to/static/images/body-bg.jpg
IP
104.21.11.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
FingerprintE7:90:EC:5E:77:06:53:09:72:B0:33:C5:F3:F7:65:BD:95:9C:08:4C
ValidityWed, 08 May 2024 14:05:50 GMT - Tue, 06 Aug 2024 14:05:49 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3
Size
2.5 kB (2454 bytes)
Hash
57176455b267a90c419d442f311cab4a
8ce7305a8e73bf2cea887b1b011c349e41b426d3
44411fdbd6a244c923866126c233c854cae07718591506d315a86e34e159f20b

HTTP Headers

GET /static/images/body-bg.jpg HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/static/css/style.css?ver=1.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 15:51:57 GMT
content-type: image/jpeg
content-length: 2454
last-modified: Tue, 07 May 2024 02:10:50 GMT
etag: "66398daa-996"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n1sbLkZ%2BjKtK4TnOn%2BFtqekw%2F8eCWZw9Md0STm0qBvTEluIUvcnYdoyDrQbbKchr9ZPEFpRua8I7ia7nlCGPf34qUGbD%2B9UU1MSEtnpobNpdxb3rsE42ctdG8xezM0sI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f0c2592abc5687-OSL
alt-svc: h3=":443"; ma=86400

GET www.1337xx.to/static/fonts/oswald-regular.woff

104.21.11.234

200 OK

25 kB

URL GET HTTP/3
www.1337xx.to/static/fonts/oswald-regular.woff
IP
104.21.11.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
FingerprintE7:90:EC:5E:77:06:53:09:72:B0:33:C5:F3:F7:65:BD:95:9C:08:4C
ValidityWed, 08 May 2024 14:05:50 GMT - Tue, 06 Aug 2024 14:05:49 GMT

File type
Web Open Font Format, TrueType, length 25248, version 1.0
Size
25 kB (25248 bytes)
Hash
77f9ec053e5256b45207e37effb5a1b1
b881bffa5a7dd80494d621ec6f72c3f5545448f3
c5bccac5053a0089da4fb1a1693579ed4893a75b8fdc1c4f43a9151a2a9fb754

HTTP Headers

GET /static/fonts/oswald-regular.woff HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/static/css/style.css?ver=1.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 15:51:57 GMT
content-type: application/font-woff
content-length: 25248
last-modified: Tue, 07 May 2024 02:10:45 GMT
etag: "66398da5-62a0"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s4jomkxkUi0FPRng0jtBi%2Bp60AfvQhO2EdHVk5jaI4bPqpzGKxtsAUYAQn4pirHriK2ba8chAUkMNhsm7PHwYU98d9tpADi432dVjYypG%2FJMASnFdLKR3a4l0rdcWFi%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f0c2593ad65687-OSL
alt-svc: h3=":443"; ma=86400

GET www.1337xx.to/static/fonts/opensans-regular.woff

104.21.11.234

200 OK

23 kB

URL GET HTTP/3
www.1337xx.to/static/fonts/opensans-regular.woff
IP
104.21.11.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
FingerprintE7:90:EC:5E:77:06:53:09:72:B0:33:C5:F3:F7:65:BD:95:9C:08:4C
ValidityWed, 08 May 2024 14:05:50 GMT - Tue, 06 Aug 2024 14:05:49 GMT

File type
Web Open Font Format, TrueType, length 22660, version 1.0
Size
23 kB (22660 bytes)
Hash
79515ad0788973c533405f7012dfeccd
5092881fad2caffdc6bf71bdab1ea547b73d3564
22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40

HTTP Headers

GET /static/fonts/opensans-regular.woff HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/static/css/style.css?ver=1.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 15:51:57 GMT
content-type: application/font-woff
content-length: 22660
last-modified: Tue, 07 May 2024 02:10:42 GMT
etag: "66398da2-5884"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q0jbL2xWeVuTUwJdofMfT%2ByqdeO3a60yew%2BIjld1pAN4Cb0euzg%2BInb0MgBTfTWYnAv0rSvZbMFQIbx0Z35%2B%2Bc420SmjsUUK1LhyFiltDr0vCqiu3ZbsZ5e9GW9g72Fi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f0c2593ad15687-OSL
alt-svc: h3=":443"; ma=86400

GET www.1337xx.to/static/fonts/Flaticon.woff

104.21.11.234

200 OK

27 kB

URL GET HTTP/3
www.1337xx.to/static/fonts/Flaticon.woff
IP
104.21.11.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
FingerprintE7:90:EC:5E:77:06:53:09:72:B0:33:C5:F3:F7:65:BD:95:9C:08:4C
ValidityWed, 08 May 2024 14:05:50 GMT - Tue, 06 Aug 2024 14:05:49 GMT

File type
Web Open Font Format, TrueType, length 27404, version 0.0
Size
27 kB (27404 bytes)
Hash
1dbab8d47aa2e11c55216ab3286d6f69
c7a7f3ddf37063ac02273eb4fe7ebc98e9cf97bf
ef35a8d776774a5fba83f188738af52b85e278c4bf7c5695700161febdc36b05

HTTP Headers

GET /static/fonts/Flaticon.woff HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/static/css/icons.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 15:51:57 GMT
content-type: application/font-woff
content-length: 27404
last-modified: Tue, 07 May 2024 02:10:35 GMT
etag: "66398d9b-6b0c"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i9GFPXBR6nD2aB8S9XSzWPnyHSgjMPD%2F9U3eDZipzaILpNErdReDMWn26bWdXA0qRMdmgY%2FC0E5SgmgJKfZTGf9gI0EcInG2HWdZlhFWTxTWRxQIpo6DyIbY%2FU5UBbE2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f0c2596b255687-OSL
alt-svc: h3=":443"; ma=86400

GET www.1337xx.to/static/fonts/opensans-bold.woff

104.21.11.234

200 OK

22 kB

URL GET HTTP/3
www.1337xx.to/static/fonts/opensans-bold.woff
IP
104.21.11.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
FingerprintE7:90:EC:5E:77:06:53:09:72:B0:33:C5:F3:F7:65:BD:95:9C:08:4C
ValidityWed, 08 May 2024 14:05:50 GMT - Tue, 06 Aug 2024 14:05:49 GMT

File type
Web Open Font Format, TrueType, length 22432, version 1.0
Size
22 kB (22432 bytes)
Hash
2e90d5152ce92858b62ba053c7b9d2cb
8cf65f42a2a8c349ccd6ab63b6cbd17c96fd665c
a0357cb694b5284870c77c0dbcaf33f238004800419288afde313317b0dbd0b7

HTTP Headers

GET /static/fonts/opensans-bold.woff HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/static/css/style.css?ver=1.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 15:51:57 GMT
content-type: application/font-woff
content-length: 22432
last-modified: Tue, 07 May 2024 02:10:40 GMT
etag: "66398da0-57a0"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=itIZM9kA6dXMTMfaU4XP0bsvgCZHOLqR3wWKUiSXXeUFHzyH%2BgeYVD%2FqMucjGcDY9a6UvvvbrVNrgWs6%2F0WfoFIpZGDJQo5cDaAlW%2BAPdZF2%2FtUaI4rG%2FgueVgDS%2Bf0C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f0c2597b3e5687-OSL
alt-svc: h3=":443"; ma=86400

GET www.1337xx.to/static/fonts/opensans-light.woff

104.21.11.234

200 OK

22 kB

URL GET HTTP/3
www.1337xx.to/static/fonts/opensans-light.woff
IP
104.21.11.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
FingerprintE7:90:EC:5E:77:06:53:09:72:B0:33:C5:F3:F7:65:BD:95:9C:08:4C
ValidityWed, 08 May 2024 14:05:50 GMT - Tue, 06 Aug 2024 14:05:49 GMT

File type
Web Open Font Format, TrueType, length 22248, version 1.0
Size
22 kB (22248 bytes)
Hash
45b47f3e9c7d74b80f5c6e0a3c513b23
523f9403d934ba017bfe924cdc40f1bb0e5d97e2
a1cb81c9f07f1f399db66ec188c02a1c74bc382df9a8550ab8091aac93dff8a2

HTTP Headers

GET /static/fonts/opensans-light.woff HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/static/css/style.css?ver=1.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 15:51:57 GMT
content-type: application/font-woff
content-length: 22248
last-modified: Tue, 07 May 2024 02:10:41 GMT
etag: "66398da1-56e8"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L1UKn5Gs891PmUYj897YkOcwEs%2Bxbp1FbbAzLJlajMfzPgKJPYkuHD8%2FwR%2By8WbInFHmM%2BS7qDi7eIOHkRYm%2FKjJRtkTfHFJUaREtul4tQcaD62fRbpUzvpyfcf6d959"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f0c2597b555687-OSL
alt-svc: h3=":443"; ma=86400

GET www.1337xx.to/static/fonts/oswald-light.woff

104.21.11.234

200 OK

23 kB

URL GET HTTP/3
www.1337xx.to/static/fonts/oswald-light.woff
IP
104.21.11.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
FingerprintE7:90:EC:5E:77:06:53:09:72:B0:33:C5:F3:F7:65:BD:95:9C:08:4C
ValidityWed, 08 May 2024 14:05:50 GMT - Tue, 06 Aug 2024 14:05:49 GMT

File type
Web Open Font Format, TrueType, length 22568, version 1.0
Size
23 kB (22568 bytes)
Hash
a4d5b8f448ec86ddb2e57a2912a3fcd6
579df89a925a4e5e46d63fe5ad84492a810ed3be
dc1e478c0ada70ebba3817df17ad49d0b288351d777cf6582dba4a5390be73e3

HTTP Headers

GET /static/fonts/oswald-light.woff HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/static/css/style.css?ver=1.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 15:51:57 GMT
content-type: application/font-woff
content-length: 22568
last-modified: Tue, 07 May 2024 02:10:44 GMT
etag: "66398da4-5828"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2%2BEB0LEwPWEPfgKY%2Fg4jv3uIj%2Brhuzzzs67DwhHBZPlvGMyBdZJ662c%2FrgoI3fKj6PdB%2ByNEZ1oR6LfxW%2FQoXr6pf2G8Im3NApJcBTLTEvG0s2I3JdJqS7xi%2BmSSsjqE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f0c2597b535687-OSL
alt-svc: h3=":443"; ma=86400

GET 1337xx.to/

104.21.11.234

301 Moved Permanently

31 kB

URL User Request GET HTTP/2
1337xx.to/
IP
104.21.11.234:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
FingerprintE7:90:EC:5E:77:06:53:09:72:B0:33:C5:F3:F7:65:BD:95:9C:08:4C
ValidityWed, 08 May 2024 14:05:50 GMT - Tue, 06 Aug 2024 14:05:49 GMT

File type
data
Size
31 kB (30866 bytes)
Hash
93f442c18b654e35cc936d710cd4ae7b
751077c7a7670b370cdcb81c7dcb266df87c6b9e
18a7ca432cdd06f496283b5ca1c6029ccd23a2f3d94414b4c04358a89c0b9786

HTTP Headers

GET / HTTP/1.1
Host: 1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 06 Jul 2024 15:51:56 GMT
content-type: text/html
location: https://www.1337xx.to/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KZ0IeuJNsUs0km%2FawI5P42aJobF0QgJyPGOo212kapCMOD1UzeoQWkXKqUqatq%2B9k6LNfIuvjVHB2nwwZPdfWBAP%2FSdcTFCpn1wl%2BfniktBfpM8SVzfAQV7gGwc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f0c253bd36b523-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET prizegrantedrevision.com/75/eb/7b/75eb7bf55a6322e200a2e7f9c09f7eab.js

192.243.61.227

200 OK

16 kB

URL GET HTTP/1.1
prizegrantedrevision.com/75/eb/7b/75eb7bf55a6322e200a2e7f9c09f7eab.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1337xx.to/
Certificate
IssuerLet's Encrypt
Subjectprizegrantedrevision.com
Fingerprint5F:C5:D0:43:5E:AC:33:8D:4C:FF:EA:5C:F4:01:E5:18:3B:69:A6:13
ValidityMon, 03 Jun 2024 08:43:11 GMT - Sun, 01 Sep 2024 08:43:10 GMT

File type
JavaScript source, ASCII text, with very long lines (44822), with no line terminators
Size
16 kB (16004 bytes)
Hash
1f6802d2f240d877319a8521539636de
13c56f06519c0b1c281066ca2746c4f009d0316c
69d48595383a71bd9603b551fb58f97df15ba875701e2c2f7d9d83c52022168a

HTTP Headers

GET /75/eb/7b/75eb7bf55a6322e200a2e7f9c09f7eab.js HTTP/1.1
Host: prizegrantedrevision.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 06 Jul 2024 15:51:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 7fe0e4564fe4826e8657fbe3d8982bfc
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
db42c795cc018c71417eaad9a70879a5
2012225a1d003a73673f92d746b5e16e0bd0bc02
7e38d52e21fe6d4e5ea07b8bd1fc52f8f6ef6894cc6cab6e1f94da05709d6802

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 06 Jul 2024 15:51:58 GMT
Last-Modified: Sat, 06 Jul 2024 14:56:06 GMT
Server: ECAcc (ska/F7A5)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 15UwbvQmIfryNKsA81qfjxJNNVycKjPhtEffH7A8Idn3P-SLjFDwCA==
Age: 3352

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
1039989f7eb3a746075b7a933c6df87f
fe74929ecbe344386a2bc89259f1fb633b001da4
a6963d2c83c5964343ed0a86328564f847785f40412fb94fe6b17cf8d7ede034

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 06 Jul 2024 15:51:58 GMT
Last-Modified: Sat, 06 Jul 2024 14:13:30 GMT
Server: ECAcc (ska/F757)
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OHZdNqff1rHYU2HBsdZG5fRDl74o0sV57tXjj9XibHhx6MsqOAuD2Q==
Age: 5908

GET proftrafficcounter.com/stats

3.124.140.205

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
3.124.140.205:443
ASN
#16509 AMAZON-02

Requested by
https://www.1337xx.to/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
4f33f6c5edcbec843caecd78db49934b
0854c130008a09b673f009c879596de870af1c8f
eaf38c7b15692b0f8be879ebb451974b4de11dec524ef06ebfff94726153811d

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 15:51:58 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.1337xx.to
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=1baef3cd-b7b9-48b8-a390-816aac00a6a1:2:1; expires=Tue, 04 Jul 2034 15:51:58 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET proftrafficcounter.com/stats

3.124.140.205

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
3.124.140.205:443
ASN
#16509 AMAZON-02

Requested by
https://www.1337xx.to/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
3a678b5ae45ffd192cc908205b88ea4e
5cdbc2f13ce9ef243c76f5512f06c803109b9424
596071e852ca6c1a1e5b7891f52929775dfd09d8d7e7f7351d5dfc41f8814e61

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 15:51:58 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.1337xx.to
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=17c6bcb5-0962-400d-b8c5-665dbcd6a7b9:2:1; expires=Tue, 04 Jul 2034 15:51:58 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET www.1337xx.to/static/images/main-bg.png

104.21.11.234

200 OK

130 kB

URL GET HTTP/3
www.1337xx.to/static/images/main-bg.png
IP
104.21.11.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
FingerprintE7:90:EC:5E:77:06:53:09:72:B0:33:C5:F3:F7:65:BD:95:9C:08:4C
ValidityWed, 08 May 2024 14:05:50 GMT - Tue, 06 Aug 2024 14:05:49 GMT

File type
PNG image data, 935 x 788, 8-bit/color RGBA, non-interlaced
Size
130 kB (129988 bytes)
Hash
8fc059a7e1758ad0c0e17be4b0575b93
df3d910563829c3b2e6fb0767038f75af4d4fcbd
6be2d61547095ffeb30a1fd03fd7d6aba9009edc719144812c5610bd2e27fb97

HTTP Headers

GET /static/images/main-bg.png HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/static/css/style.css?ver=1.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 15:51:57 GMT
content-type: image/png
content-length: 129988
last-modified: Tue, 07 May 2024 02:10:54 GMT
etag: "66398dae-1fbc4"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sSqbfTUHf2T%2FHVrnaUZvMRIHcBr%2B28TNFmdcUKOZCzBWkKFLyUDGX6iLxNJK5J2yW5QnRSqan4Uq1FH5Ar%2BOGQMVutAToXVGaGdkN16VvVQAHZiiAx5fg5EuDE7olB8R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f0c2592ac15687-OSL
alt-svc: h3=":443"; ma=86400

r11.o.lencr.org/

23.36.76.225

504 B

URL
r11.o.lencr.org/
IP
23.36.76.225:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
d9e057ca5dc3871b73d0961d4ab9be29
6112d844b90ca967b943f75a59033074370c021f
ffa987185ae0dfd0d12373cab22ba1e08e5a5c71f578d4ef0914ef30483a3cbc

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "FFA987185AE0DFD0D12373CAB22BA1E08E5A5C71F578D4EF0914EF30483A3CBC"
Last-Modified: Thu, 04 Jul 2024 09:28:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14935
Expires: Sat, 06 Jul 2024 20:00:53 GMT
Date: Sat, 06 Jul 2024 15:51:58 GMT
Connection: keep-alive

GET www.1337xx.to/static/js/jquery-ui.js

104.21.11.234

200 OK

88 kB

URL GET HTTP/3
www.1337xx.to/static/js/jquery-ui.js
IP
104.21.11.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
FingerprintE7:90:EC:5E:77:06:53:09:72:B0:33:C5:F3:F7:65:BD:95:9C:08:4C
ValidityWed, 08 May 2024 14:05:50 GMT - Tue, 06 Aug 2024 14:05:49 GMT

File type
JavaScript source, ASCII text, with very long lines (4492)
Size
88 kB (87746 bytes)
Hash
7ddac2a3d1e7091bd51f23f0250a7fea
5537fb7969f7a8349e0292ce9710df8daae5ad3c
ebdadbb78c8a4e8433168bcdb49b87d0cb4809bbca7aaf29fbe36a9c77be5e35

HTTP Headers

GET /static/js/jquery-ui.js HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 15:51:57 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2024 02:11:05 GMT
vary: Accept-Encoding
etag: W/"66398db9-4aff8"
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FYHn6q1pr2wApHSdwD6SyRoZGU3kDo5BFZlmWc%2BEdCaCkadE2x3KvqPwNLCivH9A4l7UWY9u2P5ZWn%2FMmHfcVWTiw0tf%2BDpzcBxfTJHV8dYB6OepqlhhgBQctACX26KC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f0c2578f5c5687-OSL
alt-svc: h3=":443"; ma=86400

r10.o.lencr.org/

23.36.76.225

504 B

URL
r10.o.lencr.org/
IP
23.36.76.225:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
beea2d01e42a07ac66dd6c8731a07c2d
ceb65ce5626851dddd30376c1b0de01f0d2903e5
bd96f7b6b145d1e74ef9ae315c96599a5a00df4720aac6276b8a1b25fc81a255

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "BD96F7B6B145D1E74EF9AE315C96599A5A00DF4720AAC6276B8A1B25FC81A255"
Last-Modified: Fri, 05 Jul 2024 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4205
Expires: Sat, 06 Jul 2024 17:02:03 GMT
Date: Sat, 06 Jul 2024 15:51:58 GMT
Connection: keep-alive

GET capaciousdrewreligion.com/advertisers.js

172.240.253.132

200 OK

0 B

URL GET HTTP/1.1
capaciousdrewreligion.com/advertisers.js
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://www.1337xx.to/
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
Fingerprint4F:7A:98:8B:B8:01:70:75:3B:62:EF:6C:AD:DF:DE:E7:07:37:5E:83
ValidityFri, 05 Jul 2024 07:55:21 GMT - Thu, 03 Oct 2024 07:55:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 06 Jul 2024 15:51:58 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: e9d2d06514e73576ec36c5387e5d5236
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET www.1337xx.to/static/css/jquery-ui.css

104.21.11.234

200 OK

8.8 kB

URL GET HTTP/3
www.1337xx.to/static/css/jquery-ui.css
IP
104.21.11.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
FingerprintE7:90:EC:5E:77:06:53:09:72:B0:33:C5:F3:F7:65:BD:95:9C:08:4C
ValidityWed, 08 May 2024 14:05:50 GMT - Tue, 06 Aug 2024 14:05:49 GMT

File type
gzip compressed data, from Unix
Size
8.8 kB (8765 bytes)
Hash
fb5394878d982b49cccbd435a1a790dc
abd114d11493c2e1df104d098475a5fcd5e6d7d8
9b0848cfb17e89a0d266d1144c466e80e91af797ea58aa3af6320907cd8ba594

HTTP Headers

GET /static/css/jquery-ui.css HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 15:51:57 GMT
content-type: text/css
last-modified: Tue, 07 May 2024 02:10:24 GMT
vary: Accept-Encoding
etag: W/"66398d90-71ce"
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dnUj%2FCgK50VN%2BkdE6EmC%2FCeQtRqs5OY1lN6yKxgx%2FvP5WtOJMalAFTtg899TTDFm7S3rVtdkRo4SEyD6x0qNibyt%2BPJjCa8jJtYmseEjAxR7TBHGxaoPYGH5j605Ik9m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f0c2577f465687-OSL
alt-svc: h3=":443"; ma=86400

r10.o.lencr.org/

23.36.76.225

504 B

URL
r10.o.lencr.org/
IP
23.36.76.225:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
861cce1bf441610f1dfbb14264d55122
1596b2c44fcdb5f7a49c73da766e4ab48b6bd064
f67d59f3fddbcaf61f9f1aa87eca02a320f59402bb412687a4db4d8aa81867d2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F67D59F3FDDBCAF61F9F1AA87ECA02A320F59402BB412687A4DB4D8AA81867D2"
Last-Modified: Fri, 05 Jul 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9538
Expires: Sat, 06 Jul 2024 18:30:56 GMT
Date: Sat, 06 Jul 2024 15:51:58 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.225

504 B

URL
r11.o.lencr.org/
IP
23.36.76.225:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c8de1412e4d733d9544fa1e29842533b
570d656707de042f3291df8174703b15fd760264
6f1a8bb7b7094b28cedc6c85030762a290e9dd13f97d9383dc7677c7323f3ffb

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "6F1A8BB7B7094B28CEDC6C85030762A290E9DD13F97D9383DC7677C7323F3FFB"
Last-Modified: Sat, 06 Jul 2024 08:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9177
Expires: Sat, 06 Jul 2024 18:24:55 GMT
Date: Sat, 06 Jul 2024 15:51:58 GMT
Connection: keep-alive

GET poundswarden.com/sbar.json?key=75eb7bf55a6322e200a2e7f9c09f7eab&uuid=17c6bcb5-0962-400d-b8c5-665dbcd6a7b9%3A2%3A1

172.240.127.234

200 OK

8.0 kB

URL GET HTTP/1.1
poundswarden.com/sbar.json?key=75eb7bf55a6322e200a2e7f9c09f7eab&uuid=17c6bcb5-0962-400d-b8c5-665dbcd6a7b9%3A2%3A1
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://www.1337xx.to/
Certificate
IssuerLet's Encrypt
Subjectpoundswarden.com
FingerprintD6:D6:54:90:D2:B5:83:69:7F:A4:EA:F3:9B:E5:6A:FB:06:2B:EC:4C
ValiditySat, 29 Jun 2024 13:58:02 GMT - Fri, 27 Sep 2024 13:58:01 GMT

File type
JSON text data
Size
8.0 kB (7951 bytes)
Hash
6aacd874647eae2fb7e17606eb8b3471
ec8f0f6ca5c1b82d4209e2ca7716828fb32fcfdf
3c6ea1e3897d512296145bf38456a517006485c0a3d6ddf9858558d7424e8c66

HTTP Headers

GET /sbar.json?key=75eb7bf55a6322e200a2e7f9c09f7eab&uuid=17c6bcb5-0962-400d-b8c5-665dbcd6a7b9%3A2%3A1 HTTP/1.1
Host: poundswarden.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 06 Jul 2024 15:51:59 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.1337xx.to
Access-Control-Allow-Origin: https://www.1337xx.to
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16578592; expires=Sun, 07 Jul 2024 15:51:58 GMT; path=/; secure; SameSite=None
uid_id2=17c6bcb5-0962-400d-b8c5-665dbcd6a7b9:2:1; expires=Sat, 13 Jul 2024 15:51:58 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Sun, 07 Jul 2024 15:51:59 GMT; path=/; secure; SameSite=None
uncs=1; expires=Sun, 07 Jul 2024 15:51:59 GMT; path=/; secure; SameSite=None
pdhtkv29=true; expires=Sun, 07 Jul 2024 15:51:59 GMT; path=/; secure; SameSite=None
uncs29=1; expires=Sun, 07 Jul 2024 15:51:59 GMT; path=/; secure; SameSite=None
slec75eb7bf55a6322e200a2e7f9c09f7eab=[4243976,4243974]; expires=Sat, 06 Jul 2024 15:52:04 GMT; path=/; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 82b4491d63119834e07ba742722ca1f2
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET www.1337xx.to/static/js/jquery-1.11.0.min.js

104.21.11.234

200 OK

66 kB

URL GET HTTP/3
www.1337xx.to/static/js/jquery-1.11.0.min.js
IP
104.21.11.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
FingerprintE7:90:EC:5E:77:06:53:09:72:B0:33:C5:F3:F7:65:BD:95:9C:08:4C
ValidityWed, 08 May 2024 14:05:50 GMT - Tue, 06 Aug 2024 14:05:49 GMT

File type
gzip compressed data, from Unix
Size
66 kB (65561 bytes)
Hash
8ad875c667876f3548ee3a2ec26a47c8
a5f80d6a5b26a5598246fb4f5d9d4fefca6efa24
c886ad1d29f236a59203743e15f1dc78eccb4493b318e8535246dfa9bc3b2e5b

HTTP Headers

GET /static/js/jquery-1.11.0.min.js HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 15:51:57 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2024 02:11:05 GMT
vary: Accept-Encoding
etag: W/"66398db9-17881"
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ozTsrcOn%2BtBN4VF3OK%2F77kjrweZ9zJDDmW9yseTD7r5NzO8LtZYX5Gyo2RDiE6m%2FEH%2FYhoS%2FER4FaArJP6TWu6uDNRUicl119uELl0qCh7FT9FfpGf%2BCgTO22YKTTglx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f0c2578f585687-OSL
alt-svc: h3=":443"; ma=86400

GET poundswarden.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitnqwi5KIhFxFxQA8K7mx3z0z3jkGiMVkJrklIFL1J%2FerZcmu62qru6cmeggGJt9GL1943u1miQfQPMEhvwMNCcMfTHtx%2FQggeVGTGxdHv0N%2F3%2Br2iXr2qz7aLYxKioEcX3zVbSmu60m35zZc%2FDIJzzXWVFqPmaDX6KOqca9rha72o5b%2FSfFvyTbMS%2BoHvB37QXFNWJma0MiOhsvu9oNXzW52wFXQ7GNn%2FY1d4cNSDGB6TM1BiuvTQOwvFa6SD7y5Kt5mb7NVLg0LT3FgMxd776WZqyhSDxZhYD0m6d6KGcYdrD2DS3bldmOG%2FQqamxPvpAVi6d2ISbLgz98k0ZAomTqMc1pC6hqI1uLkNJQ4JwAWuXEU6uHvF2JLe%2FIelM3ZKlh7%2FBlVOydKvZ5EOvr2g1ah5w%2BgiVyZ1GCUV1KiG6tfIin3kWw2och88%2FxRKPCIrj9eRDnauOm2gxNFLQcwjxll32e9F4XLH98UyW%2BXd5SjqCsZFRGPWmwekVA2V1NByDOoaKJyHQnkoEg9F5mEgjpo8CILYF5z6qz3O2yKWLBJ%2BQOMkoIEfraLgszOMkWdjcD0Gt7eQ2VvYVF8cds%2FAFj%2FCbVRwwoPLCYaiQikJSkdQUoJSEZQ5QTmsdoV2oavuCu0KFpz08KS3q4nJ%2B9t01%2BR9mRJQO4YV1XZ2TJ6ZZ%2FjH701syqNm3JUsZkm3S6N2GMrQ92ko46TH%2FV4SS8rgVAXlGqDOw5aakmdfv4RMTckTX%2F0FRvfh9D64ehq0eB60rEA3Kmyl94J2Ox6NWrmBMBWyfAn5TW9bH5Pn5tu%2FUT8FyQ%2FO%2F0zmBW4rZLbCx%2BohQV%2FfmVw3Jdm5bkpHvr%2Ba5Wqgtujsem%2FkNJenvn5H3iyNFZcvuvG9N%2FmMmI3335MuX6epUGnfkW8uKCGkXTOWS%2FLDZfeBZNcKt3GhsGmRrV97a%2B3yILPSOWXSGlRNCak%2FAVdTcvrPR%2FOX%2B6JNoWwNW1QYFAfkpKDMPnh2Cy5b%2BHeGwOqFhmUeyqKa2JAtfmpFoOUCU1bB%2FQezxTyxdLaaqmrb3UHfNkDz20gHFYa2wlBXoHoMV5ya5Jk9OP9Le15gujFh2jZ2mLb6y3nMs8%2BTcOqoGbfbPo163SCOqYxZJ1xNokBQGnaiMIpoG7mbJp9vvPA3AAAA%2F%2F8BAAD%2F%2F43H%2FfiTBAAA

172.240.127.234

200 OK

7 B

URL GET HTTP/1.1
poundswarden.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitnqwi5KIhFxFxQA8K7mx3z0z3jkGiMVkJrklIFL1J%2FerZcmu62qru6cmeggGJt9GL1943u1miQfQPMEhvwMNCcMfTHtx%2FQggeVGTGxdHv0N%2F3%2Br2iXr2qz7aLYxKioEcX3zVbSmu60m35zZc%2FDIJzzXWVFqPmaDX6KOqca9rha72o5b%2FSfFvyTbMS%2BoHvB37QXFNWJma0MiOhsvu9oNXzW52wFXQ7GNn%2FY1d4cNSDGB6TM1BiuvTQOwvFa6SD7y5Kt5mb7NVLg0LT3FgMxd776WZqyhSDxZhYD0m6d6KGcYdrD2DS3bldmOG%2FQqamxPvpAVi6d2ISbLgz98k0ZAomTqMc1pC6hqI1uLkNJQ4JwAWuXEU6uHvF2JLe%2FIelM3ZKlh7%2FBlVOydKvZ5EOvr2g1ah5w%2BgiVyZ1GCUV1KiG6tfIin3kWw2och88%2FxRKPCIrj9eRDnauOm2gxNFLQcwjxll32e9F4XLH98UyW%2BXd5SjqCsZFRGPWmwekVA2V1NByDOoaKJyHQnkoEg9F5mEgjpo8CILYF5z6qz3O2yKWLBJ%2BQOMkoIEfraLgszOMkWdjcD0Gt7eQ2VvYVF8cds%2FAFj%2FCbVRwwoPLCYaiQikJSkdQUoJSEZQ5QTmsdoV2oavuCu0KFpz08KS3q4nJ%2B9t01%2BR9mRJQO4YV1XZ2TJ6ZZ%2FjH701syqNm3JUsZkm3S6N2GMrQ92ko46TH%2FV4SS8rgVAXlGqDOw5aakmdfv4RMTckTX%2F0FRvfh9D64ehq0eB60rEA3Kmyl94J2Ox6NWrmBMBWyfAn5TW9bH5Pn5tu%2FUT8FyQ%2FO%2F0zmBW4rZLbCx%2BohQV%2FfmVw3Jdm5bkpHvr%2Ba5Wqgtujsem%2FkNJenvn5H3iyNFZcvuvG9N%2FmMmI3335MuX6epUGnfkW8uKCGkXTOWS%2FLDZfeBZNcKt3GhsGmRrV97a%2B3yILPSOWXSGlRNCak%2FAVdTcvrPR%2FOX%2B6JNoWwNW1QYFAfkpKDMPnh2Cy5b%2BHeGwOqFhmUeyqKa2JAtfmpFoOUCU1bB%2FQezxTyxdLaaqmrb3UHfNkDz20gHFYa2wlBXoHoMV5ya5Jk9OP9Le15gujFh2jZ2mLb6y3nMs8%2BTcOqoGbfbPo163SCOqYxZJ1xNokBQGnaiMIpoG7mbJp9vvPA3AAAA%2F%2F8BAAD%2F%2F43H%2FfiTBAAA
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://www.1337xx.to/
Certificate
IssuerLet's Encrypt
Subjectpoundswarden.com
FingerprintD6:D6:54:90:D2:B5:83:69:7F:A4:EA:F3:9B:E5:6A:FB:06:2B:EC:4C
ValiditySat, 29 Jun 2024 13:58:02 GMT - Fri, 27 Sep 2024 13:58:01 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitnqwi5KIhFxFxQA8K7mx3z0z3jkGiMVkJrklIFL1J%2FerZcmu62qru6cmeggGJt9GL1943u1miQfQPMEhvwMNCcMfTHtx%2FQggeVGTGxdHv0N%2F3%2Br2iXr2qz7aLYxKioEcX3zVbSmu60m35zZc%2FDIJzzXWVFqPmaDX6KOqca9rha72o5b%2FSfFvyTbMS%2BoHvB37QXFNWJma0MiOhsvu9oNXzW52wFXQ7GNn%2FY1d4cNSDGB6TM1BiuvTQOwvFa6SD7y5Kt5mb7NVLg0LT3FgMxd776WZqyhSDxZhYD0m6d6KGcYdrD2DS3bldmOG%2FQqamxPvpAVi6d2ISbLgz98k0ZAomTqMc1pC6hqI1uLkNJQ4JwAWuXEU6uHvF2JLe%2FIelM3ZKlh7%2FBlVOydKvZ5EOvr2g1ah5w%2BgiVyZ1GCUV1KiG6tfIin3kWw2och88%2FxRKPCIrj9eRDnauOm2gxNFLQcwjxll32e9F4XLH98UyW%2BXd5SjqCsZFRGPWmwekVA2V1NByDOoaKJyHQnkoEg9F5mEgjpo8CILYF5z6qz3O2yKWLBJ%2BQOMkoIEfraLgszOMkWdjcD0Gt7eQ2VvYVF8cds%2FAFj%2FCbVRwwoPLCYaiQikJSkdQUoJSEZQ5QTmsdoV2oavuCu0KFpz08KS3q4nJ%2B9t01%2BR9mRJQO4YV1XZ2TJ6ZZ%2FjH701syqNm3JUsZkm3S6N2GMrQ92ko46TH%2FV4SS8rgVAXlGqDOw5aakmdfv4RMTckTX%2F0FRvfh9D64ehq0eB60rEA3Kmyl94J2Ox6NWrmBMBWyfAn5TW9bH5Pn5tu%2FUT8FyQ%2FO%2F0zmBW4rZLbCx%2BohQV%2FfmVw3Jdm5bkpHvr%2Ba5Wqgtujsem%2FkNJenvn5H3iyNFZcvuvG9N%2FmMmI3335MuX6epUGnfkW8uKCGkXTOWS%2FLDZfeBZNcKt3GhsGmRrV97a%2B3yILPSOWXSGlRNCak%2FAVdTcvrPR%2FOX%2B6JNoWwNW1QYFAfkpKDMPnh2Cy5b%2BHeGwOqFhmUeyqKa2JAtfmpFoOUCU1bB%2FQezxTyxdLaaqmrb3UHfNkDz20gHFYa2wlBXoHoMV5ya5Jk9OP9Le15gujFh2jZ2mLb6y3nMs8%2BTcOqoGbfbPo163SCOqYxZJ1xNokBQGnaiMIpoG7mbJp9vvPA3AAAA%2F%2F8BAAD%2F%2F43H%2FfiTBAAA HTTP/1.1
Host: poundswarden.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Cookie: u_pl=16578592; uid_id2=17c6bcb5-0962-400d-b8c5-665dbcd6a7b9:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec75eb7bf55a6322e200a2e7f9c09f7eab=[4243976,4243974]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 06 Jul 2024 15:51:59 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: fd58041bbd4576e927aa9e84f040ac18
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET www.1337xx.to/static/css/scrollbar.css

104.21.11.234

200 OK

5.7 kB

URL GET HTTP/3
www.1337xx.to/static/css/scrollbar.css
IP
104.21.11.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
FingerprintE7:90:EC:5E:77:06:53:09:72:B0:33:C5:F3:F7:65:BD:95:9C:08:4C
ValidityWed, 08 May 2024 14:05:50 GMT - Tue, 06 Aug 2024 14:05:49 GMT

File type
gzip compressed data, from Unix
Size
5.7 kB (5725 bytes)
Hash
f04bac090e32607517a905504c163d10
9ddb0a90f0ae5823ef242a852239cfc4a88b5b50
85863f1f0178da7133cf9dffa1701f0d7f0add5648f9a5e6521404486a80bfd2

HTTP Headers

GET /static/css/scrollbar.css HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 15:51:57 GMT
content-type: text/css
last-modified: Tue, 07 May 2024 02:10:26 GMT
vary: Accept-Encoding
etag: W/"66398d92-a872"
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rD25n1CBfAwdS9jj90UT%2BWPoTwnsgAl5%2FxF9uigJIn5uc0mujXHB%2BnSgJk9knKhvCQJZvodoYEkUiu4rB3eSUG31ISqg1RGLBQ1qZYisSYReJB338cAsYsBpmu3ZRO7p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f0c2577f525687-OSL
alt-svc: h3=":443"; ma=86400

GET poundswarden.com/pixel/sbls?bv=24.22.2032&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F24%2F54%2F4e%2F24544ed07f7394384bbb75023b9b0b3a%2F1591713925.html&l=1274&fd=107

172.240.127.234

200 OK

0 B

URL GET HTTP/1.1
poundswarden.com/pixel/sbls?bv=24.22.2032&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F24%2F54%2F4e%2F24544ed07f7394384bbb75023b9b0b3a%2F1591713925.html&l=1274&fd=107
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://www.1337xx.to/
Certificate
IssuerLet's Encrypt
Subjectpoundswarden.com
FingerprintD6:D6:54:90:D2:B5:83:69:7F:A4:EA:F3:9B:E5:6A:FB:06:2B:EC:4C
ValiditySat, 29 Jun 2024 13:58:02 GMT - Fri, 27 Sep 2024 13:58:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=24.22.2032&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F24%2F54%2F4e%2F24544ed07f7394384bbb75023b9b0b3a%2F1591713925.html&l=1274&fd=107 HTTP/1.1
Host: poundswarden.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Cookie: u_pl=16578592; uid_id2=17c6bcb5-0962-400d-b8c5-665dbcd6a7b9:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec75eb7bf55a6322e200a2e7f9c09f7eab=[4243976,4243974]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 06 Jul 2024 15:51:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET unseenreport.com/pxf.gif?uuid=17c6bcb5-0962-400d-b8c5-665dbcd6a7b9&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=bd6c3375a35d155e03aef20bbbe563ea&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15

192.243.59.20

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=17c6bcb5-0962-400d-b8c5-665dbcd6a7b9&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=bd6c3375a35d155e03aef20bbbe563ea&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1337xx.to/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintF5:95:0F:2B:01:D6:36:49:AB:2E:61:76:F7:EC:A5:45:3D:F1:0E:59
ValidityTue, 21 May 2024 07:36:27 GMT - Mon, 19 Aug 2024 07:36:26 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=17c6bcb5-0962-400d-b8c5-665dbcd6a7b9&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=bd6c3375a35d155e03aef20bbbe563ea&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 06 Jul 2024 15:51:59 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 0374aa58fc89a5c4191608fd94677089
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET unseenreport.com/pxf.gif?uuid=17c6bcb5-0962-400d-b8c5-665dbcd6a7b9&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=75eb7bf55a6322e200a2e7f9c09f7eab&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15

192.243.59.20

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=17c6bcb5-0962-400d-b8c5-665dbcd6a7b9&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=75eb7bf55a6322e200a2e7f9c09f7eab&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1337xx.to/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintF5:95:0F:2B:01:D6:36:49:AB:2E:61:76:F7:EC:A5:45:3D:F1:0E:59
ValidityTue, 21 May 2024 07:36:27 GMT - Mon, 19 Aug 2024 07:36:26 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=17c6bcb5-0962-400d-b8c5-665dbcd6a7b9&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=75eb7bf55a6322e200a2e7f9c09f7eab&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 06 Jul 2024 15:51:59 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 443ccf33fbd64e92affab51ebecf4171
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/css/animate.css

104.21.70.253

200 OK

8.9 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/css/animate.css
IP
104.21.70.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/
Certificate
IssuerGoogle Trust Services
Subjectcreative-bars1.com
FingerprintD1:9B:13:19:76:51:03:81:CE:A7:79:69:01:B6:C9:CF:FF:78:92:61
ValidityThu, 13 Jun 2024 14:42:47 GMT - Wed, 11 Sep 2024 14:42:46 GMT

File type
gzip compressed data, from Unix
Size
8.9 kB (8880 bytes)
Hash
4ae299b48ae7080c829537a91c4db213
560e753d768de799bf3fee91a3910225cff604d4
a48a61cbc8ff9c737fc75bbf6bae6fdc8f85281cc30dfe687676a3f1e1c5cf17

HTTP Headers

GET /sb/notifications/dating/default/us/desk-all/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 15:51:59 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:23:50 GMT
etag: W/"65aa85f6-13361"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: HIT
age: 111765
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n52ff1%2BFO84%2BuQgInh1EiQlQVfnok%2FjvsBuaUwoAafs1uOcQzeSL0u8I1yM0W7Fq%2Ba86ltmu3IClxrUc0doSnFGcFFg%2BkeB%2FJbTUqqDwjQBdz6fsWikgXVPQIgCFYNMN7jnJuLRQYrPA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f0c2641ce156c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.67

472 B

URL
o.pki.goog/wr2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bf083de5c459c59301c482d371a48635
69a8b5a229e4e1049ddfae5c3ed1519eef56afab
b390c0608e6b6892ce30f7037c5fffe34d6afbda78b97eeb2d18cee754f8953a

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 06 Jul 2024 15:51:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET poundswarden.com/pixel/sbls?bv=24.22.2032&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fdating%2Fdefault%2Fus%2Fdesk-all%2Fcss%2Fstyle.css&l=5750&fd=85

172.240.127.234

200 OK

0 B

URL GET HTTP/1.1
poundswarden.com/pixel/sbls?bv=24.22.2032&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fdating%2Fdefault%2Fus%2Fdesk-all%2Fcss%2Fstyle.css&l=5750&fd=85
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://www.1337xx.to/
Certificate
IssuerLet's Encrypt
Subjectpoundswarden.com
FingerprintD6:D6:54:90:D2:B5:83:69:7F:A4:EA:F3:9B:E5:6A:FB:06:2B:EC:4C
ValiditySat, 29 Jun 2024 13:58:02 GMT - Fri, 27 Sep 2024 13:58:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=24.22.2032&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fdating%2Fdefault%2Fus%2Fdesk-all%2Fcss%2Fstyle.css&l=5750&fd=85 HTTP/1.1
Host: poundswarden.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Cookie: u_pl=16578592; uid_id2=17c6bcb5-0962-400d-b8c5-665dbcd6a7b9:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec75eb7bf55a6322e200a2e7f9c09f7eab=[4243976,4243974]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 06 Jul 2024 15:51:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/css/style.css

104.21.70.253

200 OK

41 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/css/style.css
IP
104.21.70.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/
Certificate
IssuerGoogle Trust Services
Subjectcreative-bars1.com
FingerprintD1:9B:13:19:76:51:03:81:CE:A7:79:69:01:B6:C9:CF:FF:78:92:61
ValidityThu, 13 Jun 2024 14:42:47 GMT - Wed, 11 Sep 2024 14:42:46 GMT

File type
gzip compressed data, from Unix
Size
41 kB (40702 bytes)
Hash
33a2bc4890af4c74a2f5ee3f00a9c72d
810facfb0132875145845409f5f26ea3e33ec66c
6fc73045c88269fec17d6ff11b11c0a7bd7337a02c671144c5e13aa8609a751a

HTTP Headers

GET /sb/notifications/dating/default/us/desk-all/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 15:51:59 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:23:50 GMT
etag: W/"65aa85f6-1676"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: HIT
age: 2003982
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cY4MmQqBTQkDlUVP98rsXExO3BzIbXOFbBx9J1QPoAykher7i1bNaXb7UMT1mfKhrgUkU44zr0z%2FxJCNr5OzDTuL4PkHJ3pkVizkKCI0hbFOBZLdh2ba6CenRByeKFmAAy43IHgmR4WJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f0c2641ce556c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdn.cloudimagesb.com/si/b3/dd/fd/b3ddfd7cf6f212b3bce3129fb7a007fc/1683231156.png

45.133.44.10

200 OK

65 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/b3/dd/fd/b3ddfd7cf6f212b3bce3129fb7a007fc/1683231156.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1337xx.to/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC0:36:FD:5D:4E:7E:6F:E0:13:60:82:58:0C:BC:8B:40:A2:6B:2C:22
ValidityTue, 21 May 2024 05:00:31 GMT - Mon, 19 Aug 2024 05:00:30 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
65 kB (64601 bytes)
Hash
887812a53b8ea2dbad33f6ae105b8c2d
f83d97ef46827200fa62093ed09b4b6fa25b26d8
9443edf293511b0732211234002c799508a2bfc63a3e28a57d7b12ee30f277e9

HTTP Headers

GET /si/b3/dd/fd/b3ddfd7cf6f212b3bce3129fb7a007fc/1683231156.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 06 Jul 2024 15:51:59 GMT
content-type: image/png
content-length: 64601
server: nginx/1.21.6
last-modified: Thu, 04 May 2023 20:12:45 GMT
etag: "645411bd-fc59"
expires: Mon, 08 Jul 2024 15:51:59 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET poundswarden.com/pixel/sbls?bv=24.22.2032&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fdating%2Fdefault%2Fus%2Fdesk-all%2Fcss%2Fanimate.css&l=78689&fd=90

172.240.127.234

200 OK

0 B

URL GET HTTP/1.1
poundswarden.com/pixel/sbls?bv=24.22.2032&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fdating%2Fdefault%2Fus%2Fdesk-all%2Fcss%2Fanimate.css&l=78689&fd=90
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://www.1337xx.to/
Certificate
IssuerLet's Encrypt
Subjectpoundswarden.com
FingerprintD6:D6:54:90:D2:B5:83:69:7F:A4:EA:F3:9B:E5:6A:FB:06:2B:EC:4C
ValiditySat, 29 Jun 2024 13:58:02 GMT - Fri, 27 Sep 2024 13:58:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=24.22.2032&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fdating%2Fdefault%2Fus%2Fdesk-all%2Fcss%2Fanimate.css&l=78689&fd=90 HTTP/1.1
Host: poundswarden.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Cookie: u_pl=16578592; uid_id2=17c6bcb5-0962-400d-b8c5-665dbcd6a7b9:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec75eb7bf55a6322e200a2e7f9c09f7eab=[4243976,4243974]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 06 Jul 2024 15:51:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

o.pki.goog/wr2

142.250.74.67

472 B

URL
o.pki.goog/wr2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bf083de5c459c59301c482d371a48635
69a8b5a229e4e1049ddfae5c3ed1519eef56afab
b390c0608e6b6892ce30f7037c5fffe34d6afbda78b97eeb2d18cee754f8953a

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 06 Jul 2024 15:51:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.67

471 B

URL
o.pki.goog/wr2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d83f47ba9561b6178217a580335746ac
acf65c7ae075e3dc994f6fba6f18e04a60c4f2d6
45d25737176ca046e2eb9f24d4775e51db8c469f15289cdb24a9e2f94ccae94b

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 06 Jul 2024 15:51:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.1337xx.to/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintC4:9C:27:09:1C:F7:14:C9:86:F0:B5:42:0B:8A:D2:AE:5E:AE:98:04
ValidityThu, 13 Jun 2024 16:31:03 GMT - Thu, 05 Sep 2024 16:31:02 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.1337xx.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 03 Jul 2024 13:21:25 GMT
expires: Thu, 03 Jul 2025 13:21:25 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 268234
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.1337xx.to/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintC4:9C:27:09:1C:F7:14:C9:86:F0:B5:42:0B:8A:D2:AE:5E:AE:98:04
ValidityThu, 13 Jun 2024 16:31:03 GMT - Thu, 05 Sep 2024 16:31:02 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.1337xx.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 04 Jul 2024 12:40:58 GMT
expires: Fri, 04 Jul 2025 12:40:58 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 184261
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET poundswarden.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitnqwi5KIhFxFxQA8K7mz3zPT0jEGiMVkJrklIFL1J%2FerZcmu62qru6dk9LQYk3kYvXnvf7GaJBtE%2FwCC9AQ8LwR1Pe3D%2FCSF4UJEZF0e%2FQ3%2Ff6%2FeKevWqPtvJT0gTOT2%2B%2FK7ZUlrTlbDh11%2F%2BMAgu1NdUko%2Fqo27no077Qt0OX%2Bt1Gv4r9bcl3zArTT%2Fw%2FcAP6qvKytiMVmYkVHq%2FFzR6fqPdbARhGyP7f%2BxyD456EMMTcg5KTJceeueheIVk8N1l6TYyk756ZZBrmhmLodh%2FP9lITJFgsBhj6yFO9k%2FVMO5o9QFMsje3CzP8V8jUlHg%2FPQBL9k9Ngg135z6ZhkzAxFkUwwpSV1C0Aje3ocQRAbjAtetIBnevGVvQzX9YOmOnZOnxb1DFlCz9eh7J4NtLWo3qt4zOM2USh1FcQo0qqH6FND9AtlWDKg7As0%2BhxCOy8ngNyWD3utMGShy%2FFES8wzgLl%2F1ep7nc9n2xzLo8XO50QsG46NCI9eYBKVVBxRW0HIO6GnLnIVce8thDnnoYiOM6D4Ig8gWnfrfHeUtEknWEH9AoDmjgd7rI%2BewMY2TpGFyPwe02UruNDfXFUXgONv8Rbr2EEx5cRjAUJQpJUDiCghIUiqDICIphuSe0a7ryrtAuZ8Fpb572VjkxWX%2BH7pmsLxMCasewotxJT8gz8wz%2F%2BL2ODXlcj0LJIhaHIe20mk3Z9H3alFHc434vjiRlcKqEcjVQ52FLTcmzr19Bqqbkia%2F%2BAqMHcPoAXD0Nmj8PWpSg6yW2kntBqxWNRo3MQJgSabaEbNPb0Sfkufn2b1RPQfLDiz%2BTeYHbEqkt8bF6SNDXdyY3TUF2b5rCke%2Bvp5kaqC06u95bGc3kma%2FfkZuFseLqZTe%2B9yafEbPx%2FnvSZWs0ESrpO%2FLNJSWEtKvGckl%2BuOo%2BkOxG7tYv5TbJ07Ubb61eHaRWOqdMUoGqKSHVJ%2BBqSs7%2B%2BWj%2Bcl%2B0CZStYPMSg%2FyQnBaUOQBPt%2BHShX9nCKxeaFjqocjLiW2yxU%2BtCLRcYMpKuP9gtpgnls5WU1XuuDvo2xpodhvJoMTQlhjqElSP4fIzkyy1hxd%2Fac0LTNcmTNvaLtNWfzmPefZ5Ek4d11u%2BiJiMZcRkO2zHkgsWhsznMWct0e1yZG4af77%2Bwt8AAAD%2F%2FwEAAP%2F%2FDRMoEJMEAAA%3D

172.240.127.234

200 OK

7 B

URL GET HTTP/1.1
poundswarden.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitnqwi5KIhFxFxQA8K7mz3zPT0jEGiMVkJrklIFL1J%2FerZcmu62qru6dk9LQYk3kYvXnvf7GaJBtE%2FwCC9AQ8LwR1Pe3D%2FCSF4UJEZF0e%2FQ3%2Ff6%2FeKevWqPtvJT0gTOT2%2B%2FK7ZUlrTlbDh11%2F%2BMAgu1NdUko%2Fqo27no077Qt0OX%2Bt1Gv4r9bcl3zArTT%2Fw%2FcAP6qvKytiMVmYkVHq%2FFzR6fqPdbARhGyP7f%2BxyD456EMMTcg5KTJceeueheIVk8N1l6TYyk756ZZBrmhmLodh%2FP9lITJFgsBhj6yFO9k%2FVMO5o9QFMsje3CzP8V8jUlHg%2FPQBL9k9Ngg135z6ZhkzAxFkUwwpSV1C0Aje3ocQRAbjAtetIBnevGVvQzX9YOmOnZOnxb1DFlCz9eh7J4NtLWo3qt4zOM2USh1FcQo0qqH6FND9AtlWDKg7As0%2BhxCOy8ngNyWD3utMGShy%2FFES8wzgLl%2F1ep7nc9n2xzLo8XO50QsG46NCI9eYBKVVBxRW0HIO6GnLnIVce8thDnnoYiOM6D4Ig8gWnfrfHeUtEknWEH9AoDmjgd7rI%2BewMY2TpGFyPwe02UruNDfXFUXgONv8Rbr2EEx5cRjAUJQpJUDiCghIUiqDICIphuSe0a7ryrtAuZ8Fpb572VjkxWX%2BH7pmsLxMCasewotxJT8gz8wz%2F%2BL2ODXlcj0LJIhaHIe20mk3Z9H3alFHc434vjiRlcKqEcjVQ52FLTcmzr19Bqqbkia%2F%2BAqMHcPoAXD0Nmj8PWpSg6yW2kntBqxWNRo3MQJgSabaEbNPb0Sfkufn2b1RPQfLDiz%2BTeYHbEqkt8bF6SNDXdyY3TUF2b5rCke%2Bvp5kaqC06u95bGc3kma%2FfkZuFseLqZTe%2B9yafEbPx%2FnvSZWs0ESrpO%2FLNJSWEtKvGckl%2BuOo%2BkOxG7tYv5TbJ07Ubb61eHaRWOqdMUoGqKSHVJ%2BBqSs7%2B%2BWj%2Bcl%2B0CZStYPMSg%2FyQnBaUOQBPt%2BHShX9nCKxeaFjqocjLiW2yxU%2BtCLRcYMpKuP9gtpgnls5WU1XuuDvo2xpodhvJoMTQlhjqElSP4fIzkyy1hxd%2Fac0LTNcmTNvaLtNWfzmPefZ5Ek4d11u%2BiJiMZcRkO2zHkgsWhsznMWct0e1yZG4af77%2Bwt8AAAD%2F%2FwEAAP%2F%2FDRMoEJMEAAA%3D
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://www.1337xx.to/
Certificate
IssuerLet's Encrypt
Subjectpoundswarden.com
FingerprintD6:D6:54:90:D2:B5:83:69:7F:A4:EA:F3:9B:E5:6A:FB:06:2B:EC:4C
ValiditySat, 29 Jun 2024 13:58:02 GMT - Fri, 27 Sep 2024 13:58:01 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitnqwi5KIhFxFxQA8K7mz3zPT0jEGiMVkJrklIFL1J%2FerZcmu62qru6dk9LQYk3kYvXnvf7GaJBtE%2FwCC9AQ8LwR1Pe3D%2FCSF4UJEZF0e%2FQ3%2Ff6%2FeKevWqPtvJT0gTOT2%2B%2FK7ZUlrTlbDh11%2F%2BMAgu1NdUko%2Fqo27no077Qt0OX%2Bt1Gv4r9bcl3zArTT%2Fw%2FcAP6qvKytiMVmYkVHq%2FFzR6fqPdbARhGyP7f%2BxyD456EMMTcg5KTJceeueheIVk8N1l6TYyk756ZZBrmhmLodh%2FP9lITJFgsBhj6yFO9k%2FVMO5o9QFMsje3CzP8V8jUlHg%2FPQBL9k9Ngg135z6ZhkzAxFkUwwpSV1C0Aje3ocQRAbjAtetIBnevGVvQzX9YOmOnZOnxb1DFlCz9eh7J4NtLWo3qt4zOM2USh1FcQo0qqH6FND9AtlWDKg7As0%2BhxCOy8ngNyWD3utMGShy%2FFES8wzgLl%2F1ep7nc9n2xzLo8XO50QsG46NCI9eYBKVVBxRW0HIO6GnLnIVce8thDnnoYiOM6D4Ig8gWnfrfHeUtEknWEH9AoDmjgd7rI%2BewMY2TpGFyPwe02UruNDfXFUXgONv8Rbr2EEx5cRjAUJQpJUDiCghIUiqDICIphuSe0a7ryrtAuZ8Fpb572VjkxWX%2BH7pmsLxMCasewotxJT8gz8wz%2F%2BL2ODXlcj0LJIhaHIe20mk3Z9H3alFHc434vjiRlcKqEcjVQ52FLTcmzr19Bqqbkia%2F%2BAqMHcPoAXD0Nmj8PWpSg6yW2kntBqxWNRo3MQJgSabaEbNPb0Sfkufn2b1RPQfLDiz%2BTeYHbEqkt8bF6SNDXdyY3TUF2b5rCke%2Bvp5kaqC06u95bGc3kma%2FfkZuFseLqZTe%2B9yafEbPx%2FnvSZWs0ESrpO%2FLNJSWEtKvGckl%2BuOo%2BkOxG7tYv5TbJ07Ubb61eHaRWOqdMUoGqKSHVJ%2BBqSs7%2B%2BWj%2Bcl%2B0CZStYPMSg%2FyQnBaUOQBPt%2BHShX9nCKxeaFjqocjLiW2yxU%2BtCLRcYMpKuP9gtpgnls5WU1XuuDvo2xpodhvJoMTQlhjqElSP4fIzkyy1hxd%2Fac0LTNcmTNvaLtNWfzmPefZ5Ek4d11u%2BiJiMZcRkO2zHkgsWhsznMWct0e1yZG4af77%2Bwt8AAAD%2F%2FwEAAP%2F%2FDRMoEJMEAAA%3D HTTP/1.1
Host: poundswarden.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Cookie: u_pl=16578592; uid_id2=17c6bcb5-0962-400d-b8c5-665dbcd6a7b9:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec75eb7bf55a6322e200a2e7f9c09f7eab=[4243976,4243974]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 06 Jul 2024 15:51:59 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 246d98e1ef9ca3469f4176d351661d8f
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET cdn.barscreative1.com/sb/au/24/54/4e/24544ed07f7394384bbb75023b9b0b3a/1591713925.html

45.133.44.3

200 OK

489 B

URL GET HTTP/2
cdn.barscreative1.com/sb/au/24/54/4e/24544ed07f7394384bbb75023b9b0b3a/1591713925.html
IP
45.133.44.3:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1337xx.to/
Certificate
IssuerLet's Encrypt
Subjectcdn.barscreative1.com
Fingerprint08:55:F0:C8:EA:24:54:0D:3C:B9:2C:95:3E:DC:BF:FB:A8:76:BA:BC
ValidityThu, 09 May 2024 03:01:15 GMT - Wed, 07 Aug 2024 03:01:14 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
489 B (489 bytes)
Hash
d0ad675486e71d2572491722d28ce9d9
3dffb067589240dad5167db540b8af1e1f6b3355
c8b69d3ee0e9fbe2d1c5c07bd250ba3d7edf5bf26e3567629e9e332248273daa

HTTP Headers

GET /sb/au/24/54/4e/24544ed07f7394384bbb75023b9b0b3a/1591713925.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 15:51:59 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Sat, 07 May 2022 03:21:27 GMT
etag: W/"6275e5b7-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 06 Jul 2024 16:51:59 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.67

471 B

URL
o.pki.goog/wr2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d83f47ba9561b6178217a580335746ac
acf65c7ae075e3dc994f6fba6f18e04a60c4f2d6
45d25737176ca046e2eb9f24d4775e51db8c469f15289cdb24a9e2f94ccae94b

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 06 Jul 2024 15:52:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET poundswarden.com/pixel/sbs?c=1

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
poundswarden.com/pixel/sbs?c=1
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1337xx.to/
Certificate
IssuerLet's Encrypt
Subjectpoundswarden.com
FingerprintD6:D6:54:90:D2:B5:83:69:7F:A4:EA:F3:9B:E5:6A:FB:06:2B:EC:4C
ValiditySat, 29 Jun 2024 13:58:02 GMT - Fri, 27 Sep 2024 13:58:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: poundswarden.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Cookie: u_pl=16578592; uid_id2=17c6bcb5-0962-400d-b8c5-665dbcd6a7b9:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec75eb7bf55a6322e200a2e7f9c09f7eab=[4243976,4243974]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 06 Jul 2024 15:52:00 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET www.1337xx.to/static/css/style.css?ver=1.0

104.21.11.234

200 OK

120 kB

URL GET HTTP/3
www.1337xx.to/static/css/style.css?ver=1.0
IP
104.21.11.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
FingerprintE7:90:EC:5E:77:06:53:09:72:B0:33:C5:F3:F7:65:BD:95:9C:08:4C
ValidityWed, 08 May 2024 14:05:50 GMT - Tue, 06 Aug 2024 14:05:49 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
120 kB (120065 bytes)
Hash
efa096c74a89ef69e6794f897a030ee5
432d7d07f3b74d09c4ef8fa941be2269ffed9ca5
37ecc5c9a7e635c39388e7af228509833c93f159ad48257c93db45fb7a35d348

HTTP Headers

GET /static/css/style.css?ver=1.0 HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 15:51:57 GMT
content-type: text/css
last-modified: Tue, 07 May 2024 02:10:27 GMT
vary: Accept-Encoding
etag: W/"66398d93-1d501"
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EPlrynNDDCd4hePJSvBVUnmmwzk7hmGzmb%2Ftd1embV9XoSTDcasF5JJRqn8se9UI3yjfhfR5wQf4a354sMvIshUeAL%2FsShhD5ppevIJX0NbTNGzruQL2mWmS6x%2FnLF3O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f0c2577f4d5687-OSL
alt-svc: h3=":443"; ma=86400

GET cdn.cloudimagesb.com/si/05/c8/20/05c820d9ce67af6dea2e5441dbe3e8f9/1683231080.png

45.133.44.10

200 OK

39 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/05/c8/20/05c820d9ce67af6dea2e5441dbe3e8f9/1683231080.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1337xx.to/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC0:36:FD:5D:4E:7E:6F:E0:13:60:82:58:0C:BC:8B:40:A2:6B:2C:22
ValidityTue, 21 May 2024 05:00:31 GMT - Mon, 19 Aug 2024 05:00:30 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
39 kB (39220 bytes)
Hash
6451b63b68b5068db02571051f6f6a30
32badef5d69090b4d2ea7b300bb5264938e198ef
b1b0a314a2d4924b2849fec48b7863ccc68413e58330d99f6ad901bfa6282819

HTTP Headers

GET /si/05/c8/20/05c820d9ce67af6dea2e5441dbe3e8f9/1683231080.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 15:51:59 GMT
content-type: image/png
content-length: 39220
server: nginx/1.21.6
last-modified: Thu, 04 May 2023 20:11:29 GMT
etag: "64541171-9934"
expires: Mon, 08 Jul 2024 15:51:59 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET prizegrantedrevision.com/bd/6c/33/bd6c3375a35d155e03aef20bbbe563ea.js

192.243.61.227

200 OK

84 kB

URL GET HTTP/1.1
prizegrantedrevision.com/bd/6c/33/bd6c3375a35d155e03aef20bbbe563ea.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1337xx.to/
Certificate
IssuerLet's Encrypt
Subjectprizegrantedrevision.com
Fingerprint5F:C5:D0:43:5E:AC:33:8D:4C:FF:EA:5C:F4:01:E5:18:3B:69:A6:13
ValidityMon, 03 Jun 2024 08:43:11 GMT - Sun, 01 Sep 2024 08:43:10 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
84 kB (84187 bytes)
Hash
023401ad91d739294bbcc0eebab83c3e
d90386b55833f0d7cfd551bb98c04287720152ff
4b45abd6ee016e882b2f0c75d495204eb369d5dd01a456c15ce9bd1fda8f2b4c

HTTP Headers

GET /bd/6c/33/bd6c3375a35d155e03aef20bbbe563ea.js HTTP/1.1
Host: prizegrantedrevision.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 06 Jul 2024 15:51:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 979ff23a02bd5b8dc34d77466010a042
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET recordedthereby.com/sfp.js

188.114.96.1

200 OK

85 kB

URL GET HTTP/2
recordedthereby.com/sfp.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectrecordedthereby.com
FingerprintA3:3F:9B:AE:CF:C6:1B:C3:8B:FC:65:01:2F:06:6A:22:60:3C:8E:AF
ValidityWed, 08 May 2024 14:16:18 GMT - Tue, 06 Aug 2024 14:16:17 GMT

File type

Size
85 kB (85378 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 15:51:58 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache, max-age=0, private, no-cache
x-request-id: b0b553352bdbaea86c551c7022fbd6ee
pragma: no-cache
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HL6hlFgLu2F%2BrfnhNGr8sCIJvjOBJAfNZOOF6fJcQ647S%2FskJX7NfxyQpVLogYyvLRB7WrMWEjr5jddn8qFRBgqiOdikIYXmfK6PL4zkXFPbh06p95uQRUUTWEZnwuff1vhc6jUb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f0c25bbd330b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.1337xx.to/

104.21.11.234

200 OK

6.1 kB

URL User Request GET HTTP/3
www.1337xx.to/
IP
104.21.11.234:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
FingerprintE7:90:EC:5E:77:06:53:09:72:B0:33:C5:F3:F7:65:BD:95:9C:08:4C
ValidityWed, 08 May 2024 14:05:50 GMT - Tue, 06 Aug 2024 14:05:49 GMT

File type
HTML document, ASCII text, with very long lines (6648), with no line terminators
Size
6.1 kB (6091 bytes)
Hash
ca6d8881050eadde10d88594d8343d8d
f2ef36a270cb05c3a61107804ffce87648ba3fa3
8ef2c7930970a6d64b880a058160051195f0a98b225156c38908bb5e7edf7c91

HTTP Headers

GET / HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 15:51:57 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/5.4.45
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CTTVJRYu8jO%2Fg6ReYdg%2BvTTof%2BDQG%2FPzxgtz0WRCVR4xkXpSZN9zIVInDzWse4%2FX9NzygvwjAekS54K5wWxr3%2FOuRwVnDINCeeHXEO8umPZrN1%2FDFYJfZI45D0dFlGpR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f0c254c9c55687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET www.1337xx.to/favicon.ico

104.21.11.234

200 OK

1.2 kB

URL GET HTTP/3
www.1337xx.to/favicon.ico
IP
104.21.11.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
FingerprintE7:90:EC:5E:77:06:53:09:72:B0:33:C5:F3:F7:65:BD:95:9C:08:4C
ValidityWed, 08 May 2024 14:05:50 GMT - Tue, 06 Aug 2024 14:05:49 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
769362362d52b0cfc3271ecb6dec43fb
9df2439bce4e08d28c14c37cd2f74fc678465b23
7d524db2f0ca2d20b89f7f197110cb9a5bbaea45b19939dc6e30dc366d20eb61

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=17c6bcb5-0962-400d-b8c5-665dbcd6a7b9%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 15:51:58 GMT
content-type: image/x-icon
last-modified: Tue, 07 May 2024 02:07:02 GMT
etag: W/"66398cc6-47e"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AZwL%2FkoDEG7%2F84X10uv7%2BN%2F%2BECNzszwsZ1ztApMCbLF4%2F74e3gjzS1ub5IzqaDjSv0z9JUlC%2B6x4cljXfC3EO7IjyUD4d%2F6jrsKMR4neMWboyUabG3gAe4CtJIe%2FY0o3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f0c25e4c625687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET www.1337xx.to/static/js/main.js?v=1

104.21.11.234

200 OK

1.6 kB

URL GET HTTP/3
www.1337xx.to/static/js/main.js?v=1
IP
104.21.11.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
FingerprintE7:90:EC:5E:77:06:53:09:72:B0:33:C5:F3:F7:65:BD:95:9C:08:4C
ValidityWed, 08 May 2024 14:05:50 GMT - Tue, 06 Aug 2024 14:05:49 GMT

File type
JavaScript source, ASCII text, with very long lines (1671), with no line terminators
Size
1.6 kB (1598 bytes)
Hash
11a1a63e427b7ab6d352cbbcd95a0212
7f536d62aa3960d71ae17563ca9ad3a77751c7e8
d7300298cf56ea4a623b86c74c268ecd0a3080807e6e44e11f87fe731ee785e6

HTTP Headers

GET /static/js/main.js?v=1 HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 15:51:57 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2024 02:11:07 GMT
vary: Accept-Encoding
etag: W/"66398dbb-63e"
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BpOoTeNBlcPP2cE6b6tfC8kB1txEohW8Sp8diZVs6wMAySVJFezYkj3WNo6S6QmshnO9QfAMfSMcOlyK8KCg%2BwcnjxaSOIJuFf3vNJyAhoHS69INWU6heWRZnVR%2BVoOz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f0c2578f6d5687-OSL
alt-svc: h3=":443"; ma=86400

GET recordedthereby.com/sfp.js

188.114.96.1

200 OK

85 kB

URL GET HTTP/2
recordedthereby.com/sfp.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectrecordedthereby.com
FingerprintA3:3F:9B:AE:CF:C6:1B:C3:8B:FC:65:01:2F:06:6A:22:60:3C:8E:AF
ValidityWed, 08 May 2024 14:16:18 GMT - Tue, 06 Aug 2024 14:16:17 GMT

File type

Size
85 kB (85378 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 15:51:58 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache, max-age=0, private, no-cache
x-request-id: 69c2a5bab7717e9f0839413f302d2887
pragma: no-cache
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JBe%2F5qT8Il6EsqN%2F94A24%2F0VA8zUfFSl9NjjULfhaAnOwqZCLp%2BX8QSg6ACQxJa6w9Lw4xWxmdn%2BaqIF5tMn%2B2Xa9DgaJqhPl7F%2B3cV7QdAPsbAHsJV7lW5pTiVRWEFrKuaC79g4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f0c25bad0e0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

200 OK

7.0 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.1337xx.to/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintC7:12:52:3A:BD:E0:73:20:AD:A8:5F:DF:12:DB:C6:DE:AF:63:88:6B
ValidityThu, 13 Jun 2024 16:32:33 GMT - Thu, 05 Sep 2024 16:32:32 GMT

File type
ASCII text, with very long lines (7193), with no line terminators
Size
7.0 kB (7004 bytes)
Hash
16b49a99486594c0b42d9bd7821deb2c
2fb46e5e86d6b37d4497cc04bfd89b3cb33a276a
3f3540952441e06ef81189cf63d46bac242804e386779dbb0cdd78ed10025c21

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 06 Jul 2024 15:51:59 GMT
date: Sat, 06 Jul 2024 15:51:59 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET poundswarden.com/pixel/sbls?bv=24.22.2032&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fdating%2Fdefault%2Fus%2Fdesk-all%2Fjs%2Fscript.js&l=386&fd=79

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
poundswarden.com/pixel/sbls?bv=24.22.2032&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fdating%2Fdefault%2Fus%2Fdesk-all%2Fjs%2Fscript.js&l=386&fd=79
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1337xx.to/
Certificate
IssuerLet's Encrypt
Subjectpoundswarden.com
FingerprintD6:D6:54:90:D2:B5:83:69:7F:A4:EA:F3:9B:E5:6A:FB:06:2B:EC:4C
ValiditySat, 29 Jun 2024 13:58:02 GMT - Fri, 27 Sep 2024 13:58:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=24.22.2032&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fdating%2Fdefault%2Fus%2Fdesk-all%2Fjs%2Fscript.js&l=386&fd=79 HTTP/1.1
Host: poundswarden.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Cookie: u_pl=16578592; uid_id2=17c6bcb5-0962-400d-b8c5-665dbcd6a7b9:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec75eb7bf55a6322e200a2e7f9c09f7eab=[4243976,4243974]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 06 Jul 2024 15:51:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/js/script.js

104.21.70.253

200 OK

386 B

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/js/script.js
IP
104.21.70.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/
Certificate
IssuerGoogle Trust Services
Subjectcreative-bars1.com
FingerprintD1:9B:13:19:76:51:03:81:CE:A7:79:69:01:B6:C9:CF:FF:78:92:61
ValidityThu, 13 Jun 2024 14:42:47 GMT - Wed, 11 Sep 2024 14:42:46 GMT

File type
ASCII text, with very long lines (399), with no line terminators
Size
386 B (386 bytes)
Hash
022602a468da44628060800173771da2
9be813fbfebbcb2aa46d8c6b8abec68b3d16c89c
6742c376e658c34d09b2dc5772bd798e3cd52bb265758bac5bce184f8ee7b5cc

HTTP Headers

GET /sb/notifications/dating/default/us/desk-all/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 15:51:59 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:23:50 GMT
etag: W/"65aa85f6-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2003982
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yslVNoby6AzShsBL1QMmCLMV%2B8A67mxXrOOGMQdZUmtsJxKZ3%2FdcKi8mCPKHEG3zAkHRuxCpN0Zafx%2BXXFovOzI7CqGieL3PKkpr9f4D6Dvk4KEsKIPcTBx%2BpkjjH2SqqFTk3WAFjd%2B3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f0c2642ceb56c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/img/close.png

104.21.70.253

200 OK

4.0 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/img/close.png
IP
104.21.70.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/
Certificate
IssuerGoogle Trust Services
Subjectcreative-bars1.com
FingerprintD1:9B:13:19:76:51:03:81:CE:A7:79:69:01:B6:C9:CF:FF:78:92:61
ValidityThu, 13 Jun 2024 14:42:47 GMT - Wed, 11 Sep 2024 14:42:46 GMT

File type
PNG image data, 500 x 500, 8-bit gray+alpha, non-interlaced
Size
4.0 kB (4022 bytes)
Hash
23e9690b0e7ac26868363a6248f44467
d7ad0eae64e0c1e65b12eda0aa9d2b91996dd64f
f362c67320d739ccf3bea21f857b9620075bd20ceacda8c51261b9612fe28395

HTTP Headers

GET /sb/notifications/dating/default/us/desk-all/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 15:51:59 GMT
content-type: image/png
content-length: 4022
last-modified: Fri, 19 Jan 2024 14:23:50 GMT
etag: "65aa85f6-fb6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2004674
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FlzdRGcslRzEmANeVKR3ghtpYWmSsVXflRZhgEmvggvB5GDFxXxyoVwqhTI6hQj%2BH7i%2FqN0T0Zwxi6%2B1vm0oApat3Wy8Y1JGXi3Df56szHwYnhixRakEGrgyzCnSOBcI7Shwzq8RgsIS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f0c2652efc0b69-OSL
alt-svc: h3=":443"; ma=86400

GET www.1337xx.to/static/images/logo.svg

104.21.11.234

200 OK

4.0 kB

URL GET HTTP/3
www.1337xx.to/static/images/logo.svg
IP
104.21.11.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
FingerprintE7:90:EC:5E:77:06:53:09:72:B0:33:C5:F3:F7:65:BD:95:9C:08:4C
ValidityWed, 08 May 2024 14:05:50 GMT - Tue, 06 Aug 2024 14:05:49 GMT

File type
SVG Scalable Vector Graphics image
Size
4.0 kB (3988 bytes)
Hash
7ad8a17064571d19b20ad2aa318d97c9
e4e416920d107269697cf9bb12677997aefd58f2
d15f260bd32ff788ba0770c8b8e9d4288491379d30200fddbf2e036c13eb1477

HTTP Headers

GET /static/images/logo.svg HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 15:51:57 GMT
content-type: image/svg+xml
last-modified: Tue, 07 May 2024 02:10:53 GMT
etag: W/"66398dad-f94"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SrITmkShRA2hozAH3X%2F3wx%2BA0X3EYlRU6Q9IcY54m7IhHURBogcMfl0gesg4h248Mw2Sa9aqG8aBNYb4t0vL%2FUdL00WfkLjE3tXYKmay6tbpge0cceeerwEqnBjyObb0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f0c2577f535687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET criticizewiggle.com/pixel/purst?dl=0&th=0&sc=0&rs=1263&rd=1263&fd=643&bv=24.5.8230&tmpl=70

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
criticizewiggle.com/pixel/purst?dl=0&th=0&sc=0&rs=1263&rd=1263&fd=643&bv=24.5.8230&tmpl=70
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1337xx.to/
Certificate
IssuerLet's Encrypt
Subjectcriticizewiggle.com
Fingerprint4A:56:DA:49:AB:2A:B0:0C:A2:D4:F9:93:0A:4F:55:BC:72:7A:01:67
ValiditySat, 29 Jun 2024 08:24:36 GMT - Fri, 27 Sep 2024 08:24:35 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1263&rd=1263&fd=643&bv=24.5.8230&tmpl=70 HTTP/1.1
Host: criticizewiggle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 06 Jul 2024 15:51:58 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET www.1337xx.to/static/css/icons.css

104.21.11.234

200 OK

8.3 kB

URL GET HTTP/3
www.1337xx.to/static/css/icons.css
IP
104.21.11.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1337xx.to/
Certificate
IssuerGoogle Trust Services LLC
Subject1337xx.to
FingerprintE7:90:EC:5E:77:06:53:09:72:B0:33:C5:F3:F7:65:BD:95:9C:08:4C
ValidityWed, 08 May 2024 14:05:50 GMT - Tue, 06 Aug 2024 14:05:49 GMT

File type
ASCII text, with very long lines (8886), with no line terminators
Size
8.3 kB (8333 bytes)
Hash
03a7d25cbaa604c87875716deeb2da04
c47032142d8a0d788df4b96cdeb522add38e3c66
59996ec83d1cd237295189dd8f91492e20f689f61ed374fdf95859f9c740937f

HTTP Headers

GET /static/css/icons.css HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 15:51:57 GMT
content-type: text/css
last-modified: Tue, 07 May 2024 02:10:24 GMT
vary: Accept-Encoding
etag: W/"66398d90-208d"
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i7X7X0gDl0XSDPfyWdpwq1ikTwYk5Y7fj2uq3x3RW%2FDvVj0LMWDwqy5eTiB92XX0Q%2FPagrtM91BRPfPCQN7vMnHaZVgPfQs0oQF4hQSdS8cg8D8p1tPrhUDoWzz2Q8ms"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f0c2577f4a5687-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash