{"report_id":"ac807351-c84d-4cd5-9642-9bfbe6ba4066","version":6,"status":"done","tags":[],"date":"2025-09-28T10:31:39Z","url":{"schema":"http","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"title":"(1) New Message!"},"submit":{"url":{"schema":"http","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-02T10:31:39Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":43}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"vmuid.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"x3os.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"bunkersparring.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"bunkersparring.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"bunkersparring.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"bunkersparring.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"wrathypenitis.help","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"wrathypenitis.help","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"wrathypenitis.help","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"wrathypenitis.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"gridesaphids.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"alarbus.nutmeatdruxy.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"alarbus.nutmeatdruxy.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"alarbus.nutmeatdruxy.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"alarbus.nutmeatdruxy.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"qo.caromedlusk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"qo.caromedlusk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"qo.caromedlusk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.storageimagedisplay.com","ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2024-09-13","domain_rank":170153,"first_seen":"2024-09-13T12:56:32Z","last_seen":"2025-09-21T22:22:39.032263Z","alert_count":0,"request_count":4,"received_data":306864,"sent_data":1865,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.show-sb.com","ip":{"addr":"172.67.170.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-08-20","domain_rank":187612,"first_seen":"2024-08-31T03:46:04Z","last_seen":"2025-09-22T00:32:44.591601Z","alert_count":3,"request_count":3,"received_data":6481,"sent_data":1554,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"i.ibb.co","ip":{"addr":"108.181.22.211","port":443,"asn":40676,"as":"AS40676","country":"United States","country_code":"US"},"domain_registered":"2010-07-20","domain_rank":21643,"first_seen":"2018-11-25T10:13:48Z","last_seen":"2025-09-21T22:41:34.619298Z","alert_count":0,"request_count":1,"received_data":5916,"sent_data":450,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"heartilyscales.com","ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2022-12-16","domain_rank":2862533,"first_seen":"2022-12-16T08:32:11Z","last_seen":"2025-09-22T02:46:06.204288Z","alert_count":27,"request_count":9,"received_data":174364,"sent_data":10494,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"xml.pushub.net","ip":{"addr":"173.239.53.32","port":443,"asn":27257,"as":"WEBAIR-INTERNET","country":"United States","country_code":"US"},"domain_registered":"2020-09-29","domain_rank":475069,"first_seen":"2020-10-13T23:37:37Z","last_seen":"2025-09-22T03:25:38.962963Z","alert_count":0,"request_count":1,"received_data":641,"sent_data":656,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"xml-v4.pushub.net","ip":{"addr":"173.239.53.32","port":443,"asn":27257,"as":"WEBAIR-INTERNET","country":"United States","country_code":"US"},"domain_registered":"2020-09-29","domain_rank":230560,"first_seen":"2022-11-09T14:39:51Z","last_seen":"2025-09-23T02:04:30.887282Z","alert_count":0,"request_count":2,"received_data":5077,"sent_data":932,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"wrathypenitis.help","ip":{"addr":"212.117.186.92","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"domain_registered":"2025-07-21","domain_rank":0,"first_seen":"2025-08-21T05:46:19.017165Z","last_seen":"2025-09-22T06:35:16.551049Z","alert_count":8,"request_count":2,"received_data":1101,"sent_data":1165,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"kettledroopingcontinuation.com","ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":196057,"first_seen":"2025-07-30T15:18:19.355595Z","last_seen":"2025-09-21T22:22:39.296021Z","alert_count":28,"request_count":14,"received_data":20644,"sent_data":7963,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"professionaltrafficmonitor.com","ip":{"addr":"3.123.144.251","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2025-01-23","domain_rank":16376,"first_seen":"2025-01-25T08:56:07.448138Z","last_seen":"2025-09-21T22:22:39.297989Z","alert_count":0,"request_count":4,"received_data":1740,"sent_data":1900,"comment":"","tags":null,"fingerprints":null},{"fqdn":"torrentdownloads.rutor.app","ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-10-27","domain_rank":0,"first_seen":"2025-09-28T10:31:40.839706Z","last_seen":"2025-09-28T10:31:40.839706Z","alert_count":128,"request_count":64,"received_data":324842,"sent_data":36313,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:1.9.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]}]},{"fqdn":"creative-sb1.com","ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-01","domain_rank":22211,"first_seen":"2025-08-08T09:32:32.509707Z","last_seen":"2025-09-22T00:32:44.332817Z","alert_count":30,"request_count":15,"received_data":522531,"sent_data":7054,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"weirdopt.com","ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":37519,"first_seen":"2025-07-08T12:55:47.272157Z","last_seen":"2025-09-24T10:30:27.617469Z","alert_count":4,"request_count":2,"received_data":754,"sent_data":858,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"bunkersparring.shop","ip":{"addr":"94.242.236.150","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"domain_registered":"2025-05-15","domain_rank":187180,"first_seen":"2025-07-22T08:24:24.149351Z","last_seen":"2025-09-23T09:32:45.279916Z","alert_count":8,"request_count":2,"received_data":3004,"sent_data":2775,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"brewed.grasnibrowsed.shop","ip":{"addr":"23.109.170.198","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-09-28T10:31:40.828925Z","last_seen":"2025-09-28T10:31:40.828925Z","alert_count":0,"request_count":4,"received_data":3396,"sent_data":2737,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"static.pushub.net","ip":{"addr":"2.23.13.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2020-09-29","domain_rank":467015,"first_seen":"2020-10-22T20:51:11Z","last_seen":"2025-09-22T05:42:10.492545Z","alert_count":0,"request_count":2,"received_data":18474,"sent_data":987,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"gridesaphids.shop","ip":{"addr":"172.255.103.8","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-09-26T10:00:51.982342Z","last_seen":"2025-09-26T10:00:51.982342Z","alert_count":1,"request_count":1,"received_data":584,"sent_data":482,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"torchfriendlypay.com","ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":191479,"first_seen":"2025-07-30T13:31:49.539518Z","last_seen":"2025-09-21T22:51:10.503656Z","alert_count":3,"request_count":1,"received_data":7138,"sent_data":464,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"static.cloudflareinsights.com","ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-08-30","domain_rank":4073,"first_seen":"2019-09-24T14:34:56Z","last_seen":"2025-09-21T22:13:28.585612Z","alert_count":0,"request_count":1,"received_data":20344,"sent_data":530,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"bvtpk.com","ip":{"addr":"104.21.5.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-03-16","domain_rank":37068,"first_seen":"2025-05-21T11:34:02.786268Z","last_seen":"2025-09-23T14:20:40.270423Z","alert_count":0,"request_count":1,"received_data":111093,"sent_data":419,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"origunix.com","ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2021-11-30","domain_rank":343993,"first_seen":"2021-11-30T12:40:27Z","last_seen":"2025-09-23T05:10:19.397688Z","alert_count":0,"request_count":1,"received_data":64541,"sent_data":459,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"directlycascade.com","ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-09-10","domain_rank":0,"first_seen":"2025-09-10T21:14:18.585097Z","last_seen":"2025-09-22T02:46:05.296137Z","alert_count":12,"request_count":6,"received_data":186374,"sent_data":5863,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":20606,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2025-09-24T04:23:33.461221Z","alert_count":12,"request_count":4,"received_data":343852,"sent_data":1696,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"msdoj.com","ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2025-07-01","domain_rank":211684,"first_seen":"2025-07-02T02:58:17.140394Z","last_seen":"2025-09-22T02:46:06.324991Z","alert_count":0,"request_count":2,"received_data":64929,"sent_data":993,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-09-21T22:11:31.014241Z","alert_count":0,"request_count":11,"received_data":401365,"sent_data":6208,"comment":"","tags":null,"fingerprints":null},{"fqdn":"push-sdk.com","ip":{"addr":"157.90.33.121","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2022-10-25","domain_rank":36212,"first_seen":"2022-12-23T14:43:48Z","last_seen":"2025-09-22T02:04:29.340047Z","alert_count":0,"request_count":2,"received_data":56079,"sent_data":916,"comment":"","tags":null,"fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2025-09-21T22:13:29.38864Z","alert_count":0,"request_count":1,"received_data":93615,"sent_data":455,"comment":"","tags":null,"fingerprints":null},{"fqdn":"alarbus.nutmeatdruxy.shop","ip":{"addr":"172.255.103.170","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-08-22T19:23:47.470366Z","last_seen":"2025-09-27T05:12:33.85324Z","alert_count":12,"request_count":3,"received_data":101997,"sent_data":4697,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"my.rtmark.net","ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-10-29","domain_rank":43911,"first_seen":"2015-02-04T09:54:57Z","last_seen":"2025-09-21T23:59:49.858604Z","alert_count":0,"request_count":1,"received_data":849,"sent_data":459,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"skinnycrawlinglax.com","ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":38609,"first_seen":"2025-07-09T22:28:05.771371Z","last_seen":"2025-09-22T00:32:43.866153Z","alert_count":6,"request_count":2,"received_data":7659,"sent_data":977,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"x3os.com","ip":{"addr":"139.45.196.64","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2021-03-18","domain_rank":19468,"first_seen":"2025-04-24T02:39:31.647355Z","last_seen":"2025-09-22T04:53:37.293945Z","alert_count":1,"request_count":1,"received_data":841,"sent_data":616,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"vmuid.com","ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2018-10-22","domain_rank":182910,"first_seen":"2019-07-09T14:53:12Z","last_seen":"2025-09-22T20:25:15.445431Z","alert_count":2,"request_count":2,"received_data":11214,"sent_data":1053,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"matomo.hellohi.me","ip":{"addr":"172.67.219.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-07-03","domain_rank":0,"first_seen":"2019-07-03T20:13:04Z","last_seen":"2025-09-22T02:46:05.591533Z","alert_count":0,"request_count":1,"received_data":599,"sent_data":426,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"flushpersist.com","ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-07-01","domain_rank":23810,"first_seen":"2025-07-08T10:43:12.76905Z","last_seen":"2025-09-24T00:30:12.938789Z","alert_count":6,"request_count":3,"received_data":1592,"sent_data":2334,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-09-21T22:11:31.798564Z","alert_count":0,"request_count":4,"received_data":75450,"sent_data":1834,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"qo.caromedlusk.com","ip":{"addr":"23.109.170.253","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-09-16","domain_rank":0,"first_seen":"2025-09-25T23:51:35.023997Z","last_seen":"2025-09-25T23:51:35.023997Z","alert_count":3,"request_count":1,"received_data":164477,"sent_data":439,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"eb06b7cd07bbad20db07ff7ea362131f","sha1":"5745cf51ccf9311b61248a2085efe69051a0d2dd","sha256":"8a4f16a294032f5de4e8e1b2939ca77f9aef93370ea52b9f07cbc7eb96be47dc","sha512":"2401bccab21e866893d0a74e014bcf147d9eb292cdeb9f0633be311c21ec6c14d03945988a0fb7422f09918b39b7551ce7b7a91fff3ecc662195497cc69489b7","ssdeep":"192:JMoRVi0VKp+kpvHCmUJcKuPKy+9KUWWuBHgxCpCJnLCn8Nrova7xCQAMdXcJoOZr:9Vi0VKp+kpvHCmU6KuPKN9KU8yM1lSOZ","tlshash":"6722e7ca7d4cf92c020839c405efb7d71370fd917c8aa944639179a47e30b95ba8ad8e","size":10116,"data":"","first_seen":"2025-09-28T09:46:38.662837Z","last_seen":"2025-09-28T10:31:49.091925Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4a356126b9573eb7bd1e9a7494737410","sha1":"8258d046f17dd3c15a5d3984e1868b7b5d1db329","sha256":"22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5","sha512":"005c3102459dbf145df6a858629d6a6de4598fafe24cd989d86170731b0c3b3c304da470cf66bfd935f6db911b723df0857b5ed561906f7f1c5c4e63ed9430de","ssdeep":"1536:/P10iSi65U/dXXeyhzeBuG+HYE0mdkuJO1z6Oy4sh3J1A72BjmN7TwpDKba98HrZ:++414Jiz6fh6lTqya98HrZ","tlshash":"dc83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","size":84380,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-04T10:53:20.244551Z","times_seen":15945,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9fda1724412fd3c8db9942aa6e8e3deb","sha1":"539eed6112906a989e297d5d51c98af3dff08f2f","sha256":"3ddb9787e2d99f63e1c8169da967fa7b50e0baebb523aae738ff38899d2eaf7c","sha512":"1b6fe4694f5e61f4c298e0bf7d632c31df118d987b1643004ec2149ddf468e65c858fab779d5af8c0a9cb8941216cd977497c32351aef1cc3878796054f18158","ssdeep":"","tlshash":"c1e02e59a47301e042bba05ec30b232310a3f2833940d4d8ba8cef000f2ab228e9a1c8","size":294,"data":"","first_seen":"2024-01-26T23:16:31Z","last_seen":"2026-04-03T11:08:00.008086Z","times_seen":1765,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9fda1724412fd3c8db9942aa6e8e3deb","sha1":"539eed6112906a989e297d5d51c98af3dff08f2f","sha256":"3ddb9787e2d99f63e1c8169da967fa7b50e0baebb523aae738ff38899d2eaf7c","sha512":"1b6fe4694f5e61f4c298e0bf7d632c31df118d987b1643004ec2149ddf468e65c858fab779d5af8c0a9cb8941216cd977497c32351aef1cc3878796054f18158","ssdeep":"","tlshash":"c1e02e59a47301e042bba05ec30b232310a3f2833940d4d8ba8cef000f2ab228e9a1c8","size":294,"data":"","first_seen":"2024-01-26T23:16:31Z","last_seen":"2026-04-03T11:08:00.008086Z","times_seen":1765,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","size":6293,"data":"","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:srcdoc#235","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"9d40b3845c65a3dbe442b2bd2e0386dd","sha1":"18ab1298f3b9d777d93b594a2022f94d01361c3a","sha256":"c054a3df98d016e124ebf9430458e23845d4df2676c090addc6f14afcbaa6405","sha512":"95cf43c90a8540261d24bdc53012d008820e38bde46a342bbbeecc5dabd0942c6676a0b794bed870f574555b77d5ac30477294f4cd14fe2306b7ea93c9fac5ad","ssdeep":"","tlshash":"7711be0fec3e541a81b7e27abf57b220d4b1526be102a4003b0d4fcd1fa128a956c78c","size":865,"data":"","first_seen":"2025-09-27T20:52:52.283902Z","last_seen":"2025-10-06T11:45:17.795252Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"61fa153f2827c887a48a351ae3c6cfd3","sha1":"5fbd02245cf700ea94d638c8d76924ecca52d330","sha256":"4c44d7c28ec0f6ca3e2624c6af1d3be324576d01ef6f6c2dc0af7e61664b8c2c","sha512":"cbe467dc51f0eec90d8b40bc35a1a0eb2c320ac67cc022c518b431987fa05a3d565f793c377d5f33a612555ad4d7ad66acfb4b47ba6323da26db293f095257d8","ssdeep":"","tlshash":"c650000003000000030c0000c000000000000003000030c000c0000000000000000000","size":8,"data":"","first_seen":"2023-03-07T01:03:50Z","last_seen":"2026-04-04T10:33:38.557334Z","times_seen":18605,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/big1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4a356126b9573eb7bd1e9a7494737410","sha1":"8258d046f17dd3c15a5d3984e1868b7b5d1db329","sha256":"22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5","sha512":"005c3102459dbf145df6a858629d6a6de4598fafe24cd989d86170731b0c3b3c304da470cf66bfd935f6db911b723df0857b5ed561906f7f1c5c4e63ed9430de","ssdeep":"1536:/P10iSi65U/dXXeyhzeBuG+HYE0mdkuJO1z6Oy4sh3J1A72BjmN7TwpDKba98HrZ:++414Jiz6fh6lTqya98HrZ","tlshash":"dc83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","size":84380,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-04T10:53:20.244551Z","times_seen":15945,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"61fa153f2827c887a48a351ae3c6cfd3","sha1":"5fbd02245cf700ea94d638c8d76924ecca52d330","sha256":"4c44d7c28ec0f6ca3e2624c6af1d3be324576d01ef6f6c2dc0af7e61664b8c2c","sha512":"cbe467dc51f0eec90d8b40bc35a1a0eb2c320ac67cc022c518b431987fa05a3d565f793c377d5f33a612555ad4d7ad66acfb4b47ba6323da26db293f095257d8","ssdeep":"","tlshash":"c650000003000000030c0000c000000000000003000030c000c0000000000000000000","size":8,"data":"","first_seen":"2023-03-07T01:03:50Z","last_seen":"2026-04-04T10:33:38.557334Z","times_seen":18605,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ffcc60eec79420f99a2eacf64a2c5a4c","sha1":"a1362fc1f4acb9bd3e2cd5746cec152d14213af0","sha256":"5d5eb37b3f6ed6bf8154e918b233309fc8d77c3236de2332b6a44f0f2273a45f","sha512":"e8438ff744c63ede44f6699c3c9f76bf76d28755bb084d15bd536cadf9cbf2b1850ff3cdba14712819b96ab4b559219b256e0601bbb2cfb0f6231c8a5229eb46","ssdeep":"","tlshash":"6201f91e2317b235117731caab17911c28719057a280c08cb78c562a8fb5fafd6df699","size":713,"data":"","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.915329Z","times_seen":36,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"directlycascade.com/22/00/54/2200540f09f939738419313a1a090c32.js","fqdn":"directlycascade.com","domain":"directlycascade.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9707571ccac614022af56c1d55e06e9e","sha1":"04424a87332733f1cb6ed022d91da4d7bf1431f5","sha256":"53fb5ff7064391d69da3963ef817e8a2292e95f237d57980b865a5c315953963","sha512":"7688a7c2bdfe8238f3e7bef9f904b61b8b875594185d507eb236a958e7bbb5bc7755d41885a0f3603d09545652b4cb2d102e82f861076ba5b1a9765d5a959df8","ssdeep":"1536:l0xlYxhNnfI+veOOoJm+h1eE6eunK1lz2N9QeK22uLPmmrDfYpDkUeDCoxbp3pka:fxKoJSnxKI36WX","tlshash":"a9a3e9983b50f0bc02a674f9362f7906e064ce6160ccd668d507fca86b7975bf439e29","size":97965,"data":"","first_seen":"2025-09-26T15:59:14.087316Z","last_seen":"2025-10-03T01:45:29.140138Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"5eb560733706bf9592e0bdfbc7c5290f","sha1":"73a5485d9dc8bb9c7e9f6660649fef5dd58950f2","sha256":"f986e583dee45be77e358dd8dd80a9da4b83efec637302b1d097a8596328c17d","sha512":"fd031dff21d01b0828b1b923e1429aae159c526be2087ae41ad89fc4bc29078dcb20975f0636719b24790ece65f83b8d064da4789c9cde81939ecf2fe9c9b445","ssdeep":"","tlshash":"15a02280ac8830b82ba0ca0000332b22232080808c0a0080c0a000023c0808ee0b8e32","size":64,"data":"","first_seen":"2025-04-16T21:10:00.062166Z","last_seen":"2026-02-19T06:00:31.910028Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"f69a531739414e00c5e65b4f945cc614","sha1":"b11bac45b403c8f2e8a0e99a3e8219596c8b16b6","sha256":"aee1e5c519fc1c609dd11e2359ea09f39ca83d5d1905fe9c8b1334e0d67702a4","sha512":"487c8a478ff3c8b9b8aea85a08cc4732009efdcda96bb7ff9958aeccc6f8fac89757bcea53c87114ccb2aba9cd12033df74824fa832013a26a14443ac9e4d7e6","ssdeep":"","tlshash":"c6b01254086970f802125204913237516714914488123490c01440392ccc885e066a01","size":90,"data":"","first_seen":"2025-04-16T21:10:00.062956Z","last_seen":"2026-02-19T06:00:31.912739Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","size":6293,"data":"","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d0ea6476910df0cc92e1cf2b06ff069e","sha1":"67da09199c25e07d79e50573803fdbc8a2073fd3","sha256":"3899b9d544e036c688a5072b6aec34eca74acddd70ef28331f041ef331ff3981","sha512":"c5e3f4f0c6a7a7a511a842cac76f61923135686ab4d51b6e5e217451e04cb5d0fc47ea16b15067bee793f6c391005e71ba4bb1612d17a34d2f386b5960ca14c6","ssdeep":"768:mpCxicwKzukjCm/hYE4JoYC3ouzBGXDnwrHpSFXcdDqxv1l2qo0uw7T3SPGw6UX/:mppUCQ37swT0Rcd+9keSPj3yY","tlshash":"bb73ea4c3f95f1ad13a26073222f941bf12a1d51b06cf8c8d253e8bc6eb9769b536b14","size":76351,"data":"","first_seen":"2025-09-27T03:00:11.89033Z","last_seen":"2025-10-08T07:17:41.062037Z","times_seen":40,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8","fqdn":"origunix.com","domain":"origunix.com","tld":"com"},"ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"a6818af574b09b606912d1552f00150b","sha1":"ec7e9892d13f76f1bf4a616d28cdab9e9adf1446","sha256":"5256b61784a6b006b7431a7619e10d5d757f070e3f47825fc1fecfccb2866da7","sha512":"54c35593c6646c223fcb122bf8b120013883e6c93ff397462271594bbd39a8e870ad250b35454ed939953e34b1d455ae9dda4b86426273ee314f69b30f9af7c4","ssdeep":"768:hCflSCRC850RCX+4D+R8WyX+86wA6C8CflJu4sTJ+zaXeXgtA9zk4sTJ+HXJpZ6U:qvV50gPowAzJfTqEF","tlshash":"b053d698b5d2f1a102c370b8543f6106b2366929248dc098f7b5ded5ad78d6ea633f3c","size":64136,"data":"","first_seen":"2025-09-28T10:31:49.117287Z","last_seen":"2025-09-28T10:31:49.117287Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"61fa153f2827c887a48a351ae3c6cfd3","sha1":"5fbd02245cf700ea94d638c8d76924ecca52d330","sha256":"4c44d7c28ec0f6ca3e2624c6af1d3be324576d01ef6f6c2dc0af7e61664b8c2c","sha512":"cbe467dc51f0eec90d8b40bc35a1a0eb2c320ac67cc022c518b431987fa05a3d565f793c377d5f33a612555ad4d7ad66acfb4b47ba6323da26db293f095257d8","ssdeep":"","tlshash":"c650000003000000030c0000c000000000000003000030c000c0000000000000000000","size":8,"data":"","first_seen":"2023-03-07T01:03:50Z","last_seen":"2026-04-04T10:33:38.557334Z","times_seen":18605,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","size":6293,"data":"","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qo.caromedlusk.com/ra0oXIFUcinxsTE/70341","fqdn":"qo.caromedlusk.com","domain":"caromedlusk.com","tld":"com"},"ip":{"addr":"23.109.170.253","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"9a7cf1df45ee0e16053151d301617e90","sha1":"cb4f9ff84c1f24a20e93eb2e6d63990920d1b793","sha256":"9c43b435e9a563bb30597cccc3ec59f13aaaae1f26760d07ed5da0239fc25cd6","sha512":"0d2579b038d8ba7f747ca92926a0cfea41bb1d9d3f125124530934ee3fc86d11e191436631e14231d31bf326378b45fabd0d82849dc58db67c49958e7e820622","ssdeep":"3072:pxISGx4vnyfBUCV5Q3lQBsWLslW8D2VVsvWU9e9f2KsVboPxDl+XoFLRISfgRGsq:pGSGyyfbV5Q3lQBsWLslMVVsvWU9e9fn","tlshash":"aff33ce0b771b2b98f9340e5e13b9112f22e0d51308c98b0d26a9d747e7159ed27fad8","size":163085,"data":"","first_seen":"2025-09-28T10:31:49.136217Z","last_seen":"2025-09-28T10:31:49.136217Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","size":19948,"data":"","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-04T11:46:36.877669Z","times_seen":330165,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:srcdoc#236","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e7b22ad580d87072557968cfc458fb64","sha1":"7d9688fc1455d36478934dc429f641c04d2dce8c","sha256":"932d0cbdcd751f6def083df9f3e7873f3a028d9146f3b72e951deaf2177099f5","sha512":"2896c8793a12f340f8458479ffb01a6be32a18159f50b99a03fa9af77003c3ef2a5c67b15e902d5c402cf11131f6dffce9c186a92118dcdc9999b4f0177b5235","ssdeep":"768:K77fZXP1XIe9V74LOu59SlrhtZNL1kmSHu71w4FLJsdYi8bCgyc2:y7fZXPBIe9V74Ku59S91kHHkBfMf","tlshash":"3c532e1ee6da1a240157f3789b3bad047e3a811bcd6cbd10393c42842f5d46e43b6bad","size":61417,"data":"","first_seen":"2025-09-27T20:52:52.273762Z","last_seen":"2025-10-06T11:45:17.786859Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"45b1b5d2acd48ca1a1c53852c44f17d8","sha1":"07c3167330b0f18e9a9b0060e0e177e781454507","sha256":"b4408fd789f92b35a184a71674ba8c3a46fe35a899e687124d7ad600fcc197d4","sha512":"355f61ecb09974b8d03ce80d0ca43ae99f2f54ed2e04292f2f90a03d55e76d03a99e8ae6f6240637455dc4132b39e94bb7c97bfd3529fd53779b7bcd21fb449b","ssdeep":"","tlshash":"06d023552d75c5305594034711b6d79c256570e07751e540c5cacc5b5e21dd344f255c","size":217,"data":"","first_seen":"2025-09-28T10:31:49.212275Z","last_seen":"2025-09-28T10:31:49.212275Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ssl.google-analytics.com/ga.js","fqdn":"ssl.google-analytics.com","domain":"google-analytics.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b6f6d7efd99960ab916ee096e061f2e7","sha1":"e21f1b5b99444ed4e4f62308cf616edd93ee852e","sha256":"bbb1ca9c206e0ed72478ea72f3ca038cf739fd540d5d1c2da19620c942e4c4f4","sha512":"1a6172d7bd59e113fb23d09bed6e42141e198709e59442972a15bc6445de0a5d5713611269ffc5fdda04f5cd2bbd81e52cb15bd19ee5fa0b6f163880ed2a34de","ssdeep":"","tlshash":"bb615045e8bf3cf11151200a097b8137632e8813ef5db454bafa52139f6e4de24b2fa9","size":3362,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:17:31.47308Z","times_seen":60048,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e94d8b8e1cdd2c2878218461fcae8c58","sha1":"c56c75f389737192dcc47974da35a67421db2409","sha256":"c3e4a515745d3ed1292d494a5f35f20bfd4eab9677ca1f0a29bd1506e67e0860","sha512":"01d9a9eba6f8abc4df1b326a71f047424fe70e3aa60ac26131eac98da00663c6cea9fbac406dd8da8bca7aa29ce4e4e00b0d53f61eac114ab770a6f08e5458cd","ssdeep":"","tlshash":"42f050bf5c6f5dfc9257801b66bad065bb7914194170f100b18cd9115c61f602c576a8","size":529,"data":"","first_seen":"2023-08-13T03:07:21Z","last_seen":"2026-02-19T06:00:31.913263Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ada141f39a7680670037f47b9aa23453","sha1":"5b64bb19074c56b05dab85226bd11231966cfd34","sha256":"fe32f017a1cc94210748f5dcb4c5aba237edebe114dbe1715956e620580fa518","sha512":"8b5aa69eed0fe82c0dafce240489ab924daf69f76c566904033e2ba241e1d070cca573e0b045d5ee4b56091bd697a9fe583f002b522ee50fe552216bf9ea8aa1","ssdeep":"","tlshash":"74c0805cf735bc50047733f4882b18e8113934117c013413e8143170195cf1c5547d48","size":167,"data":"","first_seen":"2023-03-10T15:14:41Z","last_seen":"2026-02-19T06:00:31.911362Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"edb18cc1b377ec94eedc310deb25286b","sha1":"ff4a7507ae0070c7dbc0a3b37b6e161b55cb194e","sha256":"57d7f383cd9915e0dfff9ac6d29aa473c3c9750e2a7cf9c16d96031662fd8952","sha512":"3e7bb7d89e1ee6ffd4f2640921a415f68e82b691f0f929b4884b24c589bb1bb2b36abbe72707e397dbf3eb9b2060ffbdf18607cc6fc15135caeac6cba6e3b9d6","ssdeep":"","tlshash":"81f028362866507e1153a06bab2ed6122ca2a307060dd8413facb52d7f6960d27a26e8","size":607,"data":"","first_seen":"2025-01-14T18:51:10.436428Z","last_seen":"2026-02-19T06:00:31.909045Z","times_seen":33,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/double_btn/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"561acb3e541133bbdd2c0c19f8ee35a1","sha1":"ffd1353cf3f77d25f801c84d8208613eb0d3d548","sha256":"9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc","sha512":"8a647ed6f56b4da93c7a034609060991cc8080350f057f4f2af2c369f18af066db3b4e77701fc017027fd774264a6d0f84927239d7d2f693edc6f7d6a0917be3","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakV:YYh8eip3hXuf6IidlrvakdtQ47GKl","tlshash":"f993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89492,"data":"","first_seen":"2023-03-07T01:04:00Z","last_seen":"2026-04-03T18:56:22.048855Z","times_seen":6515,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4d40d3598a3f9c7338ed8cd787cd7b84","sha1":"e80644bb41a88b1382e70fc1c694429e87cb3a6f","sha256":"3b62f41f0bf10044af60817b496ab6cb59fb7aee1ab4233379be5a7a3f4c3cbb","sha512":"006495904f9ebae185ee49ed7388e08e93ee7ede5b1ddcf032ee658f37de749fe8ae9168ffef33bf8be3ede8f5ce8c7d3e9e1e929ced1c12f7b864e5a92bb98e","ssdeep":"","tlshash":"fd1100753f1a5634c9c5418b317eeba93d3260717a02a084c36ccc289d18e8314efcbe","size":902,"data":"","first_seen":"2025-09-28T10:31:49.225616Z","last_seen":"2025-09-28T10:31:49.225616Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"277bde1e6b99eb4b2a5bbd55b29997cd","sha1":"e55d71de4fde1b52f2ac08eb4081479809e2733f","sha256":"b60acb5f70d6108be0e8561154ef4df4e86c88dc70632df91ccb09d683a72f96","sha512":"c2f8b1f418a4d506aac646bb89ec31f76e6f70435719c06db81d4e8aa44acaf900966b9d131736cc34fafad5743387943e905c5d3149c709bc537a650a39b625","ssdeep":"","tlshash":"c6a01294569770b80356850011321211a314a45084080044d074083a344904bd0b0711","size":79,"data":"","first_seen":"2025-04-16T21:10:00.070092Z","last_seen":"2026-02-19T06:00:31.910513Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"45b1b5d2acd48ca1a1c53852c44f17d8","sha1":"07c3167330b0f18e9a9b0060e0e177e781454507","sha256":"b4408fd789f92b35a184a71674ba8c3a46fe35a899e687124d7ad600fcc197d4","sha512":"355f61ecb09974b8d03ce80d0ca43ae99f2f54ed2e04292f2f90a03d55e76d03a99e8ae6f6240637455dc4132b39e94bb7c97bfd3529fd53779b7bcd21fb449b","ssdeep":"","tlshash":"06d023552d75c5305594034711b6d79c256570e07751e540c5cacc5b5e21dd344f255c","size":217,"data":"","first_seen":"2025-09-28T10:31:49.212275Z","last_seen":"2025-09-28T10:31:49.212275Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","size":12332,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-04T11:45:55.568744Z","times_seen":94443,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d5f7b2d662a7d58160d15f76dde3dd59","sha1":"95b0439ce70f99017b5d240502d56eb86b44ed5d","sha256":"f62dc3af0f6f2acb70f6e0b303bb11d27515f3a5ef349e04fc36f0d93c8243c3","sha512":"22d400d6c60caca8fe3a7ed0d0cf69c465fc728063b6e404941b1da3395e3c7624312171544c4bad285fe9639c9286cb9dce9a4c5b170061bbad4b33ea5c9a02","ssdeep":"","tlshash":"5bf0e1ba3dd0a0308559f1b4b15eaa18b46164246004690984cd84c9a8d4bad4e6d5dc","size":551,"data":"","first_seen":"2023-03-08T00:05:43Z","last_seen":"2026-03-21T19:27:34.454885Z","times_seen":68,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"349ea14c8b5fec58fba0d1ec86444dff","sha1":"9bf7a4a79f59feffe6e35614f5ca906716b338a8","sha256":"360c63e69ceed307e43906dbf1b4c64d626da5bb5e1aa030e4d87c8c9042348a","sha512":"0d761ac70ee437e918c19ee0ef025e1e71ec8ee72afbb7d9583a13089e4dd74a2d94c73d3c893caba15ec6775640220c2bee98d4719ae5ed029807af4580e769","ssdeep":"","tlshash":"3ec04c59bdf3d1419e34395b749fd0c9cf6007a4cc406985dfd0b043b924a24434ef25","size":162,"data":"","first_seen":"2023-03-10T15:14:41Z","last_seen":"2026-02-19T06:00:31.907754Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"8ec4ea2cc07fb4298dd793cbc67d3755","sha1":"04c34c92ef5baad58af7c56b728d4a84c55f7185","sha256":"9a0e8ee9789c9f554b318f332bf0d2c61f85cdcf33afc1228b6f94181f841b1d","sha512":"30304737e90f692141d3d9d94011b08bd5605aa54d85f9808fb80fb3fae2b0c1d8151784f56ab2bbd89729e5cbc7aef8f6f3b00acae27ae268a8718a5d3ceba0","ssdeep":"","tlshash":"e1f0dc20a9ce2dff820650ba9c78cd0a71a7381ec1f0c0070e00d83563b1fc909582c8","size":449,"data":"","first_seen":"2023-03-07T12:40:02Z","last_seen":"2026-04-03T18:56:22.078109Z","times_seen":2002,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ddb38cec2a3e44027f210856f6c3ab06","sha1":"8dcbb5f9a59c7d2c12441b2d46e47194281e3fd7","sha256":"145bcde519f7316cb23a753d5147be17044a81c66d3e2062610f49738914a969","sha512":"bbf3d3201d294b0a4ac92e1619eaed9bd6764a0da32712ff7dc7837d043795c4704108ca013e794ec4a536facba30be2dfd6a0872d20d5708a2d6c8e2f9f516d","ssdeep":"","tlshash":"ebc022b564a490300424009a707beaa83c31318874926080c48d781ca924fd30452ca8","size":187,"data":"","first_seen":"2025-09-24T02:22:33.853601Z","last_seen":"2025-11-12T14:46:36.801298Z","times_seen":271,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6cb2b6aff7f37fd8fe920acafd43fdbf","sha1":"c08e768d13c255e338e296e5fbe997d9c3422585","sha256":"fb127d8b44a9e1264f51fcc7f2ea167e8c3fbe1a272d6c321daf508f56e0a514","sha512":"f4f4ce95ad57b255f5c3db1b4a2363c920dbb1a49ba852e11f8b5e363bebf45e33600794c1b5d257dfa66cc2c2651753127217a0bac4f6bbb85ff40bb3e2dedb","ssdeep":"","tlshash":"30d02b8eb4eb990118737415cd2fa944331b28cb190dcdaa3e4c08904f54218000964c","size":260,"data":"","first_seen":"2023-03-10T15:14:41Z","last_seen":"2026-02-19T06:00:31.920854Z","times_seen":37,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"eb3f31baf782f37fa70f54235c07471d","sha1":"e0fb4a52d52015533a6c58b2da00cd80faaaeb63","sha256":"4be1dfe79b7da034540be98ed2a74535864b69df848b34c3f4d387ddbdd2ae23","sha512":"991f94fb04ab6871bb1909f274248b86879823890af694f62b729d10e6aec197ae4ac80baaf808a8ca3da859a610a49117573754fe35e6ba98cfc597758b4039","ssdeep":"","tlshash":"d8e0d8211daaab3d722501105da0d58d3b7448f2c60a64c1b34c9298572a7b4894ec11","size":348,"data":"","first_seen":"2023-03-10T15:14:41Z","last_seen":"2026-02-19T06:00:31.919919Z","times_seen":37,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0a1ecf85998163218ea782601374c22e","sha1":"0405031eefdc0c58bbbe227e9321c193268e05a8","sha256":"3eecfce33e2dcfe4726e2b953bfbb68275516924ec3d816c4ba1ba485884393d","sha512":"d48a4fc1a93b8fe5bc10473daadb1f0a4ff50b59e790acf9f42b2c7f57772f92af5c38d243820c9a2d6aac5075a8ef1327def9298011a3fcd70a2b2452b39abf","ssdeep":"768:fpCxicwKzukjCm/hYE4JoYC3ouzBcX2nVrHpSFXcdDqxv1l2qo0uw7T3SPGw6SXW:fppUCQ37rVT0Rcd+9keSPjzjlI","tlshash":"f273ea4c3f95f1ad43a26073222f941bf12a1d51b06cf8c8d253e8bc6eb9769b536b14","size":76299,"data":"","first_seen":"2025-09-26T17:15:33.08141Z","last_seen":"2025-10-08T07:17:41.063917Z","times_seen":28,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","size":6293,"data":"","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","size":92629,"data":"","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-04-04T11:42:47.462928Z","times_seen":60582,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/sandbox%20eval%20code","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"64fe6fe97a487c82c5be70158b71aa87","sha1":"b93ba17d1796e404b0ca1ef6f262bbbb0c427366","sha256":"3ec8a12103cf9c2e91b9be1329d1e9f1c53043e38a641070650d1b8d07dbbcd2","sha512":"1a52d609a0d5b1688f664612d6fc98846ffc6d0899444651d29b0c076fdc4c6d4ea87a1ea3b97d816c166f3d91bac5e421f7160c6a00872cccb5aa126bcf7ba5","ssdeep":"","tlshash":"85c08cb3a790156b9a1267b1b8106013bbd6571047a78012b047011b1180ea659b8098","size":148,"data":"","first_seen":"2023-04-11T21:38:13Z","last_seen":"2026-04-04T11:17:31.46587Z","times_seen":60230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"32094a911516f50e23b50ef6377aad19","sha1":"8bf9b2991d598618d8fc87ddd30f0c5c3c8463cc","sha256":"a65d729fe540e3196a275a5a92fbd3367444a08be92159eee4caa2b58be5ff9e","sha512":"d7c46b359be2b4e7df7016194e560a26263d302bae9c7301c2904cc2369934e436be82ef3fb654ab493916de5d9d97f84f055b1484b12b969f8c3866f4537ad7","ssdeep":"","tlshash":"83d0c2c1904bcca66a3520681747a14ee39c1c62d80ccc2598501e2ff844c2fc111c04","size":264,"data":"","first_seen":"2023-03-10T15:14:41Z","last_seen":"2026-02-19T06:00:31.908562Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.pushub.net/inpage/inpage.js","fqdn":"static.pushub.net","domain":"pushub.net","tld":"net"},"ip":{"addr":"2.23.13.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"5910e494b34694553906c84adbf11b84","sha1":"abcc4dad695e8dbbcb817d6c69048001b6e58f36","sha256":"be9ce430b5c00ab65a0ab52c4a3e3b2e764a2da413b1b83986e59ce810678f2c","sha512":"5a82f4a292ed4dd443293dc9f882ae9411fa9aab64bbf5c44653a02a08314571988748b36b22137e70ec6bcaf5d3f3b11672d06610eb47ff073590f97ef8e024","ssdeep":"192:CBuLuLVBuL/LyzOVeydZr1qIcVirXhNST01h2LJ:CBBLVBgLvVeydzocST01hqJ","tlshash":"7b42f9b63962313193e3d1b3a4df574db174c4202942446ca264d6e90ee5a4f5737bec","size":13180,"data":"","first_seen":"2023-03-10T14:20:49Z","last_seen":"2025-09-30T09:51:01.538981Z","times_seen":90,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"528021d7eaa00d6a52e796b6a1ae2b5b","sha1":"650406367b0cde9ecb5ffd5f9df95392ac9a2789","sha256":"af0ec44ef0a8b8b0e4db54116aa4ae0c9f8ebc8be5ca68750e9f91a60e7ffef4","sha512":"65a7c181fc65313abea98627000031c52ed127cf277cb7258594bbbead87ffcb0bfe9e1fb827371f651af20fb43c8d23dfedf7e25d550dedc1af079b590debf2","ssdeep":"","tlshash":"d0312022366b43d94b17f0661a0b5eef79360947a87b5a2e311c92ca5fc033913a96f1","size":1491,"data":"","first_seen":"2025-09-23T15:01:43.27406Z","last_seen":"2025-10-01T08:37:46.500694Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"859fe4e02fc1a1d21363f083752129e8","sha1":"c2caecf103bf7b43b9d3e689559cf39cd9c366c3","sha256":"4f9a6262acb436a5216119e680f1233f6484ff3e9f314359aafcf4bcea63dafc","sha512":"321e0ddce40c98e0f70c480365a9f4877aeaa2ff376f07edd35ffc5aa289d674f6603a9abc85338e17ee4314c22f7d1ca4cd24eb2adb0e22ac742e86fa049486","ssdeep":"","tlshash":"c0217b3b9898c3b12243f157e126738cd731005dfa192703330d0ae91eda36a26f99d9","size":1272,"data":"","first_seen":"2025-08-28T16:07:00.589556Z","last_seen":"2026-01-05T19:48:22.584027Z","times_seen":215,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9fda1724412fd3c8db9942aa6e8e3deb","sha1":"539eed6112906a989e297d5d51c98af3dff08f2f","sha256":"3ddb9787e2d99f63e1c8169da967fa7b50e0baebb523aae738ff38899d2eaf7c","sha512":"1b6fe4694f5e61f4c298e0bf7d632c31df118d987b1643004ec2149ddf468e65c858fab779d5af8c0a9cb8941216cd977497c32351aef1cc3878796054f18158","ssdeep":"","tlshash":"c1e02e59a47301e042bba05ec30b232310a3f2833940d4d8ba8cef000f2ab228e9a1c8","size":294,"data":"","first_seen":"2024-01-26T23:16:31Z","last_seen":"2026-04-03T11:08:00.008086Z","times_seen":1765,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"push-sdk.com/f/sdk.js?z=888956","fqdn":"push-sdk.com","domain":"push-sdk.com","tld":"com"},"ip":{"addr":"157.90.33.121","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"42ba379d5c67a32ea2884ca3ff9e4c1a","sha1":"72dae9d76fee9ce1e9ea3db3c892489c8da62d63","sha256":"eb6d6901bfe7868befbaf01f4c0d501c7949132ba27da3f278ae1fbec7ed7def","sha512":"e01c31aedf49131b6fe39547638923afbd887763b0e5720711bec911c55f3e7ec87a4c74b6cdde6bdfdc5136d67f1b1f01794e02434a153727e9336bd245776b","ssdeep":"1536:/7LMSZcnLitlCr8WoeisV69SDG3nY+kH+sNK:/7L1Y2NViBNK","tlshash":"6633818877c6713412a7a4ac056f50daeb2b3c34944e890adc53f3a2297576eef23d74","size":55024,"data":"","first_seen":"2025-09-27T05:12:44.30874Z","last_seen":"2026-02-19T06:00:31.859579Z","times_seen":27,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"5eb560733706bf9592e0bdfbc7c5290f","sha1":"73a5485d9dc8bb9c7e9f6660649fef5dd58950f2","sha256":"f986e583dee45be77e358dd8dd80a9da4b83efec637302b1d097a8596328c17d","sha512":"fd031dff21d01b0828b1b923e1429aae159c526be2087ae41ad89fc4bc29078dcb20975f0636719b24790ece65f83b8d064da4789c9cde81939ecf2fe9c9b445","ssdeep":"","tlshash":"15a02280ac8830b82ba0ca0000332b22232080808c0a0080c0a000023c0808ee0b8e32","size":64,"data":"","first_seen":"2025-04-16T21:10:00.062166Z","last_seen":"2026-02-19T06:00:31.910028Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"directlycascade.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js","fqdn":"directlycascade.com","domain":"directlycascade.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"515f2a5a33b2445fe9fe42c31b544e62","sha1":"18cfa468f653ae4e2c34f18e181f6ac0c760dc96","sha256":"04742ee0ee939f15d239e56a480b6b4f4d8b8382b2918157ff1eb9ef9b75dbd2","sha512":"2d0613cb6eef139d0ef0b4d98afe9b93abccc5c870b3610b1fd84efe9f656250b35c9dd52aa9e962be42c695c819605b3ec87f7e222dd236dd8e6fcc639a9c4e","ssdeep":"768:mpCxicwKzukjCm/hYE4JoYC3ouzBcX2nVrHpSFXcdDqxv1l2qo0uw7T3SPGw6PXL:mppUCQ37rVT0Rcd+9keSPjkCI","tlshash":"ab73ea4c7f95f1ac13a26073222f941bf12a1d51b06cf8c8d253e8bc6eb9769b536b14","size":76340,"data":"","first_seen":"2025-09-26T16:35:49.511268Z","last_seen":"2025-10-08T07:17:41.055267Z","times_seen":56,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"21904d7fd2a9c1efc5a13bd948776856","sha1":"ec276ec29a1d3e5f3f7053dd9346d320c497b19f","sha256":"4f32090608981566bfbd790d4a9a93000914d64a4ab4983139571017d4c5f111","sha512":"cba0343c7798192521ac95903de10e5510b2d40a7d872b4abf49b7aee22b11df9361dae6a25011dfa8eaa7c27db894236dad3f970ce11e39e250b3b87e2dd8a9","ssdeep":"","tlshash":"dba02232002808fc320000002c8020c2230000f0c20330c2e300e308003f380880c003","size":66,"data":"","first_seen":"2025-04-16T21:10:00.061369Z","last_seen":"2026-02-19T06:00:31.918219Z","times_seen":30,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"c37fc71c4910746e4dc1086d1504eec8","sha1":"14565ad25baee00fbfcdfb04cdaca8146cf8eef9","sha256":"86abf24db0f0710bdb2bdd82e5675a1fc444148707510005492b33cd4820068e","sha512":"759a316f29f039ce53e4c8568c95891d7d9a98ba2ece51028719a59275412bd04d8fa20c0802b8a52cebcba9050c2b813233692814eb14dbcc775e0efc59d24e","ssdeep":"","tlshash":"44217b3b9898c3b12243f157e126738cdb31005dfa191707330d0ae91eda36a26f99d9","size":1276,"data":"","first_seen":"2025-06-22T22:52:25.7742Z","last_seen":"2026-01-05T22:39:08.072676Z","times_seen":421,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6134b30bf2687a0e58305b56ac1270f2","sha1":"e3ef3f01e886b7f9ebfde95803d271f43d39a027","sha256":"01976eb16aa20828872252233bfe5f1a874f3a4bc5ce614e024211ee8c62ed00","sha512":"ba85990c4b0b0e553063d83d4457645149c43b4b754a2fb69720eaf6a32137cdca959d0968414ece9b77cbcb037a197dc3aebc882489a48f49bde0ad924ca493","ssdeep":"192:4TVi0VUoZYoIS9nktT6bRAqV7djquZydguXCm7CnCnnaL4XX+mTH4CQpVFybIogj:8Vi0VUoZYoIS9nkV6bRJV7JrZyeNL5mO","tlshash":"b922e6ce794cb96c430c79c404ffb3d70231fda5788aa98462a179a46f30b95b689d4f","size":10175,"data":"","first_seen":"2025-09-28T09:59:30.035133Z","last_seen":"2025-09-28T10:31:49.146409Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/app/apx19.js","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2344c3f05f624d595f6fb920e4d74ded","sha1":"eb4d1404ac2d5eecd307f4588aeeab5c8ef463f1","sha256":"3a28fe59e4a2af96d8edeeb12d7040c574cf71fa88fccb5cf49e9c0a1d4e4c7a","sha512":"b1660b062c77332a119e159c5c69d3f75d375915a33f141503232f424c4fdd990998a883c271efb94e8eb909f7837d235354ecae15b58fc23ab9d1908170e831","ssdeep":"192:yfBLCNsvzXnQQuWYQVN6nYaRB5c5FM/MR6Adpf04u7w2Br:4gNYXnrYtBONxpf05r","tlshash":"62126cc87ac7f00b53ed8a53ae1a66b8117b946362a47907d3bcf6cd15e920bc179cc4","size":9183,"data":"","first_seen":"2023-03-07T12:40:02Z","last_seen":"2026-04-03T18:56:21.982955Z","times_seen":3505,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"5eb560733706bf9592e0bdfbc7c5290f","sha1":"73a5485d9dc8bb9c7e9f6660649fef5dd58950f2","sha256":"f986e583dee45be77e358dd8dd80a9da4b83efec637302b1d097a8596328c17d","sha512":"fd031dff21d01b0828b1b923e1429aae159c526be2087ae41ad89fc4bc29078dcb20975f0636719b24790ece65f83b8d064da4789c9cde81939ecf2fe9c9b445","ssdeep":"","tlshash":"15a02280ac8830b82ba0ca0000332b22232080808c0a0080c0a000023c0808ee0b8e32","size":64,"data":"","first_seen":"2025-04-16T21:10:00.062166Z","last_seen":"2026-02-19T06:00:31.910028Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"5eb560733706bf9592e0bdfbc7c5290f","sha1":"73a5485d9dc8bb9c7e9f6660649fef5dd58950f2","sha256":"f986e583dee45be77e358dd8dd80a9da4b83efec637302b1d097a8596328c17d","sha512":"fd031dff21d01b0828b1b923e1429aae159c526be2087ae41ad89fc4bc29078dcb20975f0636719b24790ece65f83b8d064da4789c9cde81939ecf2fe9c9b445","ssdeep":"","tlshash":"15a02280ac8830b82ba0ca0000332b22232080808c0a0080c0a000023c0808ee0b8e32","size":64,"data":"","first_seen":"2025-04-16T21:10:00.062166Z","last_seen":"2026-02-19T06:00:31.910028Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vmuid.com/script.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8","fqdn":"vmuid.com","domain":"vmuid.com","tld":"com"},"ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"dedd352338543b137f608adc8d0d4aa8","sha1":"100edb4e8fef9b6da043d51135077e68d2a61b22","sha256":"b338a91ba1d2ab7c3a7a0dd659426f5ffa4cd699be38e2bed5075c4d3e773a48","sha512":"e2fab4d95d5baa013a7c248945156524478341282dcffc462fb2de318f55ba29dcafba0db3abcfb6399c6164f6f630f06d48a7323b73f8ea05d5978cd60a4c5c","ssdeep":"192:ATn+ip4qxJ/gzuvu3fo8idwqnOqgStYc1qRP44+PHlCXXZE7904AxF:YbRJYz3oe+3tYGGx+NGXZCAn","tlshash":"2b22b5c9b2d2f06443d77161942f2007f23b2869b54dc498eb66e8d3bcb045ea227f79","size":10178,"data":"","first_seen":"2024-01-26T05:18:07Z","last_seen":"2025-12-29T12:17:25.567723Z","times_seen":3656,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bvtpk.com/tag.min.js","fqdn":"bvtpk.com","domain":"bvtpk.com","tld":"com"},"ip":{"addr":"104.21.5.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"59a5f86b0896f3b179053de2d9ad97bd","sha1":"cfefb6dc560a50701ba8a97a39c79c267b630061","sha256":"cafbe60713779c1b07efd752cccb2fd6a6c33555b268d9bd2aa1135e5d71f6f9","sha512":"009f00c38e04e88946cf5a23a1c59b8da97b3caaa2583517a371de96e8684125f11a1f7d3981d49e8f1df99eddc94635c7e50b3cf89feaceaad1c187c24d60f3","ssdeep":"1536:KORV5n7I9pN5MStR8L6Ru5HjQdXog6wTEDtr0r0:KORVd4n+qvXoRGEhr0r0","tlshash":"4eb31a9c625734711d7a9129785fc44daeeaef80048e89e4d0daac732653071d3bbfe8","size":109903,"data":"","first_seen":"2025-09-26T05:58:13.470734Z","last_seen":"2025-09-29T04:18:53.816115Z","times_seen":92,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8","fqdn":"origunix.com","domain":"origunix.com","tld":"com"},"ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.763Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"origunix.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Sep 2025 00:54:40 GMT","end":"Mon, 15 Dec 2025 00:54:39 GMT"},"fingerprint":{"sha1":"EA:4D:52:7B:A7:DC:EC:8E:C0:40:42:81:FA:8B:F0:41:1A:8A:06:B9","sha256":"D2:C4:BB:C0:BC:07:5E:9C:EA:13:D3:33:59:AD:22:BA:79:E4:4D:F0:C5:B5:9E:48:3B:85:95:0C:1F:60:60:82"}}},"request":{"raw":"GET /sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8 HTTP/1.1\r\nHost: origunix.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Sun, 28 Sep 2025 10:31:16 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nCache-Control: no-store, max-age=0\r\nAccept-Ch: Sec-CH-UA-Platform,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform-Version\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nLocation: https://msdoj.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":64136,"size_decoded":0,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":86,"connect":24,"send":0,"wait":26,"receive":0,"ssl":54},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/menu_icon1.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.944Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/menu_icon1.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:17 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vQkHY0%2F4o5dDH9%2B81paCmzfjGC1yvw3EDihx8%2BnjBmQ33zYXDQKTALBs2NTyzHS4Ph5WXOTifE%2BjB9PBubiMOuOUawPzZaj38qCqqUoeF%2FYiedB%2Bbw%2Fv4A%3D%3D\"}]}\r\ncf-ray: 986291fad941568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":779,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 16x36, components 3","md5":"ae0b2d3ea7154d881bc01f69ebaa4677","sha1":"287f498331b238b276520df2d6729aa53be98340","sha256":"7c4a839f3903ee0604fb81394ec1cead5599e31eb9f65c430fcadd9c3c77de3f","sha512":"c77915ef450610d314072712f32fb9283f9e7b25174069eb347b3e0afeaa285dec7d9c752264ea3582880f4ad99716b8f76ddb8cf50eb6f9530523b7a13a0afb","ssdeep":"","tlshash":"f00144b7e381c72fe9c438302238ee840b49a61208335fcd09f17563fd9d305149a19e","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.905348Z","times_seen":45,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/big1/img/close.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.043Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/big1/img/close.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 591\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"65aa84fe-24f\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 364256\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SeghrZgIgIklZi7J6E%2FDKYe9D4WpXSXhfz9VZX3ZeS4GkZlJolV8OG79cue49Smah%2FW8M%2BochU5m8DYgDU6PVJ7j5UeTBmj5maplACic\"}]}\r\ncf-ray: 986292147f20712a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":591,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced","md5":"9fd5bcb6103d86e317bd1eb019bcbe71","sha1":"6b5a52ea669dcb74946f2bed4bdd7ec985026113","sha256":"0ddd3be104ac7945fb062096df62034a6a24ecc76ba92493c35c62c3c25982ae","sha512":"e244a8842c009fa83e8d9d1088ec5b76ca2a42660568b7886e01724977b9ebd4e43690e0c651e25287c64dcc4826391b34cae6a106e2148139450dd05fc5a562","ssdeep":"","tlshash":"b0f0414e7c5903a1874caf3b18dd00119c27898077c82e0db689eed20e008e215471da","first_seen":"2023-04-11T11:09:41Z","last_seen":"2026-04-04T10:53:20.237669Z","times_seen":4674,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xml-v4.pushub.net/pixel?i=3on3AsrcJD4_0","fqdn":"xml-v4.pushub.net","domain":"pushub.net","tld":"net"},"ip":{"addr":"173.239.53.32","port":443,"asn":27257,"as":"WEBAIR-INTERNET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.495Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pushub.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 06:55:03 GMT","end":"Tue, 25 Nov 2025 06:55:02 GMT"},"fingerprint":{"sha1":"A3:5A:ED:BD:36:B2:05:66:F8:E3:E6:B0:39:04:B8:E1:97:FB:C9:A2","sha256":"0D:F6:9E:28:3C:35:99:6B:9E:9F:C6:9E:C4:01:77:5F:65:1A:86:09:0A:70:19:3A:87:FF:E4:09:95:EC:9C:52"}}},"request":{"raw":"GET /pixel?i=3on3AsrcJD4_0 HTTP/1.1\r\nHost: xml-v4.pushub.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Sep 2025 10:31:21 GMT\r\nContent-Type: image/gif\r\nContent-Length: 42\r\nConnection: keep-alive\r\nCache-Control: no-store\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":42,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"d89746888da2d9510b64a9f031eaecd5","sha1":"d5fceb6532643d0d84ffe09c40c481ecdf59e15a","sha256":"ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629","sha512":"d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c","ssdeep":"","tlshash":"c4900023fa808000c3a8c2300a0b238a2b8c80200a28030b80ae208cec3a3a22c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-04T11:48:58.516157Z","times_seen":762863,"resource_available":true,"data":null}},"time_used":622,"timings":{"blocked":266,"dns":2,"connect":87,"send":0,"wait":89,"receive":0,"ssl":175},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fdouble_btn%2F1%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=597","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.511Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fdouble_btn%2F1%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=597 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:21 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":125,"timings":{"blocked":12,"dns":0,"connect":0,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"directlycascade.com/impr.gif?sid=H4sIAAAAAAAC_1RST4gcxReunvz4ISiKHryoMIccIriz_W9meswhJCbR1bizJNEg8VLVVT1bbndXW9U9PTteggEJXhw95dj7zSaLuge9K8isFwkKaS_OwUXw5F0CXkRmM7jxHd57Vd-rx_e-eh_tFIfEQ0HnG2-qsYxjutpu2c1T12TKVWma61ebjt2yTzevybTjn26OFk4PX3Y8v2W_2HxVhFtq1bUd23Zsp3lRahGp0eoRCpntB06r124FTsvp-Rjp_55NYcFQC3x4SJ6B5PVTv0fXIcMZ0uSr88Js5Sp76UJSxDRXGkO-91a6laoyRXKcRtpClO4tq6FMTcjtBlS6t5wAari7mABM1qTx7K9g6d6SJtjwzkOmLIZIwfjjKIcziHgGSWcI1U1Ifp8AIcd6H2lyd13pkm4_ROkCrcn___wDsqzJY88TpMl-_1z_SrOfiXRd5BhFFeRoBjmYISsOkI8bkOUBwvxDSP4TWX1wCWmy2zexguTzk7zXawsv6q54lAUrvmu7K0EQuSuMdt0eC5wwcnpHAsloBmoaKIyFQlooogaKrIGEz5suD4XTdUXAok6n27EDp-N0fJcHLudur-ejCBfMJ8izCcJ4glDfQKZvYEt-dt_fuO-9DV18B7NZwXALJicY8gqlICgNQUkJSklQ5gTlsLrDY-Oa6i6PTcGcZXSX0aumKh_s0DsqH4iUgOoJNK92Zfa-uYkwt6bjyJCpWjjK8mpKGa92skPy9EJa652_DbbEvEltz2U-97wwoIJ2AupHPRb4rtfuOD6LIhhZQZoGqLEwljXp1j8gkzUhn_wCRg9g4gOE8gRo8QJoWYFuVhin-1zqTKvRditUCbiqkOX_Q75t7cSH5Lmjzz37122I8N6Zn70jQ6grZLrCe_J7gkF8a3pZlWT3sioN-bqf5TKRY5pLlV7JaS5OfPGG2C6V5mvnzeTzs-ECWKT7V4XJL9GUy3RgyJfnJOdCX1Q6FOTbNXNNsI3CbJ4rdFpklzZeubiWZFoYI1U6A5U1sT74EaGsyROvXzha6pNrH0PqGXRRISnukaUhzG7AZMfcjSLQ8THOMgtlUU21y_69nGoWHVfEsiavXf8Nsbh35iD_Rr176gEoq2DEI13EI4_poh2V1Y65hYG2QPObSJMKQ11hGFeg8QSmODHNM33Mi8XWlMXa2mWxjj99qLmR82bI2lT4YccNqB34PvPsbsemvi2iLnOCtoPc1JvzJ4f_BAAA__-tfErXwwQAAA==","fqdn":"directlycascade.com","domain":"directlycascade.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"directlycascade.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Sep 2025 11:12:27 GMT","end":"Tue, 09 Dec 2025 11:12:26 GMT"},"fingerprint":{"sha1":"76:17:4A:20:73:64:94:52:3B:6A:50:E2:7C:F7:F5:73:52:38:47:A4","sha256":"66:CD:95:7F:5E:D7:56:27:7A:6F:3B:80:CB:84:DC:89:A0:F0:BB:44:49:55:B4:81:76:24:2E:38:E3:FC:78:29"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RST4gcxReunvz4ISiKHryoMIccIriz_W9meswhJCbR1bizJNEg8VLVVT1bbndXW9U9PTteggEJXhw95dj7zSaLuge9K8isFwkKaS_OwUXw5F0CXkRmM7jxHd57Vd-rx_e-eh_tFIfEQ0HnG2-qsYxjutpu2c1T12TKVWma61ebjt2yTzevybTjn26OFk4PX3Y8v2W_2HxVhFtq1bUd23Zsp3lRahGp0eoRCpntB06r124FTsvp-Rjp_55NYcFQC3x4SJ6B5PVTv0fXIcMZ0uSr88Js5Sp76UJSxDRXGkO-91a6laoyRXKcRtpClO4tq6FMTcjtBlS6t5wAari7mABM1qTx7K9g6d6SJtjwzkOmLIZIwfjjKIcziHgGSWcI1U1Ifp8AIcd6H2lyd13pkm4_ROkCrcn___wDsqzJY88TpMl-_1z_SrOfiXRd5BhFFeRoBjmYISsOkI8bkOUBwvxDSP4TWX1wCWmy2zexguTzk7zXawsv6q54lAUrvmu7K0EQuSuMdt0eC5wwcnpHAsloBmoaKIyFQlooogaKrIGEz5suD4XTdUXAok6n27EDp-N0fJcHLudur-ejCBfMJ8izCcJ4glDfQKZvYEt-dt_fuO-9DV18B7NZwXALJicY8gqlICgNQUkJSklQ5gTlsLrDY-Oa6i6PTcGcZXSX0aumKh_s0DsqH4iUgOoJNK92Zfa-uYkwt6bjyJCpWjjK8mpKGa92skPy9EJa652_DbbEvEltz2U-97wwoIJ2AupHPRb4rtfuOD6LIhhZQZoGqLEwljXp1j8gkzUhn_wCRg9g4gOE8gRo8QJoWYFuVhin-1zqTKvRditUCbiqkOX_Q75t7cSH5Lmjzz37122I8N6Zn70jQ6grZLrCe_J7gkF8a3pZlWT3sioN-bqf5TKRY5pLlV7JaS5OfPGG2C6V5mvnzeTzs-ECWKT7V4XJL9GUy3RgyJfnJOdCX1Q6FOTbNXNNsI3CbJ4rdFpklzZeubiWZFoYI1U6A5U1sT74EaGsyROvXzha6pNrH0PqGXRRISnukaUhzG7AZMfcjSLQ8THOMgtlUU21y_69nGoWHVfEsiavXf8Nsbh35iD_Rr176gEoq2DEI13EI4_poh2V1Y65hYG2QPObSJMKQ11hGFeg8QSmODHNM33Mi8XWlMXa2mWxjj99qLmR82bI2lT4YccNqB34PvPsbsemvi2iLnOCtoPc1JvzJ4f_BAAA__-tfErXwwQAAA== HTTP/1.1\r\nHost: directlycascade.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nCookie: uid_id2=d995e3f7-3ab8-4202-88f2-ba729b81cf19:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl22675059=1; sleca032b4d33c8aea68a4f9b84235614bff=[4323736]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:21 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nset-cookie: iprc_l+20cb8df0822c607e165ab039f7136f24=4323736; expires=Mon, 29 Sep 2025 10:31:21 GMT; path=/; secure; SameSite=None\niprc_l:4323736=1; expires=Mon, 29 Sep 2025 10:31:21 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 7\r\nHost: directlycascade.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 0c53dabbc599e840214a15d8eb1df4a5\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":122,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":122,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vmuid.com/script.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8","fqdn":"vmuid.com","domain":"vmuid.com","tld":"com"},"ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.762Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"vmuid.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Sep 2025 01:59:37 GMT","end":"Mon, 15 Dec 2025 01:59:36 GMT"},"fingerprint":{"sha1":"84:BD:C5:EF:9D:1D:34:8C:A0:22:2D:D2:FB:A2:D3:F5:74:5F:7A:90","sha256":"30:7E:44:EB:16:94:91:A3:8A:D6:C1:32:D3:2D:D0:B9:A7:40:77:14:44:AB:8F:B5:EE:45:E6:8B:43:50:B5:55"}}},"request":{"raw":"GET /script.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8 HTTP/1.1\r\nHost: vmuid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Sep 2025 10:31:16 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 10178\r\nConnection: keep-alive\r\nCache-Control: no-store, max-age=0\r\nAccept-Ch: Sec-CH-UA-Platform,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform-Version\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10178,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (10178), with no line terminators","md5":"dedd352338543b137f608adc8d0d4aa8","sha1":"100edb4e8fef9b6da043d51135077e68d2a61b22","sha256":"b338a91ba1d2ab7c3a7a0dd659426f5ffa4cd699be38e2bed5075c4d3e773a48","sha512":"e2fab4d95d5baa013a7c248945156524478341282dcffc462fb2de318f55ba29dcafba0db3abcfb6399c6164f6f630f06d48a7323b73f8ea05d5978cd60a4c5c","ssdeep":"192:ATn+ip4qxJ/gzuvu3fo8idwqnOqgStYc1qRP44+PHlCXXZE7904AxF:YbRJYz3oe+3tYGGx+NGXZCAn","tlshash":"2b22b5c9b2d2f06443d77161942f2007f23b2869b54dc498eb66e8d3bcb045ea227f79","first_seen":"2024-01-26T05:18:07Z","last_seen":"2025-12-29T12:17:25.567723Z","times_seen":3656,"resource_available":true,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":3,"connect":24,"send":0,"wait":26,"receive":0,"ssl":54},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"vmuid.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/arrow1.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.947Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/arrow1.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:17 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pXzssn7hwHujXNeN3P3KWpjekFqym2NxBhwlFigU6KH%2Bf68VNPJRclJYoAM9wrqVH4EjRIESnIMM76RnqtTHl191CzodEjojyBd1qfN9zaq03wEuKzOYVg%3D%3D\"}]}\r\ncf-ray: 986291fae949568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":356,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 4x7, components 3","md5":"087bff5beeb28068136c75ddee62f9a9","sha1":"d4a2a1290ed2256be2874b3f31194f1d5ca51d7d","sha256":"1e4de5beef3badd97d3e4fe8f951a7464d45bd7b224942e5a73345a58771ec85","sha512":"a8c0dbc9764066b6f5b92a535dbe2c7ff79369948bd408983aaf9b9fb5f294d6a838ee5d8b161313ffd85f72356bc49fd8e13bffc2b9450d347109b66e35f003","ssdeep":"","tlshash":"0de02b322203eb13d8f102703275930c0ebc65cab4278e4d09f524126d952b50881218","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.823163Z","times_seen":45,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.291Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:17 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: e43e20f048229a6129e93a26ad0d139a\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":213,"timings":{"blocked":79,"dns":0,"connect":25,"send":0,"wait":29,"receive":25,"ssl":53},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.358Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:17 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: d05484bbeda5cec9048710c4a5b24fcc\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":132,"timings":{"blocked":-1,"dns":0,"connect":26,"send":0,"wait":27,"receive":25,"ssl":53},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"msdoj.com/hit","fqdn":"msdoj.com","domain":"msdoj.com","tld":"com"},"ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"msdoj.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 00:32:12 GMT","end":"Fri, 28 Nov 2025 00:32:11 GMT"},"fingerprint":{"sha1":"A8:56:C4:4B:26:AD:D5:72:31:67:E8:75:28:D7:6C:F5:D6:A1:E2:B5","sha256":"65:DA:95:54:55:5B:C8:18:65:43:99:33:52:5B:EF:99:EF:5E:0F:AC:FB:6E:F7:6A:27:0B:3B:6A:69:3C:78:C7"}}},"request":{"raw":"POST /hit HTTP/1.1\r\nHost: msdoj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: multipart/form-data; boundary=---------------------------34441079083629781511570280375\r\nContent-Length: 1190\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Sep 2025 10:31:17 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 2\r\nConnection: keep-alive\r\nCache-Control: no-store, max-age=0\r\nAccept-Ch: Sec-CH-UA-Platform,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform-Version\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nSet-Cookie: av_sw_hit=1; expires=Mon, 29 Sep 2025 10:31:17 GMT; secure; SameSite=None\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-04-04T11:48:58.521263Z","times_seen":256988,"resource_available":true,"data":null}},"time_used":56,"timings":{"blocked":25,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/titl_tag1.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.754Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/titl_tag1.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:16 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:16 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BY3TMWhslZtkj8%2FXuabKdYOCv7myo8cu4gBEmEr3b63hu3oKmC0mP%2BY0Rp6u%2FmfpmMFKBHf8u3%2FeD12PJaUqxSKM%2Fy04y%2BY4xZ7PonGEvh3iBGomkrx7wVXg\"}]}\r\ncf-ray: 986291f9bf11c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3242,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 214x34, components 3","md5":"183883232723b857835adb8c450c6db0","sha1":"1f40cad3ee18a506ab7110a883aa78d48b667dc5","sha256":"e606d1c6c795e0561ea9b9c24e1ff81fef71f628e797a7c6b25df91174755d83","sha512":"ad2161d5f0315b61c12f165a94f102a04445fb5773757e2d65f25da415b9944f887c8b1a8bac750220a90a275700d3a9b13a63fce09176a593fd7c1d2381b4d2","ssdeep":"","tlshash":"69616c20a602dfb1d7c813752fb4b62a0c66e74fd9335e6c2cf82b022d1115e38439e9","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.889616Z","times_seen":47,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":158,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/cdn-cgi/rum?","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:20.918Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 425\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nCookie: PHPSESSID=66gpcavpdjto0ovn346m5m24fj; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d995e3f7-3ab8-4202-88f2-ba729b81cf19%3A2%3A1; sb_main_a286902791a7f4c98bcb1e812322cd78=1; sb_count_a286902791a7f4c98bcb1e812322cd78=1; sb_main_a032b4d33c8aea68a4f9b84235614bff=1; sb_count_a032b4d33c8aea68a4f9b84235614bff=2; pp_main_2200540f09f939738419313a1a090c32=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=directlycascade.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 404 Not Found\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 28 Sep 2025 10:31:20 GMT\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hW66dtOu2pCB5NaM2cWH30Y%2FJCyn7OBAn5RLSDe2gESXYjfjAK51b0DflRQPaRaMF%2FmtajmjtEdRxoO17fB4yOWoxE2tnHRUbe2Lb9qoPqKlGO5UZvUKrQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 98629213bc01568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":151,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"45efc4779b2e6b43ed200755328af518","sha1":"badb6097a3c8fad00517f38352ba72b9f7b6637b","sha256":"d66dd0f2f24c4343661a5396e1ba76782fe651f7d422209eded956ebf90900fc","sha512":"862ceb668672d90ed3da9419ca69bf0214b5c34dec2353fea792a75fb1c0c2e5fd54e6e56cf1e9d4d60c4eaa7d98411f5cb5e128be2661d9bbd084d0dbd085e0","ssdeep":"","tlshash":"a1c02b3d35637e0c8563303522c3b190d0c6833774ba00220500c00330cb2e9cac33d7","first_seen":"2023-09-18T10:37:28Z","last_seen":"2026-04-04T11:46:36.879712Z","times_seen":12823,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/2f/d2/30/2fd230184f9add96378a4e3b877096dc/1680149814.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.042Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /si/2f/d2/30/2fd230184f9add96378a4e3b877096dc/1680149814.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 90423\r\nserver: nginx/1.21.6\r\nlast-modified: Thu, 30 Mar 2023 04:17:03 GMT\r\netag: \"64250d3f-16137\"\r\nexpires: Tue, 30 Sep 2025 10:31:21 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":90423,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"b94ddc39cf647a5388cb1de541a2a069","sha1":"8e26ee8b4f0524f8aed42f40c6f1b27bcb4b1f14","sha256":"44086e75b8415c02b421630e1d39698d72dbc015718f499f0e1bfeab9fd79d91","sha512":"1ccd5d961861bf7daf5abade81061240677585a1829d45e6d67dcbb3bd1193efdadabb5298f703417c41d54aebb2da69656cf3e02d27bde74512a6ccac73250e","ssdeep":"1536:88M4ztR5y8kYp5nIe2/gWF0LVXxdO9kdaZjvYALzjhPvPB8hnRJ3lEViCbcZb83j:bI8kze2hFCBA9k0hvYoFPhCT3aAqcZoT","tlshash":"17931233ac1f149a437881a55a0975d2cc9c72f80b6b898f531cecb5bcb279c5178376","first_seen":"2023-06-24T15:48:47Z","last_seen":"2026-04-04T05:52:30.43364Z","times_seen":792,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":-1,"dns":23,"connect":20,"send":0,"wait":38,"receive":35,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVn6iArmlw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /s/roboto/v49/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVn6iArmlw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 10576\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 22 Sep 2025 23:23:34 GMT\r\nexpires: Tue, 22 Sep 2026 23:23:34 GMT\r\ncache-control: public, max-age=31536000\r\nage: 472067\r\nlast-modified: Mon, 08 Sep 2025 18:08:17 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10576,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 10576, version 1.0","md5":"67fbc9a89d34a66c10ce237de8543401","sha1":"9060b07f6600bd6cd8e4241843e8eec743e29264","sha256":"add79d702aef2d1f1cf4865df00911e05816d06bd271602cca2966951f4658c3","sha512":"2c1d1b6bb390a2b240c15aa11a9afd8cadc7cbd8d51db420df16ea110e13c3931b4156e36b61108048b9d368b795db2d5173a2cf48a43fa8f35455a9488df084","ssdeep":"192:cldROAUbBbpRSTbCP12p7TX4eIFKT4HMgJWLgf+k17zReBfKxXUg:clLupUTGdo3D+MgB+gFMCxXUg","tlshash":"5c22bf638500535eb96cd0bf054c895259ee0e7b1bd190ede2de9508c2e19ec921acdf","first_seen":"2025-01-09T13:04:45.291473Z","last_seen":"2026-04-04T01:12:33.754356Z","times_seen":4270,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.932Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 22 Sep 2025 23:17:32 GMT\r\nexpires: Tue, 22 Sep 2026 23:17:32 GMT\r\ncache-control: public, max-age=31536000\r\nage: 472429\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T11:46:59.437094Z","times_seen":714426,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/dividen2.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/dividen2.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:17 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BRmvd2wxT%2FRhWdKq%2Fx2JwjGhWZmmIWusf8XKAi%2FGR%2BGbFKjVCNg0cbS0nFxs4u7zNV%2FKF62tn7JVAJI8Y%2BBMadUFl02YEb5r3GBMdRKbQvs9M4DmDr1Gww%3D%3D\"}]}\r\ncf-ray: 986291fae94a568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":307,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1x12, components 3","md5":"9877381a583f886fa0ebdb2b4929c139","sha1":"40fbca52b81e6036ca8266c352023563073cb65c","sha256":"a221e9cf311bf47bee7104cfcb579e180e88d9c1002477391465b828d408d5dd","sha512":"b3191b9d2eed70cc2bd5621e72466bef24fd1225b9c693e589002a894c8820485d56ced601fb284a4420e2f14a2665987bf1c2266f04c3db2fc99719cb8123fb","ssdeep":"","tlshash":"ebe022333302df03e8e1203033b1835c0b9c61c760175f4e0af17860bc942e00c40148","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.892638Z","times_seen":44,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":142,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.759Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 02:39:12 GMT","end":"Sat, 22 Nov 2025 03:39:06 GMT"},"fingerprint":{"sha1":"B4:6C:D2:16:CA:52:EE:BD:22:D7:B4:2C:64:FF:A5:EF:67:D8:E1:F8","sha256":"FF:3A:23:84:D6:B2:73:DF:50:6E:1A:45:A4:AB:03:37:0B:C4:4A:8E:82:12:99:10:80:A2:F7:FC:71:E3:BA:1D"}}},"request":{"raw":"GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1\r\nHost: static.cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:16 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\netag: W/\"2024.6.1\"\r\nlast-modified: Thu, 06 Jun 2024 15:52:56 GMT\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 986291fa8b895688-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19948,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (19948), with no line terminators","md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-04T11:46:36.877669Z","times_seen":330165,"resource_available":true,"data":null}},"time_used":273,"timings":{"blocked":127,"dns":3,"connect":1,"send":0,"wait":18,"receive":0,"ssl":123},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/big1/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:20.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/big1/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:21 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa84fe-13365\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S21mjKVxdWopK9kqcYFDn9287T4skbFPlKy71ZTKtRlbxJGZlILO78h8Jy2V9WmL6Q0iOPtWwmLSmmCdmReoy5%2FBnHtaD5c2Pimp1UXy\"}]}\r\ncf-ray: 986292152f7f712a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78693,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"5982c5377696d20476871062646b253f","sha1":"8bf2c93fa9ccc908f7df0fb7abb911bbac3e4242","sha256":"4e23a6449e6ef4614f0107cecf5c9eda75d2041c7c71f4a55d45f2a7e75450f4","sha512":"92592dac2a817293e8ec1d94bf99df639626a90d524420b01a12210398927c0650cc26fa8e730300096b29961563aa02efb707478c6d51ac8616bb1bde5a0cb2","ssdeep":"384:jvuAuF81dghu3uFlZlX/m/Gu7uNUtrL4VrbZJgBhLYNKwZiMUL6Vpaj7F:jvuAu21dghu3uhu7uNKwZiMUL6Vpaj7F","tlshash":"1d731bad399115845263861d83df9e68273ce5731826acef73c2488bcf8bf9867c9147","first_seen":"2024-02-12T20:28:38Z","last_seen":"2026-04-04T10:55:20.058723Z","times_seen":6231,"resource_available":false,"data":null}},"time_used":874,"timings":{"blocked":219,"dns":1,"connect":2,"send":0,"wait":435,"receive":0,"ssl":215},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/small/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:21 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YqwHmYg01csxd7hmiv0ox2nKrn5w%2B6Uy6R5fkaEYnepOU%2FcLdVERbFSkdumUuQFfnFy3shjWR2LmbdzhhqGt12ePAbXDxnurZ8qks6Ex\"}]}\r\ncf-cache-status: MISS\r\netag: W/\"65aa84fe-3c2\"\r\ncontent-encoding: br\r\ncf-ray: 98629214cf49712a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":962,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"0013fbb3bd9e7300fa1bc9f62501dcf0","sha1":"447e4a8994979e2e158b9beff79b94e7d1b29508","sha256":"4cf18df81115ddab6967dc82096077ee024223dac3c6ffc9b810bffb7780a20e","sha512":"288a5e82fdbfdadf11f5a15ed40b54b67dd43fd83f0666abf85ebc0f14ef3b6e5e9104c3491fdb85b40e5556b252d933ee8cbe6e381e96e01170e76c60003dc6","ssdeep":"","tlshash":"e7117d37156882f06257f027a15729d6ee32029ee81a5707721c06cd0ec47b913fa6e7","first_seen":"2023-06-25T06:36:24Z","last_seen":"2026-04-04T08:13:04.085082Z","times_seen":2255,"resource_available":false,"data":null}},"time_used":420,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":420,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/icons/menu_icon1.png","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.738Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/icons/menu_icon1.png HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:16 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:16 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=risSI2mHdcscqnHOMCP%2BykvdHchgQBAbHJDeRacgUIhOGC9HQ6%2FUgQ5Nk4tpvCAIBGRtZuWRliDrI1WJpkfMvjwpd%2Bf4fuVWPdnx0p1apgHvFvkrk%2FYpeiul\"}]}\r\ncf-ray: 986291f99eddc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":799,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 15, 8-bit/color RGB, non-interlaced","md5":"057f3a03db6632247b775365c549e29e","sha1":"42ff120db92305fb3ae4d5afad38671440cc49f4","sha256":"c0524f80a46dcfd4306d048153ae3c86c299dd49edb83df4ebf28bfbc4690a0a","sha512":"8a3562429316f56d4c4c2f53c9ca4de66e1139511d5c52b81e50355f5ad22ee3d25161b9b9bd86f9e47be6e8737af5176dd074b0d617a1361a33ea3460447b81","ssdeep":"","tlshash":"6d01c5d8d711a421461f60124a71c8517c1accdb7b7335086a8ba548f927a2e1239b53","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.792794Z","times_seen":39,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bvtpk.com/tag.min.js","fqdn":"bvtpk.com","domain":"bvtpk.com","tld":"com"},"ip":{"addr":"104.21.5.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bvtpk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Sep 2025 16:15:33 GMT","end":"Mon, 08 Dec 2025 17:13:51 GMT"},"fingerprint":{"sha1":"57:53:1B:12:8D:B5:A7:B6:96:E2:B4:FE:90:A1:D8:FA:24:94:9A:B9","sha256":"4E:2A:10:4F:06:F6:4E:34:B3:5A:E6:9B:A2:C7:FC:B2:A4:7D:55:44:3D:06:2B:38:35:A7:52:1D:F2:4E:80:5E"}}},"request":{"raw":"GET /tag.min.js HTTP/1.1\r\nHost: bvtpk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-trace-id: a0982fcdd0712d252b67cffdc4aefb95\r\ncache-control: public, max-age=600, s-maxage=1800\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 147\r\ncf-cache-status: HIT\r\nlast-modified: Sun, 28 Sep 2025 10:28:50 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t%2FKZDpJe7z2onP%2FpFSLt4WU62pViUxGmQzVrQVMxBHIxI6%2BW52oNhcv%2FafzF1lDRWjQA6yGIvPCfF5pBay4jdQVGuCaZwqs%3D\"}]}\r\ncf-ray: 986291fdfba8b51d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109903,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"59a5f86b0896f3b179053de2d9ad97bd","sha1":"cfefb6dc560a50701ba8a97a39c79c267b630061","sha256":"cafbe60713779c1b07efd752cccb2fd6a6c33555b268d9bd2aa1135e5d71f6f9","sha512":"009f00c38e04e88946cf5a23a1c59b8da97b3caaa2583517a371de96e8684125f11a1f7d3981d49e8f1df99eddc94635c7e50b3cf89feaceaad1c187c24d60f3","ssdeep":"1536:KORV5n7I9pN5MStR8L6Ru5HjQdXog6wTEDtr0r0:KORVd4n+qvXoRGEhr0r0","tlshash":"4eb31a9c625734711d7a9129785fc44daeeaef80048e89e4d0daac732653071d3bbfe8","first_seen":"2025-09-26T05:58:13.470734Z","last_seen":"2025-09-29T04:18:53.816115Z","times_seen":92,"resource_available":true,"data":null}},"time_used":79,"timings":{"blocked":0,"dns":3,"connect":1,"send":0,"wait":7,"receive":0,"ssl":68},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/icons/menu_icon4.png","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/icons/menu_icon4.png HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:16 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\ncf-cache-status: BYPASS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4kLcBPEdZf8nKNEcSPB%2Bp5YV787bByZn6PIWDFt9W2%2BtIIixdwGnv6mOvk5GbMk2VIacnfohORbf6a9IEfdymoC%2FJKx4i7ieyVVs9rVk4eLdCFm6OxhnlUYz\"}]}\r\nset-cookie: view=1; Max-Age=86400; Expires=Mon, 29 Sep 2025 10:31:16 GMT\nPHPSESSID=5l0dll5p6l5k944i1asmslpcf5; Path=/\r\ncf-ray: 986291f98ea2c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":872,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 18, 8-bit/color RGB, non-interlaced","md5":"abf76cfd0902c6b76a0b8d5e53ecde1a","sha1":"5c5170574b5bac02064b46582e98cb1578128c25","sha256":"c7a3040e6080d694db41b546b3694f6168e260a445bdaabaeabfd4625eb26579","sha512":"f3d9a329ede95c51b1343334e49de8ceebc67c6ccf3a8add4aa60b035978e6896a647e898f96fb5f1f1468f9386f9a314b5e5656b01cf44a2092b0ef3cb17c78","ssdeep":"","tlshash":"85119657abc07c34d0fe55c04c1948785dfafe6e00b5b61807869d78690b5dc28e0903","first_seen":"2023-07-03T10:28:09Z","last_seen":"2026-02-19T06:00:31.862001Z","times_seen":41,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/icons/menu_icon2.png","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.745Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/icons/menu_icon2.png HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:16 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\ncf-cache-status: BYPASS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BB8hMek0VOPyGSTJpArXN5IUUwSF68vTD8yOZ8WH1jHqwQLUug%2B5ox6l1Nxrfbv2cIm35s%2BZV8hfBXRQ4Mj2NRkXxApL546lZY%2B7LRyR6vQ265n50hM4JKD1\"}]}\r\nset-cookie: view=1; Max-Age=86400; Expires=Mon, 29 Sep 2025 10:31:16 GMT\nPHPSESSID=oj36elqctcmfrbjbaiisdi6i67; Path=/\r\ncf-ray: 986291f9aefac759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":748,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 17, 8-bit/color RGB, non-interlaced","md5":"be850667ad54c0c5781cc0a1cd531a2b","sha1":"2ba7d6b41f451a5b0e5d76f27ba822643827fd36","sha256":"c8a39d88a9a931c79a4609b2669edee2bc1fe3ddf5c878a8776fb82bdc68a635","sha512":"7daadb45c20c577a7974cde3b9037b29915498df8b9df0b4461d4ac19b5c20792475a5fe5b37c140d342afbcfea38ae8a00a8fbec51be9d6d195d08b17c178d6","ssdeep":"","tlshash":"0c01ba61315e0480cc39880f13c6842d3740c2c19d7c5e81fcdbf860d40d8e209b4fc5","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.888757Z","times_seen":38,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":232,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/right_curve.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.935Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/right_curve.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:17 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qLW6wGcI4rFaHNse4Yw8UNp3LlozRAqT7ild3BzCaI6pySFX65XR5hTbQ0JYkVwRNWU97JeM4G7kCnu99hoTCgARU%2FTeataBr2p2vHq4aTtePrJq4VxIjg%3D%3D\"}]}\r\ncf-ray: 986291fad934568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":736,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 300x20, components 3","md5":"01642f050d1be8c6ad025ea85a444054","sha1":"15b7046620e1782eb98667911114449803400e7d","sha256":"533aadc55d22f87b54a7454d5b51478b7b78813e77edd2aa64929460487b2d26","sha512":"4d48dabe3decdd5494401140184f8fb9383fd43cb58ef84e53013fd9e5490104a9ad6637af10fffeefa965825de84e3a0cb20f0f69b147bb8ca98690948b9e81","ssdeep":"","tlshash":"8a012b2d7380cb2fca7c23306abef68d79ac4e4591144f8925b13ddf9d0edd19102a84","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.904227Z","times_seen":38,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":165,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/right_shadow.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.936Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/right_shadow.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nset-cookie: view=1; Max-Age=86400; Expires=Mon, 29 Sep 2025 10:31:17 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IhmkxOLzrCwnQ34Dd3O%2F6Ui5R0dsFkDQ7gLcIeBArq6jstRPN3MTX8I%2FzGppL9XxXgOgQJsYJgPNqOFkTfRB6Bc2knMinvUdTd6AMU1Qi%2BHTDzPyZPj4sg%3D%3D\"}]}\r\ncf-ray: 986291fad937568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":592,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1315x9, components 3","md5":"ce19055304925b0d8e625375f35749b0","sha1":"e4373ef6d6c9744abb2f69b8d430b57c4b19e688","sha256":"f5f33e66a0e7790e0d5d9135a1b0a3d64e8dd408e49b23be3a0e729c60cb067c","sha512":"9570eb727a6f79c65babb868ccbb90a6247822e83981c44c97cb61d376eb89514d94ec7d904205921efd691ad32dc4780953c98664aa2ab897f91586cf30a280","ssdeep":"","tlshash":"24f02e332342eb03e9e6103032ba83080fac628a640bcf4d19f5bd90aca62d0088025a","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.830796Z","times_seen":45,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/bottom_curve_right.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.937Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/bottom_curve_right.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nset-cookie: view=1; Max-Age=86400; Expires=Mon, 29 Sep 2025 10:31:17 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ne8MYEtxK46WS3DEcz6dH3RR7f29X0y8wEtULDNA8QTjHryOl25C24kyIq5kTBcgi4NT59XAGPbxhMLsaRNihedBUNO4BZI1wzbKSCYCsTcMN38DtWhQeg%3D%3D\"}]}\r\ncf-ray: 986291fad93a568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1778,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1319x22, components 3","md5":"213a2c0ccd7e50e97a7afc49b067fab2","sha1":"3d768b7873aa8b3813d40484c104dfc0d82c7e82","sha256":"8b46909bc003149a5d4b492779f55e4602bf494415b7ac02c284bd1ce7a27e48","sha512":"ad9727e2a9ec53bd423c6689af8fb1d8a5509b4970de745feb100d06aef8c19b0c73cb42d9db682259fe2c0f91d8a4693c55bd09bbc88e0e9d75264180c0eae3","ssdeep":"","tlshash":"7631602b5346f30ec2a9c5f0273d428c9a3d2a18040a0fadbdf4a4e4a8656f0acd22d0","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.817522Z","times_seen":45,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/icons/menu_icon8.png","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/icons/menu_icon8.png HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:16 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:16 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FzAmZYR4W4CII2pWkE9hRqgiykwkG3BCsfcT9aZDJYFGsA8ncbUVOIOR7aSS9GcGHY0SR5Dp%2B2gW4ZYMSQ8g7Vz2khtmfc6QSp4SLx4sXUlhLWc3rTOelpb2\"}]}\r\ncf-ray: 986291f98e95c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":886,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 18, 8-bit/color RGB, non-interlaced","md5":"1e3f527464678255b3deb6e2ef3bc048","sha1":"83bf61ebe2fccfe0478b2f20c80057081f8b689d","sha256":"72f2f6137167a04f0e7ad4ba3beaca1696e5608ec5682fe3610fbdf7a4b10168","sha512":"1e93a7242e9972c9116c7fe06574f32e9ceb742f5842c785bd5877447cd41ee6939006cc42b3614368acc65cae4904e0e2f086c9cf4ff5d64afa558cb1254c56","ssdeep":"","tlshash":"b011b793088bdaa5fdac9ca09163080e57be683ea2074b61524588ab11043a9a6bd900","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.876443Z","times_seen":40,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/menu_icon3.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.944Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/menu_icon3.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:16 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:16 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D3lh%2BsbU89nSVD673XWxrad4misxQLEYBSv5R3ULAFrWGJrUBsOj16trSA%2FxMVUjoxzoAjo%2B3XJz4k1uB83JTJM7IpAWUpNy7LuzCGaadHT%2FnB7L0ns7XA%3D%3D\"}]}\r\ncf-ray: 986291fad943568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":763,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 16x36, components 3","md5":"7e5016396b00ec8ad53babe1aa774320","sha1":"14203ebe3acf240d381dd883b9437f92904340b9","sha256":"a4aedc8a7d6d033816d9d4e52048fbc76fb4a3d17163d38b0c34877f26ff1b58","sha512":"129a4c7b1e4fd3f2f7eb361e86dc18124af2779a4489ef8c6482a2565630374ffbb19778663b037c810d93f91e87e90bac3c9040844417d02720d50f04a8bc09","ssdeep":"","tlshash":"9701883fa697df0fc865063454375e3a1e5b21aa30135b0ec4fa1561fc7b64582e010d","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.893897Z","times_seen":45,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"x3os.com/5/9914495/?oo=1\u0026js_build=iclick-v1.1578.0\u0026userId=0802527612bf48edf56b687e06db9861\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=0","fqdn":"x3os.com","domain":"x3os.com","tld":"com"},"ip":{"addr":"139.45.196.64","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"x3os.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 11 Jul 2025 05:11:12 GMT","end":"Thu, 09 Oct 2025 05:11:11 GMT"},"fingerprint":{"sha1":"C3:E5:15:D4:B8:A1:30:A0:FB:97:52:5D:74:50:39:2F:59:1E:83:34","sha256":"A4:E9:4B:9F:89:07:AD:91:43:31:0E:8E:CC:2D:6B:B1:98:D4:72:7B:81:BE:78:81:F5:E2:AC:32:8D:C9:A3:6B"}}},"request":{"raw":"POST /5/9914495/?oo=1\u0026js_build=iclick-v1.1578.0\u0026userId=0802527612bf48edf56b687e06db9861\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=0 HTTP/1.1\r\nHost: x3os.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2599\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://torrentdownloads.rutor.app\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":197,"timings":{"blocked":84,"dns":0,"connect":27,"send":0,"wait":29,"receive":0,"ssl":55},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"x3os.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:20.915Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:07:02 GMT","end":"Sat, 29 Nov 2025 00:07:01 GMT"},"fingerprint":{"sha1":"AD:4F:15:9E:60:62:A7:16:BA:4B:37:64:C6:01:6B:2B:99:47:89:BE","sha256":"44:74:EA:98:35:48:9C:28:63:20:61:17:18:F6:2B:0A:57:68:36:F4:EF:B0:67:1E:C0:7C:41:30:13:2C:02:F1"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:20 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 2c4f7684d5ba2535ad7046ee493ec965\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"directlycascade.com/pixel/sbs?c=1","fqdn":"directlycascade.com","domain":"directlycascade.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"directlycascade.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Sep 2025 11:12:27 GMT","end":"Tue, 09 Dec 2025 11:12:26 GMT"},"fingerprint":{"sha1":"76:17:4A:20:73:64:94:52:3B:6A:50:E2:7C:F7:F5:73:52:38:47:A4","sha256":"66:CD:95:7F:5E:D7:56:27:7A:6F:3B:80:CB:84:DC:89:A0:F0:BB:44:49:55:B4:81:76:24:2E:38:E3:FC:78:29"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: directlycascade.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nCookie: uid_id2=d995e3f7-3ab8-4202-88f2-ba729b81cf19:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl22675059=1; sleca032b4d33c8aea68a4f9b84235614bff=[4323736]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:21 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: directlycascade.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/nav_bg.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.933Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/nav_bg.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nset-cookie: view=1; Max-Age=86400; Expires=Mon, 29 Sep 2025 10:31:17 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SVcLLLh%2BHU4lIN8nCBVd%2FyfwVe9SrvTqqBasNnxiy7RJwNWUTqkVkKJ%2F%2FEf2VEQbof9hK8r5SwtGglNEFnynKvTzby0ZYFvfQoq3y9DJzqqshlbblYbEtQ%3D%3D\"}]}\r\ncf-ray: 986291fac932568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":604,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 22x37, components 3","md5":"0f345fde31293c12005efbe878e04036","sha1":"575e1fb8e38577d73142c2667598194348858b0b","sha256":"449fc3adc444255fbfd78ba656ebb0f5521aca271dd963b7d5d18b4e464c8649","sha512":"fcde26de90254cf82e08b0cc7d1e8ba86978660cccb23745231ccaa21dd6f50ed86b42b33a3dd2faacfd6921fe69388572075c2cdd137601ed389bfa3cc73f9e","ssdeep":"","tlshash":"b3f0c9a2b3bbd707cce024312971527806a865cd38a34b4f2bf534409868ba409296aa","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.876889Z","times_seen":45,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":144,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"172.67.170.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:18.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 11:11:15 GMT","end":"Sat, 08 Nov 2025 12:08:40 GMT"},"fingerprint":{"sha1":"46:26:78:BD:18:7A:95:15:D4:B3:89:73:FE:7E:99:33:18:7F:21:3E","sha256":"AD:6B:6A:10:54:38:33:B9:BB:A6:FD:B7:B0:1B:2E:9D:62:B8:47:35:C4:E6:7B:F6:4A:92:AA:75:B0:29:F7:F3"}}},"request":{"raw":"GET /sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:18 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Mon, 27 Sep 2021 07:43:24 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EApOgRdjzf9yl%2FsOKf2MLYQProiPTG6RCQZdJpWovSBCrcBak%2Fs3%2Fq0%2Fr%2BSqfB0yQE70O8z6v%2BysoHRALcdj0WQ3KC16Nm8q3hUK4H0%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9862920288557127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1325,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"f6990569c7ffeac1f4a3f6d9eee5da44","sha1":"e7d5e37acf89a8faee252c36fc2c9d6615501d76","sha256":"cc2a9756c81bd570fff8b32e48a413687c33f8abe9c934e743a0769178b4f690","sha512":"be3ebced9d65b29fef8caab46e95f54f1ca645ea5942331c84c964ec033fb7c78506d14eda131948b7f664f1635deaa8d82a63169f9214f72035b087ea104bda","ssdeep":"","tlshash":"a52105692df9c97311e750947b352f1bed92ea87c80a6e0173bc9d684f9ad84cd23407","first_seen":"2023-06-26T22:59:31Z","last_seen":"2026-04-04T08:13:04.078884Z","times_seen":2352,"resource_available":false,"data":null}},"time_used":509,"timings":{"blocked":47,"dns":3,"connect":2,"send":0,"wait":415,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:20.807Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 22 Sep 2025 23:17:32 GMT\r\nexpires: Tue, 22 Sep 2026 23:17:32 GMT\r\ncache-control: public, max-age=31536000\r\nage: 472428\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T11:46:59.437094Z","times_seen":714426,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":26,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:20.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/small/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:21 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa84fe-d1b\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m045gNL8gdyLKAJGfe2YgNve87UZ1shUaOOrVK9OScGZWyV6yzy2HlWekAjX2MrkrBjFHX%2F9XzBAr%2BnMlkyAyxWuQbF354TxO4fer1DT\"}]}\r\ncf-ray: 986292144ef5712a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3355,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"039a6734d79ed9aa51cf81c52479c5fe","sha1":"9cf29c4ea1a3880681d50c7228374f8073b7778b","sha256":"a15bad73fc8907795285b78a4a1a1bf5e7f68b4d39988b9bb165444819cf9eb1","sha512":"879f067d02f582c2ff8f9c0308cbb44b24964136c4d8074f1a1b200169b520bb49fdd2b290772dfbc3ca432fba2ce9d5b1a398eb14746613cc942dd7567fa1d9","ssdeep":"","tlshash":"3a61ba966b670a04b51ad0ab3f667b4723084007995fed757fc8620ccfc92a8d6d378e","first_seen":"2024-02-12T03:25:01Z","last_seen":"2026-04-04T08:13:04.093839Z","times_seen":2154,"resource_available":false,"data":null}},"time_used":595,"timings":{"blocked":86,"dns":1,"connect":2,"send":0,"wait":422,"receive":0,"ssl":81},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/health/health_10.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/health/health_10.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:16 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:16 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6T5nGLUfcm%2Fz3rZE9y%2BSJieW%2BxlJdaSqFM9fV2SG8PGOc4qpxL8w8PIkycjN2xM8MJC2fB24xRapjz3ZY7XtmMLzDD2vpHHte%2BkpayMxWhtlLjPSYqx91z%2Bk\"}]}\r\ncf-ray: 986291f98ea0c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":547,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 46x9, components 3","md5":"92bcbc0cd112eae1857e22e2cff56f9f","sha1":"58d2da1cb88f877f26f6afffec397cd5220cf059","sha256":"a65e4db5daaed15b326a1b8d45dcfc88a903dc67abc768f3cc3d86d19309bcd5","sha512":"64e48cb96e7796f55f4a14ea13ddbfe605e210992910d9f643ffca62af7a62a6584039bccb7670c133bfbfd4b4168f9f305a619e9113a5dde2081c69c85412b6","ssdeep":"","tlshash":"80f0237bb386e783ecd6503175384728863c31d3b023cb5f41f5d91a98c41620c801da","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.887781Z","times_seen":46,"resource_available":false,"data":null}},"time_used":159,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":159,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/bar_bg1.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.941Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/bar_bg1.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:17 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w6Q5k3LYP69R5ppGn1Cp9mNMd%2BOlmnTd%2FXfTteI0HZU9S8LESWdMAkCBGS59G6RqFmL2L4ZCY9OCvaspCbFJcYoL1yh%2FzoXDQO53MLs8yrs82lTkX6VObw%3D%3D\"}]}\r\ncf-ray: 986291fad93c568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":326,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 4x27, components 3","md5":"0bfe67175523c405daed694c968a7278","sha1":"0d16932e37647b5353ccc97fd4933b02b7194bba","sha256":"b9950ba15dacc13bd468e1ceaaf478547683ff32bf8058a5937206fca5aedadd","sha512":"20a7cc05d2ba38017e2a086c7aa9ac190069627791a45de4b5270692fcff042c8ac9eabac153967e3a75f8eed397e36cdebf6320d86793039d040e748512a28e","ssdeep":"","tlshash":"e5e0a7336741db57d8e0113076f693280b9c2587640b4b4e0af178553c54394485105d","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.878564Z","times_seen":45,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/menu_icon5.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.945Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/menu_icon5.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:16 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:16 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lpYnLEhQXHcHlC%2FzNDoLTfAWDPTaR2YCFnyfVW8K9iNOb2VZJZabXYmzl9ne4RbqUSIgO%2F2sMwibUBvSlD1kAqw%2BxSZ00dbk5BuREt9n2Xi29Xrri4GK6Q%3D%3D\"}]}\r\ncf-ray: 986291fae945568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":827,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 16x36, components 3","md5":"b1dc36709898a03b7c21c65075bc6f85","sha1":"09363b3228c4985c1103634504c5a3f1d8165090","sha256":"8122fdabb4aa6a6f5e11e603ee4c0203c137974df285b6f6f83e08509267a8c9","sha512":"871173f0ef3683f28b5651e5a9029b97da60627fdc9d27396638433944718e7c5dd24dc414c0bf0a39e4b9018ae897e8c064134d51dad7fcc4b1c5298c90a1e7","ssdeep":"","tlshash":"ad01657d6786d79fe5c10b305131e3640baee0893263c74e0db971612d944d48fa03c7","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.875199Z","times_seen":45,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brewed.grasnibrowsed.shop/mtn/123057/fa5f27a2cebac1abf4a2101373d5e03d.1351055434.000","fqdn":"brewed.grasnibrowsed.shop","domain":"grasnibrowsed.shop","tld":"shop"},"ip":{"addr":"23.109.170.198","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.107Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"brewed.grasnibrowsed.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Sep 2025 04:21:52 GMT","end":"Sat, 27 Dec 2025 04:21:51 GMT"},"fingerprint":{"sha1":"CF:43:8D:F9:8A:55:69:59:6C:6B:C7:67:5C:5D:B2:BD:8A:1E:00:3F","sha256":"2A:DF:64:DD:5D:14:25:B6:20:E4:EA:7B:9F:DD:CA:F9:78:D2:51:14:65:05:C8:83:24:31:1B:B3:1E:8E:AE:0C"}}},"request":{"raw":"OPTIONS /mtn/123057/fa5f27a2cebac1abf4a2101373d5e03d.1351055434.000 HTTP/1.1\r\nHost: brewed.grasnibrowsed.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://torrentdownloads.rutor.app/\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://torrentdownloads.rutor.app\r\naccess-control-allow-headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires\r\naccess-control-max-age: 600\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"0d7a61a5ae2424f444691dfa38e694ae","sha1":"dfb2f770cb7740844d94d2a2517af244b34c56ae","sha256":"e3c083d0e62029a9fc90700e7effced43eb213718ad4e7517e5b05a5a0ad9e49","sha512":"dc4531ceee0347383f28990bd01470ce323b0338a83b5b51e2640e3a9d1509346e23fe490ebfaeb4d7a86fd8ef22d2d6465990e6cb6583468d47174b97d25d03","ssdeep":"","tlshash":"8a30000000000000000000c0000000000000000000000000000300000c0c000c000000","first_seen":"2025-06-10T16:02:54.181066Z","last_seen":"2026-04-02T19:45:08.476061Z","times_seen":1524,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":125,"dns":84,"connect":20,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/3d/81/bb/3d81bb97268ef5728376a4b8c41e5769/1680149067.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /si/3d/81/bb/3d81bb97268ef5728376a4b8c41e5769/1680149067.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 70486\r\nserver: nginx/1.21.6\r\nlast-modified: Thu, 30 Mar 2023 04:04:36 GMT\r\netag: \"64250a54-11356\"\r\nexpires: Tue, 30 Sep 2025 10:31:21 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":70486,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"5b12f832c47768efe99140878896a06e","sha1":"e4ad174888c105b49055b901cf85ea28fdf08718","sha256":"cd602fed63cebb83565961dae66555978c2e1927388e50c7fb2ee0bb70939fb0","sha512":"7cae7180c69b456dd973f5430e88eca4b0fcf150c999bf14d44601906a320290bb494ee6330a8d33dc0b2ee295dc335eda1e1c6a2a394a31abca690667be1196","ssdeep":"1536:ZF2THgeV1DYIau/86djX5X01YjA/K9NF+Hp8CB2fRHCr:ZF2zgeov8dLC1Di9uJXYfA","tlshash":"9563026fd9fc60573afb58489928afcbd87e91578710d304e164868d008f9cef21b792","first_seen":"2023-06-24T15:48:47Z","last_seen":"2026-04-03T15:41:36.83918Z","times_seen":809,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":71,"dns":0,"connect":0,"send":0,"wait":70,"receive":30,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"i.ibb.co/pyC2VvJ/alert-xxl.png","fqdn":"i.ibb.co","domain":"ibb.co","tld":"co"},"ip":{"addr":"108.181.22.211","port":443,"asn":40676,"as":"AS40676","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.729Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ibb.co","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 Aug 2025 07:17:47 GMT","end":"Sun, 16 Nov 2025 07:17:46 GMT"},"fingerprint":{"sha1":"30:62:E2:16:F0:8D:8F:C4:30:EF:67:44:60:2F:45:29:D1:5B:AF:94","sha256":"EE:AB:93:C9:6B:44:94:94:F6:EE:CA:98:DE:CE:BF:A6:25:9F:C8:76:A5:43:59:77:38:DD:D2:23:F7:9C:B1:70"}}},"request":{"raw":"GET /pyC2VvJ/alert-xxl.png HTTP/1.1\r\nHost: i.ibb.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 28 Sep 2025 10:31:20 GMT\r\ncontent-type: image/png\r\ncontent-length: 5554\r\nlast-modified: Mon, 07 Aug 2023 04:09:39 GMT\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, OPTIONS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5554,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced","md5":"8d0eed07b450044fdca282d1daf8a58c","sha1":"794e1284cdf81fd60154955c1805282ae21240cd","sha256":"baac89456a2d4dfdcdc14244fbe50a04ade7a401c82de605938a92e16f35c1af","sha512":"d1aab3205c8b00f207ea21f0996cbcfae1c9816fb73e749a4a85daf6eed19d5e40f90240c212bbe2ec17346b6e56132e467cb33c22aaf884efa910c482c304f3","ssdeep":"96:Pj88irwxhMv5KVO4+lcN+egT9cxF2gvPMdj80d7PJjOjSscgZ:PoWeGulq+eaSvUdXPFkc0","tlshash":"84b19e259de1cfcc6f774669d28af3f450520d90439276c83fdd8e710852288bc42724","first_seen":"2023-08-08T02:54:42Z","last_seen":"2026-04-03T18:56:21.861812Z","times_seen":3346,"resource_available":false,"data":null}},"time_used":7743,"timings":{"blocked":3717,"dns":0,"connect":3565,"send":0,"wait":304,"receive":0,"ssl":155},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/search_button.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/search_button.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:16 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:16 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PGjFL7LTxh3gGBmzw5Frizg2BKE6Fj2DP047jsrSf0VYHEr2TqOty4a8fa7KDO1lLFrOMIckKNjPF%2FQfHb1uWxTyrYo3iQ7u25lhFeJny11yE1m2WZ%2BsdCaW\"}]}\r\ncf-ray: 986291f98e92c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1665,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 103x33, components 3","md5":"a28d1af1e57b48bd04a7562f7e669b94","sha1":"57b1d385bca8f16c5018d5ba7fc22bfeac5d0334","sha256":"d5f95b78d422281dbc6216abb837a214b59c421c4e32cf9f60bb58bf3a70899f","sha512":"dcfa5d7733b9e91653f3ae9ba31823486f362e1bab6cac74eb43ec7cbc3f63723b004b6bc5ff77e39c0272e63d80099d3e4bd389b18acf30e9fcb470b467c2dd","ssdeep":"","tlshash":"7331e8e093076fbdd8c61c30b7b4d60600aa53ca30e4b72e12f9f96578762ea04c402a","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.89735Z","times_seen":46,"resource_available":false,"data":null}},"time_used":223,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":223,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/icons/menu_icon9.png","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.745Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/icons/menu_icon9.png HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:16 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:16 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BemUlZ2DesxacrR%2FUXyLNODtBhzp25AMonZtMPgIQeGdE4omdjLfTjsQIERls%2BAsn4S2WxxOX%2BOgIAbJIuxW5ghKgKXf1%2F1LDwhoJ6tMmUmFMyrdS%2FFBayEX\"}]}\r\ncf-ray: 986291f9aefec759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":595,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 14, 8-bit/color RGB, non-interlaced","md5":"68d8c7294f67dd71f00a55d10519b2b1","sha1":"6846785963d2f7fc960d729d6c08301127c42c0c","sha256":"243cf1b4107b029ec39d350547c9e802f6fdcb88f3adaf5dc5a3c25397aa6d33","sha512":"bc3a214127d56c241347196600277d73c4df342abfe985ff7c137dceae1f06e71f38cf1e976b84af0e341a3d316570fb54e4163e32cfc76c5cb836ed91ce7085","ssdeep":"","tlshash":"80f09dc1d241cfb600f1501353ba96527a29bdf935fe54055cdf7239cf14d24c0514c4","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.857304Z","times_seen":43,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.761Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Aug 2025 21:31:25 GMT","end":"Sun, 02 Nov 2025 21:31:24 GMT"},"fingerprint":{"sha1":"8C:BC:E6:45:99:A6:42:A8:C3:7C:33:7D:77:C5:9E:C7:70:2A:A9:6C","sha256":"44:0D:F2:B1:46:00:9E:72:AB:F2:58:53:DB:2A:6F:97:C8:DF:54:6F:43:D4:84:F7:D4:6A:D5:F7:8B:ED:15:C2"}}},"request":{"raw":"GET /a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:17 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 29940\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 4d0995258aae51a6dace215c9e5185a3\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":76299,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"0a1ecf85998163218ea782601374c22e","sha1":"0405031eefdc0c58bbbe227e9321c193268e05a8","sha256":"3eecfce33e2dcfe4726e2b953bfbb68275516924ec3d816c4ba1ba485884393d","sha512":"d48a4fc1a93b8fe5bc10473daadb1f0a4ff50b59e790acf9f42b2c7f57772f92af5c38d243820c9a2d6aac5075a8ef1327def9298011a3fcd70a2b2452b39abf","ssdeep":"768:fpCxicwKzukjCm/hYE4JoYC3ouzBcX2nVrHpSFXcdDqxv1l2qo0uw7T3SPGw6SXW:fppUCQ37rVT0Rcd+9keSPjzjlI","tlshash":"f273ea4c3f95f1ad43a26073222f941bf12a1d51b06cf8c8d253e8bc6eb9769b536b14","first_seen":"2025-09-26T17:15:33.08141Z","last_seen":"2025-10-08T07:17:41.063917Z","times_seen":28,"resource_available":true,"data":null}},"time_used":854,"timings":{"blocked":332,"dns":52,"connect":91,"send":0,"wait":96,"receive":92,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.290Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:17 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3430\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: d415076d1f7239aaa1a0a5f904fc94c9\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6293,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6293), with no line terminators","md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"resource_available":true,"data":null}},"time_used":734,"timings":{"blocked":400,"dns":0,"connect":0,"send":0,"wait":114,"receive":0,"ssl":220},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/cdn-cgi/rum?","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.700Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 425\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nCookie: PHPSESSID=66gpcavpdjto0ovn346m5m24fj; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d995e3f7-3ab8-4202-88f2-ba729b81cf19%3A2%3A1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 404 Not Found\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=krqpGacf732eY%2FsC6D%2BHgvaXY5oI0WjzbOYc7QDdykFmuH1uEZqkX5tgAiGUhrI8fxInGp%2B20MgfmT%2ByVpv2DI0A7MjSrFfp4Ya5coe4LUrJU1RNW6%2Ft%2Fg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 986291ff9971568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":151,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"45efc4779b2e6b43ed200755328af518","sha1":"badb6097a3c8fad00517f38352ba72b9f7b6637b","sha256":"d66dd0f2f24c4343661a5396e1ba76782fe651f7d422209eded956ebf90900fc","sha512":"862ceb668672d90ed3da9419ca69bf0214b5c34dec2353fea792a75fb1c0c2e5fd54e6e56cf1e9d4d60c4eaa7d98411f5cb5e128be2661d9bbd084d0dbd085e0","ssdeep":"","tlshash":"a1c02b3d35637e0c8563303522c3b190d0c6833774ba00220500c00330cb2e9cac33d7","first_seen":"2023-09-18T10:37:28Z","last_seen":"2026-04-04T11:46:36.879712Z","times_seen":12823,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/cdn-cgi/rum?","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.701Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 425\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nCookie: PHPSESSID=66gpcavpdjto0ovn346m5m24fj; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d995e3f7-3ab8-4202-88f2-ba729b81cf19%3A2%3A1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 404 Not Found\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=urUKB%2FYi5imnS3VVuzlmmE25l4nQmvwvUybkOiSvvOVt7zBaxkHgr2Is%2BKVB%2FnZoC3XF4BAV%2BgJJgvIURUkpwXNO36C3291RvISygYVjdW4c6aSQSfhDEw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 986291ffa973568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":151,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"45efc4779b2e6b43ed200755328af518","sha1":"badb6097a3c8fad00517f38352ba72b9f7b6637b","sha256":"d66dd0f2f24c4343661a5396e1ba76782fe651f7d422209eded956ebf90900fc","sha512":"862ceb668672d90ed3da9419ca69bf0214b5c34dec2353fea792a75fb1c0c2e5fd54e6e56cf1e9d4d60c4eaa7d98411f5cb5e128be2661d9bbd084d0dbd085e0","ssdeep":"","tlshash":"a1c02b3d35637e0c8563303522c3b190d0c6833774ba00220500c00330cb2e9cac33d7","first_seen":"2023-09-18T10:37:28Z","last_seen":"2026-04-04T11:46:36.879712Z","times_seen":12823,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F48%2F48%2Feb%2F4848ebd6f7295875a5d388ec2488aba3%2F1648542421.html\u0026l=1538\u0026fd=419","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:18.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F48%2F48%2Feb%2F4848ebd6f7295875a5d388ec2488aba3%2F1648542421.html\u0026l=1538\u0026fd=419 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:18 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":144,"timings":{"blocked":50,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/logo.png","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/logo.png HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:16 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\ncf-cache-status: BYPASS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4juibRx%2B52%2Bc89L8OogWeoLnKV1GFtg036%2FSjC7JZKPC2MMQepCai0CrMV19nyVqVKGdYwLZCWAvf7Taz6w7kgUTvcetMtzU%2B1ozx74Vblkx8HojD60ujA4G\"}]}\r\nset-cookie: view=1; Max-Age=86400; Expires=Mon, 29 Sep 2025 10:31:16 GMT\nPHPSESSID=2u8k63dg4d7raoouspjlpa76fm; Path=/\r\ncf-ray: 986291f98e8fc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23644,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 350 x 130, 8-bit colormap, non-interlaced","md5":"ff0ed17b6b908eea4fd995fa66d4f4a1","sha1":"e880fcf82c1b501b9704ce471441bcf5022e7f69","sha256":"44916c92e6677041220873896d1d712430ae570746ecbf1f035ccea7ca65df21","sha512":"3c0f681c27fce2f00b842e6cd071433cd56667691686c3a7bced460fddec1b2475bd59e7d58ab466d412c157833451cc82dfaa4640bf26ecf99b54b3595c8e79","ssdeep":"384:DcN1ihW48bDcKjjIFCs3a+stQ2PEK+HQMvbpGrST5HOcnTb2LyQr6gj:DAq6DcuaCFPEK+wMcSFHOcnNo","tlshash":"cbb2e08f954ed93d738cc2ba05a3c30f246566090489a5b5b4a793fd5bff838f52216c","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.886956Z","times_seen":44,"resource_available":false,"data":null}},"time_used":199,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":199,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/double_btn/1/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:20.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/double_btn/1/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:21 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa8501-de5\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6YMLOSs2fVREFxK7Wjc9ZHF%2FhL9rEXsq112NsxEqFUFYuqO87U1nQ1lBf2hq5uwmLjV5SbAH96wH76eB1RpGgTA1vxpLt29iWftDA%2B8M\"}]}\r\ncf-ray: 986292141ebf712a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3557,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"c01d4fba11adf3d6508e762a1916d2d6","sha1":"6a31faa2e071d562072bf5b55fbce8aed53267c6","sha256":"336e9c3de6bf1654a3c9bd9701c49f083b4d4df33c150c76345a4a450ebf05db","sha512":"5c1b3add3011c00a1df072d5798e37a0d2dc34fd7095ad3a80ca3b2ea65e37f1e7de03912a43798e2d99bdba82a3da0a57a4331886423ad0f995c3adf14fcaae","ssdeep":"","tlshash":"c8710ec63b791604b417e46a39522b5777148103aa0fddb46fd1341cceca2dacae238f","first_seen":"2024-09-21T10:46:03Z","last_seen":"2026-01-26T20:35:01.93588Z","times_seen":194,"resource_available":false,"data":null}},"time_used":592,"timings":{"blocked":50,"dns":1,"connect":2,"send":0,"wait":490,"receive":0,"ssl":48},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:20.912Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=66gpcavpdjto0ovn346m5m24fj; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d995e3f7-3ab8-4202-88f2-ba729b81cf19%3A2%3A1; sb_main_a286902791a7f4c98bcb1e812322cd78=1; sb_count_a286902791a7f4c98bcb1e812322cd78=1; sb_main_a032b4d33c8aea68a4f9b84235614bff=1; sb_count_a032b4d33c8aea68a4f9b84235614bff=2; pp_main_2200540f09f939738419313a1a090c32=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=directlycascade.com\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nlocation: /cdn-cgi/challenge-platform/h/b/scripts/jsd/5783333ceb22/main.js?\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public\r\naccess-control-allow-origin: *\r\ncontent-length: 0\r\ndate: Sun, 28 Sep 2025 10:31:20 GMT\r\nserver: cloudflare\r\ncf-ray: 98629213bc00568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10175,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.288Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:17 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a350d7f62f4cf6c23c59403a09c1c181\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":209,"timings":{"blocked":78,"dns":0,"connect":25,"send":0,"wait":27,"receive":26,"ssl":52},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/au/37/53/81/3753818e0c2f1ad10c29c0db8970b6aa/1698745392.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"172.67.170.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:18.113Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 11:11:15 GMT","end":"Sat, 08 Nov 2025 12:08:40 GMT"},"fingerprint":{"sha1":"46:26:78:BD:18:7A:95:15:D4:B3:89:73:FE:7E:99:33:18:7F:21:3E","sha256":"AD:6B:6A:10:54:38:33:B9:BB:A6:FD:B7:B0:1B:2E:9D:62:B8:47:35:C4:E6:7B:F6:4A:92:AA:75:B0:29:F7:F3"}}},"request":{"raw":"GET /sb/au/37/53/81/3753818e0c2f1ad10c29c0db8970b6aa/1698745392.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:18 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Tue, 31 Oct 2023 09:43:17 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9w8xhLJlMyjnvC%2Bx9q6H%2B5UXLUO2nlKYVaP5j26YYNg2bxNQxF8UsYYHbBDuWs8UBnaw7C4clvOYjkRbb%2BAgNDeoSCh1l%2FlqK7mU8WI%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9862920288587127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1380,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"26d1507786aee913b44c1baba6902e9d","sha1":"cc31be60c22dcdc797a21ac34e58fff005b429ef","sha256":"20d254537a81fe6ab8aacab5132b42e2b855f9d693199f2bcda0e48d5c99c02a","sha512":"ac37aa9da3d68fa1dfb0cd46e7081eb2a6c97acdc2c5f11c037d2d3787dca780cbc562c31ccefc3d256e8e73364170e0e4c50cef9cd2e4cef0fcd4197a380e32","ssdeep":"","tlshash":"7a210a656ce4d53300c2a0807b312f2bed91da43cc8b454133bd4a908fd6ed9cd97547","first_seen":"2024-09-21T10:46:03Z","last_seen":"2026-01-26T20:35:01.956213Z","times_seen":223,"resource_available":false,"data":null}},"time_used":512,"timings":{"blocked":48,"dns":4,"connect":2,"send":0,"wait":415,"receive":0,"ssl":42},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/cdn-cgi/rum?","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:20.951Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 460\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nCookie: PHPSESSID=66gpcavpdjto0ovn346m5m24fj; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d995e3f7-3ab8-4202-88f2-ba729b81cf19%3A2%3A1; sb_main_a286902791a7f4c98bcb1e812322cd78=1; sb_count_a286902791a7f4c98bcb1e812322cd78=1; sb_main_a032b4d33c8aea68a4f9b84235614bff=1; sb_count_a032b4d33c8aea68a4f9b84235614bff=2; pp_main_2200540f09f939738419313a1a090c32=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=directlycascade.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 404 Not Found\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 28 Sep 2025 10:31:20 GMT\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FEBpnHJ%2B8gq0fi73q07XuSwOntxg0xBZyge1GsoM2GobbJDYkXgQ9lJrIOqaTbDSdV6W2WG5gAjBwoYnJRCY6RhqxnMi1u41DRf84qX0TdtnR5hFBlNtLw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 98629213fc06568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":151,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"45efc4779b2e6b43ed200755328af518","sha1":"badb6097a3c8fad00517f38352ba72b9f7b6637b","sha256":"d66dd0f2f24c4343661a5396e1ba76782fe651f7d422209eded956ebf90900fc","sha512":"862ceb668672d90ed3da9419ca69bf0214b5c34dec2353fea792a75fb1c0c2e5fd54e6e56cf1e9d4d60c4eaa7d98411f5cb5e128be2661d9bbd084d0dbd085e0","ssdeep":"","tlshash":"a1c02b3d35637e0c8563303522c3b190d0c6833774ba00220500c00330cb2e9cac33d7","first_seen":"2023-09-18T10:37:28Z","last_seen":"2026-04-04T11:46:36.879712Z","times_seen":12823,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fdouble_btn%2F1%2Fjs%2Fscript.js\u0026l=1144\u0026fd=509","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fdouble_btn%2F1%2Fjs%2Fscript.js\u0026l=1144\u0026fd=509 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:21 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":8,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.932Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 22 Sep 2025 23:17:32 GMT\r\nexpires: Tue, 22 Sep 2026 23:17:32 GMT\r\ncache-control: public, max-age=31536000\r\nage: 472429\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T11:46:59.437094Z","times_seen":714426,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/icons/menu_icon5.png","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/icons/menu_icon5.png HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:16 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:16 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4Q%2Fq4BC75jZZ%2Bdu2fImmOMtXKWoepX7vwhVR0M9tbBVW6hcvYOuHM%2B%2FgzjxI3yC4vx3gxrGmb3GvGbvksfyYsF%2BOswaEfsSiwl3kQGU%2BkNuuAYDynUedoi4H\"}]}\r\ncf-ray: 986291f98ea3c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":825,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 18, 8-bit/color RGB, non-interlaced","md5":"cc83c761a80d944e17cdec9ea5134444","sha1":"99755d5eb4ff7db601ac1c15e3fdcfc8ac2e5f93","sha256":"52caeeda4ee38413bc516e1595a50abccafd1f64993158bf71f77807ea22c53e","sha512":"05936107abdf213c01b7c7b9104ece2952b3c0a9332854266cd4a9d8f10373e3eb5c4179c7fe3d850b19b478efd9e5aef60e7cf7dc4e22cd8e4985a9d61a5d0d","ssdeep":"","tlshash":"b701cab49020f446e1bb0f755281d45dc0b57fd93dee80005500a24fcbc71edb1c62e2","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.829015Z","times_seen":41,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/login_icon1.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/login_icon1.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nset-cookie: view=1; Max-Age=86400; Expires=Mon, 29 Sep 2025 10:31:17 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=953AIyhoN0TUk9VgCt10%2BGVGQstbZ8vY9IKX2q8tiKUL%2BngtwSteTZv69mVLnKZYQtanFujeCQrO%2F1UQEvKuo6UVKTjPe2u0Lbwq9nT0XuGT9ntFy0r8fg%3D%3D\"}]}\r\ncf-ray: 986291fac92f568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":372,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 7x8, components 3","md5":"36a020e60556beb200223b652725687b","sha1":"663f86b2f73f7943b6ff1542937fc30529a74ec8","sha256":"de91020350253331f7d48a0c1ebc9349b81a6771acbcd3c46e02fa2b5324c477","sha512":"b488ed7f0df64a103e2d2c842f3e15547b59a0eac181d42e8de332042ea34b72607e146ad6e34b32a1af0030186e7b15af61bb602358080cd05237ae3961450c","ssdeep":"","tlshash":"f6e02b3a5302cb1bd9d110315afae30c17ec66c634375b4d09f47942b8583764880419","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.81617Z","times_seen":45,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":158,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/left_curve.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.934Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/left_curve.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:17 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=enQ4m%2FkNZHhLKI9YWpGRHO2JD%2Bz2vFVB5fsZdsne%2F0uMe06rQIxVai7R%2BM1er2iqFtA4UPuu%2F%2F976cN%2FDGrD4FfKhtvryBMLok8g%2FNI%2FTlN4UV2WC1BjQg%3D%3D\"}]}\r\ncf-ray: 986291fad933568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":369,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 4x20, components 3","md5":"dccf655d35694911ddcf8ae610560a89","sha1":"a4f8cd16bd03c3088f9c4b4c418663d0f1d765c2","sha256":"003005a69f87526e7ee8162988071e2f1bc1fd902f47cdf12b1896fed5cf333d","sha512":"ffdf156a1cc3770eb46f14ec976f932568a6e4243b0907d583e8ad965604aa6d5de51d7ee8102e27bffbedad4a568c6feedee6525fff78fef263a0f6c4c2a01e","ssdeep":"","tlshash":"95e02b3a5389df13ece0113521f1876c469c58cb60134f5d19f235103c976844961059","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.871007Z","times_seen":38,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"3.123.144.251","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.291Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://torrentdownloads.rutor.app\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=11615baf-20c6-4fe4-a7eb-8fdaad06d740:3:1; expires=Wed, 26 Sep 2035 10:31:17 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"3ada769701304b91cd9d13908fa360a9","sha1":"b2386a659e09c3f83852285de60ad2f147d498fd","sha256":"ffb1f417c522b905a84e34695856f717daca99ac1623e765b1d9aa8e46ea071f","sha512":"71129075fcecc1f4a6737ce724036d54a854af620bb2fb6c980d232b5b420b704d64d75c769eaa19b1cf89f8cd41d741140a85c0ac71de4408e88750de83a704","ssdeep":"","tlshash":"569004c37035f1c10c5704530d70155d541053350475d155430df44d40555400371003","first_seen":"2025-09-28T10:31:49.090125Z","last_seen":"2025-09-28T10:31:49.090125Z","times_seen":1,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":99,"dns":2,"connect":24,"send":0,"wait":24,"receive":0,"ssl":72},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/5783333ceb22/main.js?","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.375Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/5783333ceb22/main.js? HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=66gpcavpdjto0ovn346m5m24fj\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\nserver: cloudflare\r\ncf-ray: 986291fd995f568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10116,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (10116), with no line terminators","md5":"eb06b7cd07bbad20db07ff7ea362131f","sha1":"5745cf51ccf9311b61248a2085efe69051a0d2dd","sha256":"8a4f16a294032f5de4e8e1b2939ca77f9aef93370ea52b9f07cbc7eb96be47dc","sha512":"2401bccab21e866893d0a74e014bcf147d9eb292cdeb9f0633be311c21ec6c14d03945988a0fb7422f09918b39b7551ce7b7a91fff3ecc662195497cc69489b7","ssdeep":"192:JMoRVi0VKp+kpvHCmUJcKuPKy+9KUWWuBHgxCpCJnLCn8Nrova7xCQAMdXcJoOZr:9Vi0VKp+kpvHCmU6KuPKN9KU8yM1lSOZ","tlshash":"6722e7ca7d4cf92c020839c405efb7d71370fd917c8aa944639179a47e30b95ba8ad8e","first_seen":"2025-09-28T09:46:38.662837Z","last_seen":"2025-09-28T10:31:49.091925Z","times_seen":4,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fdouble_btn%2F1%2Fcss%2Fstyle.css\u0026l=3557\u0026fd=552","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.464Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fdouble_btn%2F1%2Fcss%2Fstyle.css\u0026l=3557\u0026fd=552 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:21 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":133,"timings":{"blocked":41,"dns":0,"connect":0,"send":0,"wait":92,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js\u0026l=962\u0026fd=422","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.510Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js\u0026l=962\u0026fd=422 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:21 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":105,"timings":{"blocked":13,"dns":0,"connect":0,"send":0,"wait":92,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/titl_tag3.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.757Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/titl_tag3.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:16 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\ncf-cache-status: BYPASS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s8HlUrMLDKZJG6fIAzEBpAenX4UF7VvSFLF%2BXlNiQCn6Xomt%2BNzmkJBMMwdWfnIMjt16i5muzBpnWgypFl4n1NEldp0UnnHZnwjye8jInJF4VIA2nEtQhyWJ\"}]}\r\nset-cookie: view=1; Max-Age=86400; Expires=Mon, 29 Sep 2025 10:31:16 GMT\nPHPSESSID=66gpcavpdjto0ovn346m5m24fj; Path=/\r\ncf-ray: 986291f9bf19c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2953,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 214x34, components 3","md5":"e78df56052438a51436066af9304e4a3","sha1":"df0947d0e819e9638f9d792768577fcc5c33c501","sha256":"c90be691d9ccb9a84014b02fb2f4181a89fbd49084f39aaeeee5c46e81d52d07","sha512":"cd5e4373cbce3836cd3216a795746323feb2ecdc73d4ee46461b3adf43e44ff08663ceccc1ed9eb498201dfe3ca9b33c58e18dda87b260e61409bafe057e8a19","ssdeep":"","tlshash":"b3510967ae408f83c96414388afd1b83cf8d9285b0627d559ab4b7c8a8884e94a8422d","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.872407Z","times_seen":47,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.760Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Aug 2025 21:31:25 GMT","end":"Sun, 02 Nov 2025 21:31:24 GMT"},"fingerprint":{"sha1":"8C:BC:E6:45:99:A6:42:A8:C3:7C:33:7D:77:C5:9E:C7:70:2A:A9:6C","sha256":"44:0D:F2:B1:46:00:9E:72:AB:F2:58:53:DB:2A:6F:97:C8:DF:54:6F:43:D4:84:F7:D4:6A:D5:F7:8B:ED:15:C2"}}},"request":{"raw":"GET /a2/86/90/a286902791a7f4c98bcb1e812322cd78.js HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:17 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 29968\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 5\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 1315da377c29e1b9576052b6a4b03211\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":76351,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"d0ea6476910df0cc92e1cf2b06ff069e","sha1":"67da09199c25e07d79e50573803fdbc8a2073fd3","sha256":"3899b9d544e036c688a5072b6aec34eca74acddd70ef28331f041ef331ff3981","sha512":"c5e3f4f0c6a7a7a511a842cac76f61923135686ab4d51b6e5e217451e04cb5d0fc47ea16b15067bee793f6c391005e71ba4bb1612d17a34d2f386b5960ca14c6","ssdeep":"768:mpCxicwKzukjCm/hYE4JoYC3ouzBGXDnwrHpSFXcdDqxv1l2qo0uw7T3SPGw6UX/:mppUCQ37swT0Rcd+9keSPj3yY","tlshash":"bb73ea4c3f95f1ad13a26073222f941bf12a1d51b06cf8c8d253e8bc6eb9769b536b14","first_seen":"2025-09-27T03:00:11.89033Z","last_seen":"2025-10-08T07:17:41.062037Z","times_seen":40,"resource_available":true,"data":null}},"time_used":854,"timings":{"blocked":332,"dns":52,"connect":91,"send":0,"wait":98,"receive":90,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"matomo.hellohi.me/matomo.js","fqdn":"matomo.hellohi.me","domain":"hellohi.me","tld":"me"},"ip":{"addr":"172.67.219.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hellohi.me","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Sep 2025 02:30:09 GMT","end":"Wed, 10 Dec 2025 03:27:45 GMT"},"fingerprint":{"sha1":"77:E9:73:0D:B1:FF:D8:33:D2:70:E5:D7:AC:43:15:25:3B:5E:8E:B7","sha256":"1F:E0:AF:A2:3A:69:98:87:C5:49:EF:0B:41:08:52:24:C5:3A:2B:56:AD:92:AD:93:7F:5C:00:22:3F:66:FE:4E"}}},"request":{"raw":"GET /matomo.js HTTP/1.1\r\nHost: matomo.hellohi.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0gJrs1rVbaHJBv56TszOhXhqipRlT%2BWeWuWr5OuzMv9rdgB8GMfy156t%2FURlfF6TbUxo%2Bar4TnSQCveNytg3qeAXpSrKxtHI7FMMYzuE95JN\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 986291fc3ef95a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":459,"timings":{"blocked":193,"dns":6,"connect":2,"send":0,"wait":71,"receive":0,"ssl":186},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/favicon.ico","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:18.880Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nCookie: PHPSESSID=66gpcavpdjto0ovn346m5m24fj; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d995e3f7-3ab8-4202-88f2-ba729b81cf19%3A2%3A1; sb_main_a286902791a7f4c98bcb1e812322cd78=1; sb_count_a286902791a7f4c98bcb1e812322cd78=1; sb_main_a032b4d33c8aea68a4f9b84235614bff=1; sb_count_a032b4d33c8aea68a4f9b84235614bff=2; pp_main_2200540f09f939738419313a1a090c32=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=directlycascade.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:18 GMT\r\ncontent-type: image/x-icon\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nlast-modified: Thu, 04 Nov 2021 00:04:57 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zst9Rt0boh369%2Feup7W2U%2Bf%2FPEOQDhowxiRrt5mEeY36042lsJe3FozPh2dKBSc2HONohO4K8B6k8TCr3HhZeKR7rLnaJSWG8sE5eiNcRFLN%2FkJg1OkL2g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"618323a9-3c2e\"\r\ncf-ray: 986292070a41568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15406,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"341355b4a77e414b9d53c93cf61025bd","sha1":"fcdc7b844718d8a942eb44bbb675a50701441697","sha256":"95d3a09a970f56c7ca3229698b3dd5f865c35bc02b82d445be6272e48ceac46c","sha512":"afa58f3572d19f964d08f57e451c8eaad3e2a44026f80af8210e678fb343be64a184d71b437b4f9bf2a8719aa1b5f2e7187f5cf3822be2c86ce5738a01d6cfad","ssdeep":"96:vqpgh6DCNIfFBLGYiJCuvDgdJkgaFwnYPYR4Ph8v4vxiRcrwX:vqShmKIfLnihyJLR6YR4Gv4v6cU","tlshash":"326263118055e021e4231fb071fe6e7d239faddab4922b8a9c2db44027b3a3660485ef","first_seen":"2023-06-04T22:08:33Z","last_seen":"2026-03-28T04:22:46.769415Z","times_seen":79,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/rss_icon.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/rss_icon.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:16 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\ncf-cache-status: BYPASS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jU0uN3bhUya0QBnTN7XgxrjLcreDMuI%2FFpKPY4REUA4ahrpbv0%2FmFyJm6GD%2BccBpePeSOpBXS4VXo1TtR5A%2Bhgp4fIdsp7fR2sFZYZpsXX2KDPSxXkXBXMRp\"}]}\r\nset-cookie: view=1; Max-Age=86400; Expires=Mon, 29 Sep 2025 10:31:16 GMT\nPHPSESSID=6rukjqf6oumlp8eebjgv9ub64r; Path=/\r\ncf-ray: 986291f98e9fc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":684,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x18, components 3","md5":"c57ad80f1d37b8ad785b0985b8f87858","sha1":"30b7fe94aed4b78cf763d6743f8fc905d9e21814","sha256":"a633fc577d538c19402d8f983beb987c86f56c34679385c32e46d9199862043c","sha512":"0350a80aab13b4ca47698ae198e96707ee592ddf6f94f83146b71a09c50637b772c8c43fb6b00f775308cfd4229f885c2c20cdc796565388fbe40a0db8588e84","ssdeep":"","tlshash":"ab014136226dff53ede006f13db18b2449dcd2c2705b9b8c01f27722bc891c558a814d","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.882135Z","times_seen":41,"resource_available":false,"data":null}},"time_used":186,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":186,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=d995e3f7-3ab8-4202-88f2-ba729b81cf19\u0026eb=bcc2bf15b54b9ef4041d8328a3a75221\u0026te=cb12021f3311658dba63bcdbf4a88a26\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=2200540f09f939738419313a1a090c32\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=10","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.013Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 21:53:17 GMT","end":"Fri, 28 Nov 2025 21:53:16 GMT"},"fingerprint":{"sha1":"AA:2A:FC:C2:EE:01:8F:55:3F:19:46:84:4A:C8:A0:95:62:50:5C:A3","sha256":"3D:8C:1A:2E:1F:32:30:D4:D8:4F:D2:FB:CC:99:F1:9C:05:E5:7B:D8:9D:7D:24:86:AD:C5:1E:62:55:44:A4:CA"}}},"request":{"raw":"GET /pxf.gif?uuid=d995e3f7-3ab8-4202-88f2-ba729b81cf19\u0026eb=bcc2bf15b54b9ef4041d8328a3a75221\u0026te=cb12021f3311658dba63bcdbf4a88a26\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=2200540f09f939738419313a1a090c32\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=10 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:21 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 11\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: cbbfeb1d94a288827bf157cad8177d14\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":663,"timings":{"blocked":280,"dns":3,"connect":91,"send":0,"wait":103,"receive":0,"ssl":185},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:49 GMT","end":"Mon, 01 Dec 2025 08:36:48 GMT"},"fingerprint":{"sha1":"9E:38:51:02:B6:22:9C:08:6B:24:B8:A0:EB:DB:60:D9:27:B2:68:90","sha256":"67:AF:7E:56:AB:8D:96:FB:D0:75:CA:28:6D:16:B6:67:FD:7F:58:6F:CC:AA:78:B5:01:13:76:2C:AB:BE:80:4E"}}},"request":{"raw":"GET /css2?family=Roboto:wght@100;300;400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 28 Sep 2025 10:31:21 GMT\r\ndate: Sun, 28 Sep 2025 10:31:21 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":27925,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"aa770992960d5d36cf6ba4357f990aa9","sha1":"46cce46df4f47c159c31632cfb45ca0f0144ff0f","sha256":"ea95379db9e2554185ea2a578330b742412ef90d2ccd704a76ed133d990f052b","sha512":"42a66305d9a2990560ee0468c3a36e4b4a1b1ca98cf0922717b9519d17760c63930cb21fe7258671a873a4f9a1bfa520778ce2f002bfba120c99e3f5db00ebea","ssdeep":"768:DDADRDYDKDf4DQLDDDXDfc70afUQRptmJKBLfhQE8YtCR6UfaQ7zfTYHw+fQQVN7:+2Biad","tlshash":"afc2eda1041740009b839ce223cebf35fe5f92117141d0b9abfd9b6badcbc66526936d","first_seen":"2025-09-09T03:39:37.780899Z","last_seen":"2025-11-18T23:25:50.567773Z","times_seen":2837,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/double_btn/1/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/double_btn/1/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:21 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hTdfE1qoraAR79w%2FqkScmQTkQwUSRUkEsGWI6L2BWe8wDWZbMqbdiz9e4gmse4dInJHheipA1Ku%2FZZiKu94%2FiRV0hb4VCTroHk3fGvgX\"}]}\r\ncf-cache-status: MISS\r\netag: W/\"65aa8501-478\"\r\ncontent-encoding: br\r\ncf-ray: 98629214df58712a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1144,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"cc851ecae9979c9cb7d86725f8202ab2","sha1":"168c8c343143c6bd39486f20039ca3c4bbaa966c","sha256":"ca338eeb72736d653e58065bf3a80eb1f26b1879da62fc62065e53b8049c19bb","sha512":"557abab1e46c94d058a4d6678671f70aa10ff2e2e270bf3afe44508a75d3dd062a8ef44369f777bfb0aa7ba9d18a6603b110e86bbfa002bec2b6a65797473480","ssdeep":"","tlshash":"4321bb23316c42a45313f027521b6aceba32059bad2a972a312c16cd0fc077903f9af2","first_seen":"2023-12-10T19:25:32Z","last_seen":"2026-02-03T08:27:33.177188Z","times_seen":410,"resource_available":false,"data":null}},"time_used":507,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":507,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-28T10:31:16.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:16 GMT\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MSbHDx3XMM85ng8v57oPrHuw1rc%2FDTKt9soIAf%2BiiRse2iTVn3XMWJyshTPxfHxER799jDBbW%2BBbh9ivrz9ymlJ8Wv3LO%2Fruc7fhx7vuTM7lDAj4r3I2sa5w\"}]}\r\ncf-ray: 986291f789c4c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:1.9.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]}],"data":{"size":103058,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (56757), with CRLF, LF line terminators","md5":"7eeb8d5ddf443eeba9a3570b7c1209dc","sha1":"1dbc0b4f806e950bd332c5c5551aa10b1515cab2","sha256":"519d2a2916bd9321e2d7b6d09b62eb24b04edb710e0166dd696c61c4230bf9c7","sha512":"436217dcd853c7d2ba0f95e460aa7fa90489287011de3264db41739fc8193b4e82e6b74a850eb119cac540eec9ac584991589c8b890e8d00893e2aa12571d82f","ssdeep":"1536:7A8V9vhwUy5duOOXJaxjz+JHosbToqgBFCqC5x/3Nq7pBuEPi:7nS5qJaz+JHQqmV+Oi","tlshash":"12a3610181af65b3127780d9b16f53ab68f7281dee170d29b3ec8699c3cce9af613445","first_seen":"2025-09-28T10:31:49.099916Z","last_seen":"2025-09-28T10:31:49.099916Z","times_seen":1,"resource_available":false,"data":null}},"time_used":682,"timings":{"blocked":205,"dns":0,"connect":2,"send":0,"wait":272,"receive":0,"ssl":203},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.361Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:17 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: caf6efc0d6fba2674cb42a1c384eee91\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":26,"send":0,"wait":26,"receive":25,"ssl":53},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/cdn-cgi/rum?","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 425\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nCookie: PHPSESSID=66gpcavpdjto0ovn346m5m24fj; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d995e3f7-3ab8-4202-88f2-ba729b81cf19%3A2%3A1; sb_main_a286902791a7f4c98bcb1e812322cd78=1; sb_count_a286902791a7f4c98bcb1e812322cd78=1; sb_main_a032b4d33c8aea68a4f9b84235614bff=1; sb_count_a032b4d33c8aea68a4f9b84235614bff=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 404 Not Found\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WLotJXgGxemVnpAP2nXZgrZHw%2FtCIDQPj2HAaxC0c68mNIcfO6og%2BpzyUjIEImkPh%2BzOlyDqjdTs0fba9zFP3kk60IPmOPveVxbG45TunUQ6TY0KnfbQiw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 98629200597b568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":151,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"45efc4779b2e6b43ed200755328af518","sha1":"badb6097a3c8fad00517f38352ba72b9f7b6637b","sha256":"d66dd0f2f24c4343661a5396e1ba76782fe651f7d422209eded956ebf90900fc","sha512":"862ceb668672d90ed3da9419ca69bf0214b5c34dec2353fea792a75fb1c0c2e5fd54e6e56cf1e9d4d60c4eaa7d98411f5cb5e128be2661d9bbd084d0dbd085e0","ssdeep":"","tlshash":"a1c02b3d35637e0c8563303522c3b190d0c6833774ba00220500c00330cb2e9cac33d7","first_seen":"2023-09-18T10:37:28Z","last_seen":"2026-04-04T11:46:36.879712Z","times_seen":12823,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brewed.grasnibrowsed.shop/mtn/123057/fa5f27a2cebac1abf4a2101373d5e03d.1351055434.000","fqdn":"brewed.grasnibrowsed.shop","domain":"grasnibrowsed.shop","tld":"shop"},"ip":{"addr":"23.109.170.198","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:20.973Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"brewed.grasnibrowsed.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Sep 2025 04:21:52 GMT","end":"Sat, 27 Dec 2025 04:21:51 GMT"},"fingerprint":{"sha1":"CF:43:8D:F9:8A:55:69:59:6C:6B:C7:67:5C:5D:B2:BD:8A:1E:00:3F","sha256":"2A:DF:64:DD:5D:14:25:B6:20:E4:EA:7B:9F:DD:CA:F9:78:D2:51:14:65:05:C8:83:24:31:1B:B3:1E:8E:AE:0C"}}},"request":{"raw":"POST /mtn/123057/fa5f27a2cebac1abf4a2101373d5e03d.1351055434.000 HTTP/1.1\r\nHost: brewed.grasnibrowsed.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 45\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nCookie: GL_UI4=eJw9zV1OhDAcBHC%2BWdcFnYQDeASKQHj1xSv4SAr9g3Wh3ZQKensbE32bTH6T8TwvKB7g78kZ4Sdv8MRY13Z1U3VlPXa8GoaubZtyaLqSVc00NbiTW2%2F5sJCNcNpWbmxv9wiXmRQZOfajFpTh0am%2F5qr0oSLEg%2BFKZIhXJ5YM6WD0sZEpQkSKr4T0VRqa9JcT%2FEMbhOy5dlkql%2F0Sgd6KMD8jfZNKuGV%2BQcDKPE883N8Wbidt1l6KxEc8Gy4I%2FgtOI7c0a%2FONVNB2tfoG6EX0%2F%2F73ODxYiUTQLkdCrO07mR%2B4dk3m; GL_GI10=eJwVyLEKwjAURuHcSwmIWX6oe5%2BgWrRgV%2BsoydAnqDVIoSQhiYpvb10OfEcIwaUCzwHq3NRdW69tuhPoCdYGPDlI7eNn%2FIIi%2BHAER4etSYuvev9yef0Tir9BM5S5mKEywTptM9glbPrxvtj9dbiBghTg7CWD06MUoLfc%2FQD8TBxp\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 28 Sep 2025 10:31:20 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://torrentdownloads.rutor.app\r\naccess-control-allow-headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires\r\naccess-control-max-age: 600\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/impr.gif?sid=H4sIAAAAAAAC_1RSQYgcRReunv35ERRFD15UmEMOEdzZ7p6enl5zCIlJdDXuLEk0SLxUdVXPltvd1VZ1T8-Ol2BAc3MUBI-932yyqHvQu4LMepGgkPbiHFwET94l4EVkdgc3vsN7r-p79fjeV--DneKQtFHQ2cbraiTjmK50Wnbz9HWZclWa5vq1pmO37DPN6zL1vTPN4dzpwYtO22vZzzdfFuGWWnFtx7Yd22leklpEarhyhEJm-4HTWu20AqflrHoY6v-eTWHBUAt8cEieguT1E79HNyDDKdLkqwvCbOUqe-FiUsQ0VxoDvvdGupWqMkVykkbaQpTuLaqhTE3IZw2odG8xAdRgdz4BmKxJ4-lfwdK9BU2wwZ1jpiyGSMH4oygHU4h4CkmnCNUtSH6fACHHeg9pcndd6ZJuH6N0jtbk_3_-AVnW5JFnCdJkv3e-d7XZy0S6LnIMowpyOIXsT5EVB8hHDcjyAGH-PiT_iaw8uIw02e2ZWEHy2SnH8Z0Oo9Gya4f-shcJb5l2BVsOIk4pt33e9ewjgWQ0BTVLKIyFQlooogaKrIGEz5ouD4XTdUXAIt_v-nbg-I7vuTxwOXdXVz0U4Zz5GHk2RhiPEeqbyPRNbMlP7nsb99tvQhffwWxWMNyCyQkGvEIpCEpDUFKCUhKUOUE5qO7w2LimustjUzBnEd1FbFcTlfd36B2V90VKQPUYmle7MnvX3EKYW5NRZMhEzR1leTWhjFc72SF5ci6t9dbfBlti1qR222Ueb7fDgArqB9SLVlngue2O73gsimBkBWkaoMbCSNakW_-ATNaEfPQLGD2AiQ8QyiXQ4jnQsgLdrDBK97nUmVbD7VaoEnBVIcv_h3zb2okPyTNHn3vur08hwntnf24fGUJdIdMV3pHfE_Tj25MrqiS7V1RpyNe9LJeJHNFcqvRqTnOx9MVrYrtUmq9dMOPPz4VzYJ7uXxMmv0xTLtO-IV-el5wLfUnpUJBv18x1wTYKs3m-0GmRXd546dJakmlhjFTpFFTWxHrvR4SyJo-9evFoqU-tfQipp9BFhaS4RxaGMLsJk51wN4pAxyc4yyyURTXRLvv3cqJZdFIRy5q8cuM3xOLe2YP8G_X26QegrIIRD3URDz2m83ZUVjvmNvraAs1vIU0qDHSFQVyBxmOYYmmSZ_qEF4utCYu1tctiHX98rLmRs2bIOlR4oe8G1A48j7Xtrm9TzxZRlzlBx0Fu6s3Z44N_AgAA__8dI0gJwwQAAA==","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.910Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Aug 2025 21:31:25 GMT","end":"Sun, 02 Nov 2025 21:31:24 GMT"},"fingerprint":{"sha1":"8C:BC:E6:45:99:A6:42:A8:C3:7C:33:7D:77:C5:9E:C7:70:2A:A9:6C","sha256":"44:0D:F2:B1:46:00:9E:72:AB:F2:58:53:DB:2A:6F:97:C8:DF:54:6F:43:D4:84:F7:D4:6A:D5:F7:8B:ED:15:C2"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RSQYgcRReunv35ERRFD15UmEMOEdzZ7p6enl5zCIlJdDXuLEk0SLxUdVXPltvd1VZ1T8-Ol2BAc3MUBI-932yyqHvQu4LMepGgkPbiHFwET94l4EVkdgc3vsN7r-p79fjeV--DneKQtFHQ2cbraiTjmK50Wnbz9HWZclWa5vq1pmO37DPN6zL1vTPN4dzpwYtO22vZzzdfFuGWWnFtx7Yd22leklpEarhyhEJm-4HTWu20AqflrHoY6v-eTWHBUAt8cEieguT1E79HNyDDKdLkqwvCbOUqe-FiUsQ0VxoDvvdGupWqMkVykkbaQpTuLaqhTE3IZw2odG8xAdRgdz4BmKxJ4-lfwdK9BU2wwZ1jpiyGSMH4oygHU4h4CkmnCNUtSH6fACHHeg9pcndd6ZJuH6N0jtbk_3_-AVnW5JFnCdJkv3e-d7XZy0S6LnIMowpyOIXsT5EVB8hHDcjyAGH-PiT_iaw8uIw02e2ZWEHy2SnH8Z0Oo9Gya4f-shcJb5l2BVsOIk4pt33e9ewjgWQ0BTVLKIyFQlooogaKrIGEz5ouD4XTdUXAIt_v-nbg-I7vuTxwOXdXVz0U4Zz5GHk2RhiPEeqbyPRNbMlP7nsb99tvQhffwWxWMNyCyQkGvEIpCEpDUFKCUhKUOUE5qO7w2LimustjUzBnEd1FbFcTlfd36B2V90VKQPUYmle7MnvX3EKYW5NRZMhEzR1leTWhjFc72SF5ci6t9dbfBlti1qR222Ueb7fDgArqB9SLVlngue2O73gsimBkBWkaoMbCSNakW_-ATNaEfPQLGD2AiQ8QyiXQ4jnQsgLdrDBK97nUmVbD7VaoEnBVIcv_h3zb2okPyTNHn3vur08hwntnf24fGUJdIdMV3pHfE_Tj25MrqiS7V1RpyNe9LJeJHNFcqvRqTnOx9MVrYrtUmq9dMOPPz4VzYJ7uXxMmv0xTLtO-IV-el5wLfUnpUJBv18x1wTYKs3m-0GmRXd546dJakmlhjFTpFFTWxHrvR4SyJo-9evFoqU-tfQipp9BFhaS4RxaGMLsJk51wN4pAxyc4yyyURTXRLvv3cqJZdFIRy5q8cuM3xOLe2YP8G_X26QegrIIRD3URDz2m83ZUVjvmNvraAs1vIU0qDHSFQVyBxmOYYmmSZ_qEF4utCYu1tctiHX98rLmRs2bIOlR4oe8G1A48j7Xtrm9TzxZRlzlBx0Fu6s3Z44N_AgAA__8dI0gJwwQAAA== HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nCookie: uid_id2=11615baf-20c6-4fe4-a7eb-8fdaad06d740:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl15816950=1; sleca286902791a7f4c98bcb1e812322cd78=[6154259]; u_pl22675059=1; sleca032b4d33c8aea68a4f9b84235614bff=[4323733]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:21 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nset-cookie: iprc_l+6cc8eb36edf0b308330385c85892d927=4323733; expires=Mon, 29 Sep 2025 10:31:21 GMT; path=/; secure; SameSite=None\niprc_l:4323733=1; expires=Mon, 29 Sep 2025 10:31:21 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 3\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: c24cd3dba6a99194dc538a6b09dc163d\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/wrapper_bg.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.935Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/wrapper_bg.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:17 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oKoYmtWzylAZLklWjT4TrEDakr42XUkFkBNCGexieZH4RRhoIJwMwM2y1QPFXE8w8ou5bgChL1fSc8w4qHdsqC3Tdgi3h8J%2FX3guja3N18lmcOIWnuWDKg%3D%3D\"}]}\r\ncf-ray: 986291fad935568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1459,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 153x131, components 3","md5":"dfd3243973d04e5514f24c95d40db0db","sha1":"b22bbc0d86bdccd46495795bba9b5aed2536acd0","sha256":"be93b9c451fc6178dcf6229fcdbe30ea86fbb51e841639b609b872d26a7f9335","sha512":"d4636c9315180c152056a12c410118032bf43f1910e3632c0b8b364f3b7d4235d989a8a056f1518f878fedc4d90f3be5a27715346cf76bbdfc78b91fc2e09400","ssdeep":"","tlshash":"4c31b62573c6ebb6d4949a33347e831c77c65eed61074f4b42f131a5bac79a104c8754","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.868675Z","times_seen":44,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":143,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/grey_line.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.944Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/grey_line.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:17 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KZfQpT4xBNtk7CRxxzMMVbMmnxWRnbe21MaDzEpa3QkDg8fv%2Bf3zWmzdNfeTcKLVAQ1vueWxUKs6PMWsMLNKlvs%2FbDnFgnTC30a8mIyGs3R3xZwz5vWanQ%3D%3D\"}]}\r\ncf-ray: 986291fad940568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":345,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x1, components 3","md5":"6a243e3d6489fd876ec3c7edca4d0c48","sha1":"bdb351126934350cadfa2015000d4dacee47988e","sha256":"dc13a630838c94938bd897f0236929c38229a5aa1504e1ab6ec03b427815493c","sha512":"c2b7759481a20cfff08dd12c785407da0c2599ac3b45cdfddb4eae9294e817f0253f337932dbd3023432ae04a6252dbe6027b8e7438f3df5648ce1539f70269c","ssdeep":"","tlshash":"36e0a7762346df17dce6613126b1c72a4e9c63c77013db4e27f675517cab2f10881058","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.850613Z","times_seen":45,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/search_icon.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.943Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/search_icon.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nset-cookie: view=1; Max-Age=86400; Expires=Mon, 29 Sep 2025 10:31:17 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B6cuR3Q%2FTUiZGYmFgYbv9fUqoQgqiFhS8koTuJw7cEOnjCqA3UTuRIUsCeJhpOmnLm%2BpMU2lR%2B8P%2BNp%2FABxXgqtP34Yk6ZXTjIVtr8Tmm5Ksg%2BYm2oIbaA%3D%3D\"}]}\r\ncf-ray: 986291fad93e568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":498,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 16x16, components 3","md5":"04be3720f69957124686f2bedbfb9425","sha1":"5788c5327bd78b1286197bb6c48b9eec44cfe48b","sha256":"4c9430a538b282f6856739b00b01ef36379206c33954e860ff27ae0bc420d343","sha512":"1cd22b9671d530ebd5b10e5cdeffc93d37491f63bd17970a96c4881ff0ef22533ef7fd9bd57fc6e41d847077122910fa0fb2f8065208edca6796ec7322a46a35","ssdeep":"","tlshash":"fcf0ab722300ff2bcca5013266b8d70946a9d2d66013abcda6f16ced78052eaacb2515","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.849673Z","times_seen":44,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":130,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/menu_icon8.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.947Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/menu_icon8.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:17 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NHTASwfghWg3e%2BQAudJwZjw085sTqtImfnBlnbLdyfJq1uc%2FSNiZcFesonvdvewIK6uCv95m%2B0Uw5YG%2F5p4EzKoqh4esKsKQMQCPF3Bc276SfK%2Fz9hTMAA%3D%3D\"}]}\r\ncf-ray: 986291fae948568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":567,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 16x28, components 3","md5":"215fc71e4323af3512e8b387040ae9ef","sha1":"f90e9cfa379f27f5417f732d1173b5a03e6f6956","sha256":"3fa61a3a96d63b57b7efc2775eeb8e002ae6a5f48d323c23f4dd18ac642458e9","sha512":"c6e590c910120d4e0ce0524f27d57f5bce28ecca1db904b482dc669bd5788259f35b3fd4c8a5c86ba744ded36a5963a99a100b1cb8d5f5318c980dc13b1812fe","ssdeep":"","tlshash":"e9f00e1317017b17cdc1623251720a5946e8218f242b2f0824f165a0ec342b62d4008c","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.898343Z","times_seen":45,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":149,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bunkersparring.shop/gd/70341?md=eyJhIjoyMTc4LCJzIjoiMTI4MHgxMDI0IiwiYiI6IjEyODB4MTAyNCIsInIiOiIiLCJxIjoiaHR0cHM6Ly90b3JyZW50ZG93bmxvYWRzLnJ1dG9yLmFwcC8iLCJoIjo0NDc5LCJsIjoiZW4tVVMiLCJ0IjowLCJ6Ijo3Mzg5LCJrIjowLCJ1IjoiIiwiZiI6ZmFsc2UsIndoIjoibm90IGluIGlmcmFtZSIsImloIjoiMTI4MHgxMDI0IiwiZSI6Ijd6NmI5bThhM3kwczRvZSIsIm8iOnRydWUsIm0iOjE3NTkwNTU0NzcwNDMsInciOiIlN0IlMjJ0aXRsZSUyMiUzQSUyMlRvcnJlbnQlMjBEb3dubG9hZHMlMjAtJTIwZG93bmxvYWQlMjBmcmVlJTIwdG9ycmVudHMhJTIyJTJDJTIya2V5d29yZHMlMjIlM0ElNUIlNUQlMkMlMjJ0b3B3b3JkcyUyMiUzQSU1QiU1RCU3RCIsInRzIjowLCJwciI6MSwiaGMiOjMyLCJibCI6LTEsImJjIjozLCJ2diI6Ik1lc2EiLCJ2ciI6Imxsdm1waXBlIiwiYWMiOjAsImN0IjoidW5rbm93biIsImNldCI6InVua25vd24iLCJjZGxtIjotMSwiY2RsIjotMSwiY3J0dCI6LTEsInRtcyI6MTIwLCJjZSI6dHJ1ZSwiY2QiOjI0LCJvciI6ImxhbmRzY2FwZS1wcmltYXJ5IiwiZnMiOm51bGwsImZzbyI6bnVsbCwiaW0iOnRydWV9\u0026fc=1BfYCuGdmMB3Nwl9caEngA\u0026pr=107qObpr1uAC85jtISvwpA","fqdn":"bunkersparring.shop","domain":"bunkersparring.shop","tld":"shop"},"ip":{"addr":"94.242.236.150","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bunkersparring.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Sep 2025 00:53:21 GMT","end":"Tue, 23 Dec 2025 00:53:20 GMT"},"fingerprint":{"sha1":"D4:1F:24:AA:9C:8A:98:1D:7A:D9:5C:BA:16:C8:5C:DB:CF:AD:7C:14","sha256":"5F:E1:2A:F5:32:CD:96:E1:97:E9:3C:53:8A:AF:11:E6:59:FA:A7:BC:EA:E9:82:89:8B:97:0D:C0:96:DD:95:ED"}}},"request":{"raw":"OPTIONS /gd/70341?md=eyJhIjoyMTc4LCJzIjoiMTI4MHgxMDI0IiwiYiI6IjEyODB4MTAyNCIsInIiOiIiLCJxIjoiaHR0cHM6Ly90b3JyZW50ZG93bmxvYWRzLnJ1dG9yLmFwcC8iLCJoIjo0NDc5LCJsIjoiZW4tVVMiLCJ0IjowLCJ6Ijo3Mzg5LCJrIjowLCJ1IjoiIiwiZiI6ZmFsc2UsIndoIjoibm90IGluIGlmcmFtZSIsImloIjoiMTI4MHgxMDI0IiwiZSI6Ijd6NmI5bThhM3kwczRvZSIsIm8iOnRydWUsIm0iOjE3NTkwNTU0NzcwNDMsInciOiIlN0IlMjJ0aXRsZSUyMiUzQSUyMlRvcnJlbnQlMjBEb3dubG9hZHMlMjAtJTIwZG93bmxvYWQlMjBmcmVlJTIwdG9ycmVudHMhJTIyJTJDJTIya2V5d29yZHMlMjIlM0ElNUIlNUQlMkMlMjJ0b3B3b3JkcyUyMiUzQSU1QiU1RCU3RCIsInRzIjowLCJwciI6MSwiaGMiOjMyLCJibCI6LTEsImJjIjozLCJ2diI6Ik1lc2EiLCJ2ciI6Imxsdm1waXBlIiwiYWMiOjAsImN0IjoidW5rbm93biIsImNldCI6InVua25vd24iLCJjZGxtIjotMSwiY2RsIjotMSwiY3J0dCI6LTEsInRtcyI6MTIwLCJjZSI6dHJ1ZSwiY2QiOjI0LCJvciI6ImxhbmRzY2FwZS1wcmltYXJ5IiwiZnMiOm51bGwsImZzbyI6bnVsbCwiaW0iOnRydWV9\u0026fc=1BfYCuGdmMB3Nwl9caEngA\u0026pr=107qObpr1uAC85jtISvwpA HTTP/1.1\r\nHost: bunkersparring.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://torrentdownloads.rutor.app/\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://torrentdownloads.rutor.app\r\naccess-control-allow-headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires\r\naccess-control-max-age: 600\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"0d7a61a5ae2424f444691dfa38e694ae","sha1":"dfb2f770cb7740844d94d2a2517af244b34c56ae","sha256":"e3c083d0e62029a9fc90700e7effced43eb213718ad4e7517e5b05a5a0ad9e49","sha512":"dc4531ceee0347383f28990bd01470ce323b0338a83b5b51e2640e3a9d1509346e23fe490ebfaeb4d7a86fd8ef22d2d6465990e6cb6583468d47174b97d25d03","ssdeep":"","tlshash":"8a30000000000000000000c0000000000000000000000000000300000c0c000c000000","first_seen":"2025-06-10T16:02:54.181066Z","last_seen":"2026-04-02T19:45:08.476061Z","times_seen":1524,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":49,"dns":4,"connect":21,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"bunkersparring.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"bunkersparring.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"bunkersparring.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"bunkersparring.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html\u0026l=1325\u0026fd=466","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:18.592Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html\u0026l=1325\u0026fd=466 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:18 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/impr.gif?sid=H4sIAAAAAAAC_1RSTYgcRRSunoiIgqIBLyoM4kHBne3u6e3pMYdgjJFg3N38aITgof56t9yeqraqe3qzp2BA4snVg6in3m82WdQ9RPAqyGwusiBkvDgH95KLHjwIEjzKzA5ufIf3XtX36uN7H_XRVnlA2ijpePkts6GyjM4vtPzmi5eVFqZyzcVLzcBv-Seal5WOoxPN9Umy_VeCdtTyX2q-IfmamQ_9wPcDP2ieUVamZn1-ikLlu0nQ6i60kqAVdCOs2_-fXenBUQ-if0CeghKjJ-6lV6D4ELp3-7R0a4XJX369V2a0MBZ9sfO2XtOm0ugdtan1kOqd2TSMGxHyRQNG78w2gOlvTzYAUyPSePo3ML0zkwnWv3molGWQGkw8hqo_hMyGUHQIbq5DibsE4AKLS9C9W4vGVvTqIUon6Ig8_PcfUNWIPPIsge7tLp1authcyqVelAXW0xpqfQi1MkRe7qHYaEBVe-DFh1DiZzJ__xx0b3vJZQZKjF_wfSbb7UDOxZylc5HsBnM04HJO0JDyThB32rE_NUilQ1DXQOk8lMpDmTZQ5g30xLgZCi6DTigTlsZxJ_aTIA7iKBRJKETY7UYo-UT5Jop8EzzbBLfXkNtrWFOf3Y2W77bfgS1_hFut4YQHVxD0RY1KElSOoKIElSKoCoKqX98UmQtdfUtkrmTBrIaz2q4HpljZojdNsSI1AbWbsKLeVvkH7jp44Q02UkcGZpIoK-oBZaLeyg_Ik1Nr_3r3PtbkuEnDJO76Yacb0E4a8W7COAtkEoTtMOSik8CpGso1QJ2HDTUiXn2AXI0I-eRXMLoHl-2Bq-dBy-dAqxp0tcaG3i01ywxfk6KlBISpkRcPobjqbWUH5Jmpgvd-Pw7J90_-9OUkvgK3NXJb4311h2AluzG4YCqyfcFUjny3lBeqpzZooYy-WNBCHvvmTXm1MlacPe02v36VT4BJu3tJuuIc1ULpFUe-PaWEkPaMsVySH866y5Itl271VGl1mZ9bfu3M2V5upXPK6CGoGpFHg_PgakSO3_l8-qkX4haUHcKWNXrlPpkFeH4NLt8_-f1t_ee9i__AGQKbHeEs91CV9cCG7L_LgWXp0USmRuT8x1eQySMWymo4-QCLfOAxndBRVW-5G1ixHmhxHbpXo29r9LMaNNuEK48Nitzun_ylPQ2wzBuwzHrbLLPZp4eeOzVucrZAZcTjMKF-EkWs7Xdin0a-TDssSBYCFG60On68_28AAAD__2gQsETDBAAA","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Aug 2025 21:31:25 GMT","end":"Sun, 02 Nov 2025 21:31:24 GMT"},"fingerprint":{"sha1":"8C:BC:E6:45:99:A6:42:A8:C3:7C:33:7D:77:C5:9E:C7:70:2A:A9:6C","sha256":"44:0D:F2:B1:46:00:9E:72:AB:F2:58:53:DB:2A:6F:97:C8:DF:54:6F:43:D4:84:F7:D4:6A:D5:F7:8B:ED:15:C2"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RSTYgcRRSunoiIgqIBLyoM4kHBne3u6e3pMYdgjJFg3N38aITgof56t9yeqraqe3qzp2BA4snVg6in3m82WdQ9RPAqyGwusiBkvDgH95KLHjwIEjzKzA5ufIf3XtX36uN7H_XRVnlA2ijpePkts6GyjM4vtPzmi5eVFqZyzcVLzcBv-Seal5WOoxPN9Umy_VeCdtTyX2q-IfmamQ_9wPcDP2ieUVamZn1-ikLlu0nQ6i60kqAVdCOs2_-fXenBUQ-if0CeghKjJ-6lV6D4ELp3-7R0a4XJX369V2a0MBZ9sfO2XtOm0ugdtan1kOqd2TSMGxHyRQNG78w2gOlvTzYAUyPSePo3ML0zkwnWv3molGWQGkw8hqo_hMyGUHQIbq5DibsE4AKLS9C9W4vGVvTqIUon6Ig8_PcfUNWIPPIsge7tLp1authcyqVelAXW0xpqfQi1MkRe7qHYaEBVe-DFh1DiZzJ__xx0b3vJZQZKjF_wfSbb7UDOxZylc5HsBnM04HJO0JDyThB32rE_NUilQ1DXQOk8lMpDmTZQ5g30xLgZCi6DTigTlsZxJ_aTIA7iKBRJKETY7UYo-UT5Jop8EzzbBLfXkNtrWFOf3Y2W77bfgS1_hFut4YQHVxD0RY1KElSOoKIElSKoCoKqX98UmQtdfUtkrmTBrIaz2q4HpljZojdNsSI1AbWbsKLeVvkH7jp44Q02UkcGZpIoK-oBZaLeyg_Ik1Nr_3r3PtbkuEnDJO76Yacb0E4a8W7COAtkEoTtMOSik8CpGso1QJ2HDTUiXn2AXI0I-eRXMLoHl-2Bq-dBy-dAqxp0tcaG3i01ywxfk6KlBISpkRcPobjqbWUH5Jmpgvd-Pw7J90_-9OUkvgK3NXJb4311h2AluzG4YCqyfcFUjny3lBeqpzZooYy-WNBCHvvmTXm1MlacPe02v36VT4BJu3tJuuIc1ULpFUe-PaWEkPaMsVySH866y5Itl271VGl1mZ9bfu3M2V5upXPK6CGoGpFHg_PgakSO3_l8-qkX4haUHcKWNXrlPpkFeH4NLt8_-f1t_ee9i__AGQKbHeEs91CV9cCG7L_LgWXp0USmRuT8x1eQySMWymo4-QCLfOAxndBRVW-5G1ixHmhxHbpXo29r9LMaNNuEK48Nitzun_ylPQ2wzBuwzHrbLLPZp4eeOzVucrZAZcTjMKF-EkWs7Xdin0a-TDssSBYCFG60On68_28AAAD__2gQsETDBAAA HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nCookie: uid_id2=11615baf-20c6-4fe4-a7eb-8fdaad06d740:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl15816950=1; sleca286902791a7f4c98bcb1e812322cd78=[6154259]; u_pl22675059=1; sleca032b4d33c8aea68a4f9b84235614bff=[4323733]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:22 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nset-cookie: iprc_l+9b395f57596234d21796e95f765fc148=6154259; expires=Tue, 30 Sep 2025 10:31:22 GMT; path=/; secure; SameSite=None\niprc_l:6154259=1; expires=Tue, 30 Sep 2025 10:31:22 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 2\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: ac354992c96e381dfb452967cfc08098\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":776,"timings":{"blocked":328,"dns":0,"connect":108,"send":0,"wait":121,"receive":0,"ssl":218},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 22 Sep 2025 23:17:32 GMT\r\nexpires: Tue, 22 Sep 2026 23:17:32 GMT\r\ncache-control: public, max-age=31536000\r\nage: 472429\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T11:46:59.437094Z","times_seen":714426,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/input_bg2.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.932Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/input_bg2.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nset-cookie: view=1; Max-Age=86400; Expires=Mon, 29 Sep 2025 10:31:17 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HnUXi2riHZzj0VypA9dlK1gJ2tWpaXHmEH30egKN3iwhCrI1UMNpsERp%2BR9uesfaLM%2F7ei7x%2Fqo0qKiWJWWY6njRco%2B4Y5JmG%2BnqEXrJmkSevrt4TlUZDA%3D%3D\"}]}\r\ncf-ray: 986291fac931568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2401,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 441x33, components 3","md5":"d16c3c917fdca40e20acb9312ab8f966","sha1":"f1e38aee5c9058bb9ea85a59ac9f366f52e6c62a","sha256":"af7309a0af26de9b124634d37eb942162ee751b547d9f1f070b08528414e5c53","sha512":"ab289ad2e27ff45cc6275b2c6599b745daed57804293126a04a399cdfbc19b2d88330b6f220cb6d718e2b28a681f2debfe703b209545365f4db3ea3b70e1d30d","ssdeep":"","tlshash":"77417790b3d17796c8418e75e87aae26c5d85b8c4396c8c98eb2725cd3c7c9188c147a","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.873261Z","times_seen":45,"resource_available":false,"data":null}},"time_used":138,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":138,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"directlycascade.com/22/00/54/2200540f09f939738419313a1a090c32.js","fqdn":"directlycascade.com","domain":"directlycascade.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.761Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"directlycascade.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Sep 2025 11:12:27 GMT","end":"Tue, 09 Dec 2025 11:12:26 GMT"},"fingerprint":{"sha1":"76:17:4A:20:73:64:94:52:3B:6A:50:E2:7C:F7:F5:73:52:38:47:A4","sha256":"66:CD:95:7F:5E:D7:56:27:7A:6F:3B:80:CB:84:DC:89:A0:F0:BB:44:49:55:B4:81:76:24:2E:38:E3:FC:78:29"}}},"request":{"raw":"GET /22/00/54/2200540f09f939738419313a1a090c32.js HTTP/1.1\r\nHost: directlycascade.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:17 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 35756\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: directlycascade.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 264792ef6c7f13711908366e18fbe434\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":97965,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"9707571ccac614022af56c1d55e06e9e","sha1":"04424a87332733f1cb6ed022d91da4d7bf1431f5","sha256":"53fb5ff7064391d69da3963ef817e8a2292e95f237d57980b865a5c315953963","sha512":"7688a7c2bdfe8238f3e7bef9f904b61b8b875594185d507eb236a958e7bbb5bc7755d41885a0f3603d09545652b4cb2d102e82f861076ba5b1a9765d5a959df8","ssdeep":"1536:l0xlYxhNnfI+veOOoJm+h1eE6eunK1lz2N9QeK22uLPmmrDfYpDkUeDCoxbp3pka:fxKoJSnxKI36WX","tlshash":"a9a3e9983b50f0bc02a674f9362f7906e064ce6160ccd668d507fca86b7975bf439e29","first_seen":"2025-09-26T15:59:14.087316Z","last_seen":"2025-10-03T01:45:29.140138Z","times_seen":22,"resource_available":true,"data":null}},"time_used":943,"timings":{"blocked":357,"dns":28,"connect":109,"send":0,"wait":117,"receive":110,"ssl":221},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/left_shadow.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.936Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/left_shadow.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nset-cookie: view=1; Max-Age=86400; Expires=Mon, 29 Sep 2025 10:31:17 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6NNxrkzLNSRAZfSoInq%2F8uZK9tBR25PsCsOKj%2F1m86qofrl1WgKeG6I37TkSIpERUdNs9R2lcSjTCJ3clmh6FxJ9xsSwb80RvPaOYD%2BRdLDafpWBqRz%2FYg%3D%3D\"}]}\r\ncf-ray: 986291fad936568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":572,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1286x9, components 3","md5":"5a043ff88ff5165d307f54721d1d1132","sha1":"c6e3f2f27712b4ee420fef074e28d8216c11f9ca","sha256":"55a076602003200f569825ab913c5250629d9fa3eb6cbf0dca33617d7c7ecedc","sha512":"59a2a31244db0f5721938f68017767a4801588dfbfc7db66f556aeb19dbfa5776721717dfd82abca4cfa674f9d9245f8208130263293c2f773952732d1ee3c9c","ssdeep":"","tlshash":"f2f0a7336705db1be9f4143066b583190fac51c6200b5f8d05f6e4946c951e40d4115c","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.883416Z","times_seen":44,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":158,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wrathypenitis.help/cuid/?f=https%3A%2F%2Ftorrentdownloads.rutor.app","fqdn":"wrathypenitis.help","domain":"wrathypenitis.help","tld":"help"},"ip":{"addr":"212.117.186.92","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.051Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wrathypenitis.help","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Sep 2025 21:21:47 GMT","end":"Wed, 24 Dec 2025 21:21:46 GMT"},"fingerprint":{"sha1":"AB:7F:25:A4:47:EA:FD:C0:FD:04:9D:5B:DE:04:FB:AC:82:37:67:A1","sha256":"8C:B6:C9:8F:CE:4F:DB:23:24:8F:04:DB:40:06:BA:C3:2B:0E:91:55:37:A9:E1:FF:A6:E7:DF:7F:FE:FD:BB:65"}}},"request":{"raw":"OPTIONS /cuid/?f=https%3A%2F%2Ftorrentdownloads.rutor.app HTTP/1.1\r\nHost: wrathypenitis.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://torrentdownloads.rutor.app/\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-length: 0\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://torrentdownloads.rutor.app\r\naccess-control-allow-headers: content-type, megageocheckolololo, x-forwarded-for\r\naccess-control-max-age: 600\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":141,"timings":{"blocked":61,"dns":16,"connect":20,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"wrathypenitis.help","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"wrathypenitis.help","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"wrathypenitis.help","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"wrathypenitis.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/health/health_9.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.738Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/health/health_9.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:16 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\ncf-cache-status: BYPASS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=E6GeM2TCT37FPn9y1k918UPVvPEpVoe%2FOUBYnWIlAuj%2FTTc9zTVKO13ihmL%2FL76VLRdNIqHCIp%2BHtzImd%2FlrGFDFJC0gcn2csEddP5pylC20KnHwSAt47h5s\"}]}\r\nset-cookie: view=1; Max-Age=86400; Expires=Mon, 29 Sep 2025 10:31:16 GMT\nPHPSESSID=399u2lhnpnbcsel4s74a91qf69; Path=/\r\ncf-ray: 986291f99edcc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":547,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 46x9, components 3","md5":"92bcbc0cd112eae1857e22e2cff56f9f","sha1":"58d2da1cb88f877f26f6afffec397cd5220cf059","sha256":"a65e4db5daaed15b326a1b8d45dcfc88a903dc67abc768f3cc3d86d19309bcd5","sha512":"64e48cb96e7796f55f4a14ea13ddbfe605e210992910d9f643ffca62af7a62a6584039bccb7670c133bfbfd4b4168f9f305a619e9113a5dde2081c69c85412b6","ssdeep":"","tlshash":"80f0237bb386e783ecd6503175384728863c31d3b023cb5f41f5d91a98c41620c801da","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.887781Z","times_seen":46,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/bottom_curve_left.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.939Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/bottom_curve_left.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:17 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tqo%2FBS75H5C4%2F9mIplMBS6IVPFgggjaSy1QHInEk8yX8FHBq7yDQsso5%2FEUei28y82JXtOuabYP3bMiBadvIh1xQA9n0DsM60ge7HuKZeMF%2BfpstkejpVA%3D%3D\"}]}\r\ncf-ray: 986291fad93b568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1742,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1319x22, components 3","md5":"8ab3507467d52fcd595376a4fa94a618","sha1":"2d33a60d98e2e13d4d2f15efe5bb90d07840e279","sha256":"dea4a693163d379b65741b524f9369384120812a43171417e13c36f7a5b06e56","sha512":"b8a128a11cb833e7b6ab7c4a97332310fc9dd0b499d104a362b87316953199a6704bab5a4a3d20e49e6be74a05107689ccadb2816adf72edfa355f96b8f1daba","ssdeep":"","tlshash":"da31e9721574bb61f0415731d779834e5f482e0e5005224d60783803acb71725e90a8d","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.789356Z","times_seen":45,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/menu_icon6.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.945Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/menu_icon6.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:17 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BtK4Ug%2FaeIvJ0RkhBjokYmlhIVIzg8C6RSJiTV%2BTxbuFmjddpf4LWWQFvAtohBKwkXHDVuu5T%2FVwrd0Y2YCms2RH9QAk88ua31mpIvhLcrN6XJ6S3ddX2g%3D%3D\"}]}\r\ncf-ray: 986291fae946568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":707,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 16x30, components 3","md5":"c0ff14697960799018c28ea44466b6b7","sha1":"3464046b7e5f68dfbe385f2f578dd426a5c794e5","sha256":"fd0b980b9dc066d091dc48649046dcd12e1f93abeef3d46682930b6e412b0b99","sha512":"29a081a140cd7434d410579ec3e04a879f671aeae9af4ff4563ddf90d232a07573329363aa45b33ceda726c94ab9d4325681bd35a8e06ef74fe5ab49c05e23bd","ssdeep":"","tlshash":"fb0102b75f16ab03f8966130383b83494bbc5601311a9b0e54fc5961bd332a386231ac","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.821783Z","times_seen":45,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:20.807Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 22 Sep 2025 23:17:32 GMT\r\nexpires: Tue, 22 Sep 2026 23:17:32 GMT\r\ncache-control: public, max-age=31536000\r\nage: 472428\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T11:46:59.437094Z","times_seen":714426,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":15,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=d995e3f7-3ab8-4202-88f2-ba729b81cf19\u0026eb=bcc2bf15b54b9ef4041d8328a3a75221\u0026te=cb12021f3311658dba63bcdbf4a88a26\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=a032b4d33c8aea68a4f9b84235614bff\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=10","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 21:53:17 GMT","end":"Fri, 28 Nov 2025 21:53:16 GMT"},"fingerprint":{"sha1":"AA:2A:FC:C2:EE:01:8F:55:3F:19:46:84:4A:C8:A0:95:62:50:5C:A3","sha256":"3D:8C:1A:2E:1F:32:30:D4:D8:4F:D2:FB:CC:99:F1:9C:05:E5:7B:D8:9D:7D:24:86:AD:C5:1E:62:55:44:A4:CA"}}},"request":{"raw":"GET /pxf.gif?uuid=d995e3f7-3ab8-4202-88f2-ba729b81cf19\u0026eb=bcc2bf15b54b9ef4041d8328a3a75221\u0026te=cb12021f3311658dba63bcdbf4a88a26\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=a032b4d33c8aea68a4f9b84235614bff\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=10 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:21 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 1\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: fcddeae6365decfd0c9157444ee38f4c\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":785,"timings":{"blocked":336,"dns":4,"connect":110,"send":0,"wait":112,"receive":0,"ssl":222},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fcss%2Fanimate.css\u0026l=78693\u0026fd=667","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fcss%2Fanimate.css\u0026l=78693\u0026fd=667 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:21 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":108,"timings":{"blocked":16,"dns":0,"connect":0,"send":0,"wait":92,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.pushub.net/n889/ad/81/bd/0e/f8/2d/1a/fe/ed/61/46/b5/95/8b/27/7d/d6/6f/89/f9/ba/64/65/e9/71/7c/26/3f/25/e7/20/c9/192x192_8a.jpeg","fqdn":"static.pushub.net","domain":"pushub.net","tld":"net"},"ip":{"addr":"2.23.13.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.854Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.pushub.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Sep 2025 06:36:20 GMT","end":"Sun, 30 Nov 2025 06:36:19 GMT"},"fingerprint":{"sha1":"4A:0F:42:EB:C4:7F:19:81:5F:07:34:1C:6D:DE:AF:C5:92:2F:27:1D","sha256":"9C:61:86:93:1F:8F:33:46:59:63:BF:9D:D6:CC:EE:2B:09:61:70:AE:D8:57:40:28:80:E9:9D:FD:54:3C:75:67"}}},"request":{"raw":"GET /n889/ad/81/bd/0e/f8/2d/1a/fe/ed/61/46/b5/95/8b/27/7d/d6/6f/89/f9/ba/64/65/e9/71/7c/26/3f/25/e7/20/c9/192x192_8a.jpeg HTTP/1.1\r\nHost: static.pushub.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://torrentdownloads.rutor.app/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: image/jpeg\r\nContent-Length: 4574\r\nLast-Modified: Thu, 11 Sep 2025 15:10:16 GMT\r\nETag: \"68c2e658-11de\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=39197\r\nExpires: Sun, 28 Sep 2025 21:24:38 GMT\r\nDate: Sun, 28 Sep 2025 10:31:21 GMT\r\nConnection: keep-alive\r\nX-Forward-Proto: http\r\nCDN-Origin-Protocol: HTTP\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4574,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3","md5":"445335ba1d66308a66a9ec731dcbf247","sha1":"114207f4ab1183d4086ccededb83a6917c462699","sha256":"81bd0ef82d1afeed6146b5958b277dd66f89f9ba6465e9717c263f25e720c98a","sha512":"a8d0ff7e26550525a381b700386d845ccc679b36a659391b78b7645d60b7ce1b6839ae27f7c38592250ca6096d7ab1a6ac29a50e01c77834c7fff97acd360e24","ssdeep":"96:fbUczxXox5EcaD3lCfmpwjsMNVm8iZdmzarBbSkYDfxU:wcFq7aD3lCOpw/NGZdXlEfC","tlshash":"7a917d5329844aa4cc8e0d7b5ba67367139196a6510ccbfd311ae016a0d85cb0f5aa3f","first_seen":"2025-09-14T08:42:46.298803Z","last_seen":"2025-10-03T20:29:16.32352Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/header_bg.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/header_bg.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=6rukjqf6oumlp8eebjgv9ub64r\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:17 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i8DxW8XyfLywVZThZLB7dpAIxUpjQaOC5l%2BMHuZSFwTRk1vJY8wNwqkRCWgcoxn1AD8nBMpW1p3uPzjyG8lL%2BCCbkkC7sbnnhUDiCkKlYlSqjofx47mZ6w%3D%3D\"}]}\r\ncf-ray: 986291fac92d568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":868,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 37x103, components 3","md5":"f471a17dd24e41b4844989a2f779c5c8","sha1":"0cd251f8887917dd97d3e9cbbe8d4a27e6a02e1e","sha256":"23ec65935e331ce385f908713215176bea84444779bacbb78e9e54c7b78b290a","sha512":"60368e8a3909581a13b3f148b9a87eada4ed66164c4c0d91faa708bd6b5d08334a309cad298fe61bc9c3595e26ec3db5e6c698f5a81217bf6f166c52fcd2e02b","ssdeep":"","tlshash":"4b112037a1699f2bf9800ab041b0cbd66fac81ca40135f2edbfe1e487a943801e02025","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.799076Z","times_seen":45,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.758Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:16 GMT\r\ncontent-type: application/javascript\r\nexpires: Sun, 28 Sep 2025 11:19:16 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CiYOxadlShQ1Kmqgo%2FNwBTR9ExKcgSABKzJBKqSG7FfAT8qYttbVqgHWiuSyOx19CL4ZXUt4tnmCaMUWvaZBTwnjN2WhBpbWtT4yKq8AJDnLziRXWJSeEY85\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 986291f9bf1bc759-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12332,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12331)","md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-04T11:45:55.568744Z","times_seen":94443,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/menu_icon4.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.945Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/menu_icon4.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nset-cookie: view=1; Max-Age=86400; Expires=Mon, 29 Sep 2025 10:31:17 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=msIHH9IB0FqANjCXqKkoy2nvjxbuZMyyDAX%2B1Pq53V%2FkJkgVsWtNhqpRmUDG1KaEZrRIB8UGXiobyikRVSBur%2BheomNtaohLSYVCpvzvWCsNu1iWYE%2BOXg%3D%3D\"}]}\r\ncf-ray: 986291fae944568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":660,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 16x24, components 3","md5":"81a060abbc8676868337d9bc3099e3ea","sha1":"5d66390064c9b7aa73a79169adbb6f9748a31bb0","sha256":"1a7320308a2db7e4cdc6965c4c784cb900f34422257fd89b2c0d89a299b33ed2","sha512":"1f61469cac3c15274955bb1419599ef16ec582088f9e7fa12fd521130716cf29ee2a2d072587edbbc9b50257900ab2342a9db2281900defe7a372ed04f823d46","ssdeep":"","tlshash":"e801e1731651bb4bc8e4657522b8856e2fd8528d10129fcf06f0a0c5f4221524dd080d","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.857915Z","times_seen":45,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"push-sdk.com/f/sdk.js?z=888956","fqdn":"push-sdk.com","domain":"push-sdk.com","tld":"com"},"ip":{"addr":"157.90.33.121","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.952Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"push-sdk.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 11:06:22 GMT","end":"Tue, 25 Nov 2025 11:06:21 GMT"},"fingerprint":{"sha1":"BD:DD:75:88:5F:0F:2F:A6:EA:FF:1B:29:49:86:BB:EC:C1:90:4A:79","sha256":"89:8C:73:02:C1:8B:65:46:0D:EE:E7:41:24:34:AE:25:5A:28:56:20:4F:E2:7C:EB:1C:D8:91:6C:BC:2A:16:12"}}},"request":{"raw":"GET /f/sdk.js?z=888956 HTTP/1.1\r\nHost: push-sdk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Angie\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 15342\r\ncontent-encoding: gzip\r\ncache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":55024,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (54982), with no line terminators","md5":"42ba379d5c67a32ea2884ca3ff9e4c1a","sha1":"72dae9d76fee9ce1e9ea3db3c892489c8da62d63","sha256":"eb6d6901bfe7868befbaf01f4c0d501c7949132ba27da3f278ae1fbec7ed7def","sha512":"e01c31aedf49131b6fe39547638923afbd887763b0e5720711bec911c55f3e7ec87a4c74b6cdde6bdfdc5136d67f1b1f01794e02434a153727e9336bd245776b","ssdeep":"1536:/7LMSZcnLitlCr8WoeisV69SDG3nY+kH+sNK:/7L1Y2NViBNK","tlshash":"6633818877c6713412a7a4ac056f50daeb2b3c34944e890adc53f3a2297576eef23d74","first_seen":"2025-09-27T05:12:44.30874Z","last_seen":"2026-02-19T06:00:31.859579Z","times_seen":27,"resource_available":true,"data":null}},"time_used":220,"timings":{"blocked":95,"dns":4,"connect":29,"send":0,"wait":31,"receive":0,"ssl":60},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"msdoj.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8","fqdn":"msdoj.com","domain":"msdoj.com","tld":"com"},"ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.961Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"msdoj.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 00:32:12 GMT","end":"Fri, 28 Nov 2025 00:32:11 GMT"},"fingerprint":{"sha1":"A8:56:C4:4B:26:AD:D5:72:31:67:E8:75:28:D7:6C:F5:D6:A1:E2:B5","sha256":"65:DA:95:54:55:5B:C8:18:65:43:99:33:52:5B:EF:99:EF:5E:0F:AC:FB:6E:F7:6A:27:0B:3B:6A:69:3C:78:C7"}}},"request":{"raw":"GET /sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8 HTTP/1.1\r\nHost: msdoj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://torrentdownloads.rutor.app/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Sep 2025 10:31:17 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 64136\r\nConnection: keep-alive\r\nCache-Control: no-store, max-age=0\r\nAccept-Ch: Sec-CH-UA-Platform,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform-Version\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":64136,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (64136), with no line terminators","md5":"a6818af574b09b606912d1552f00150b","sha1":"ec7e9892d13f76f1bf4a616d28cdab9e9adf1446","sha256":"5256b61784a6b006b7431a7619e10d5d757f070e3f47825fc1fecfccb2866da7","sha512":"54c35593c6646c223fcb122bf8b120013883e6c93ff397462271594bbd39a8e870ad250b35454ed939953e34b1d455ae9dda4b86426273ee314f69b30f9af7c4","ssdeep":"768:hCflSCRC850RCX+4D+R8WyX+86wA6C8CflJu4sTJ+zaXeXgtA9zk4sTJ+HXJpZ6U:qvV50gPowAzJfTqEF","tlshash":"b053d698b5d2f1a102c370b8543f6106b2366929248dc098f7b5ded5ad78d6ea633f3c","first_seen":"2025-09-28T10:31:49.117287Z","last_seen":"2025-09-28T10:31:49.117287Z","times_seen":1,"resource_available":true,"data":null}},"time_used":223,"timings":{"blocked":75,"dns":0,"connect":24,"send":0,"wait":49,"receive":24,"ssl":50},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/cdn-cgi/rum?","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 425\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nCookie: PHPSESSID=66gpcavpdjto0ovn346m5m24fj; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d995e3f7-3ab8-4202-88f2-ba729b81cf19%3A2%3A1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 404 Not Found\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AvSGs8Khwj3sPQ7aSeyBWQ78F28mbfKmROIEZfSkkDV%2FVJm%2BU6oJx082fsYldXU%2FvL9DYz%2FZh%2BZZ%2Fa2TAhl3c3CLjzp8no9Z1rr8derBX%2FhUwDt6YNWeNg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 986291ffd974568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":151,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"45efc4779b2e6b43ed200755328af518","sha1":"badb6097a3c8fad00517f38352ba72b9f7b6637b","sha256":"d66dd0f2f24c4343661a5396e1ba76782fe651f7d422209eded956ebf90900fc","sha512":"862ceb668672d90ed3da9419ca69bf0214b5c34dec2353fea792a75fb1c0c2e5fd54e6e56cf1e9d4d60c4eaa7d98411f5cb5e128be2661d9bbd084d0dbd085e0","ssdeep":"","tlshash":"a1c02b3d35637e0c8563303522c3b190d0c6833774ba00220500c00330cb2e9cac33d7","first_seen":"2023-09-18T10:37:28Z","last_seen":"2026-04-04T11:46:36.879712Z","times_seen":12823,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/icons/menu_icon7.png","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/icons/menu_icon7.png HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:16 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:16 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9mCLCrqVCCO7eVFozsAcL%2FdX5N48BfmZ7Ml0NHZm9pGAfdF5OSlOLyhSvQaZ4HmnNKsTa3aczaxAmBHf3%2Bs1nT78xheCA4TJeizBBRmH9ItYJIeqfwgC77wt\"}]}\r\ncf-ray: 986291f99ed3c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":908,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 18, 8-bit/color RGB, non-interlaced","md5":"70229b6ec619049b65b265b6e2a13524","sha1":"6438b5e0f4e97fcd716738e0a91368e93b448b2a","sha256":"badd02f6a8bee7b2f637dabac639fdb036d8c669c0982818d56bfd98abef4e05","sha512":"5e6dfb37eb64903ff0dbb61b6b97721f9a64bc5c094d605c66b7a4a4d9a4251306bf70726b07e9a031d9e3db7859ac178f075c0b585dc5c5c7c5067cc18d3648","ssdeep":"","tlshash":"1411f7e2c780f628c6cc026b2e3010a0393309665098c9dde290189adabb82b8f30963","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.880729Z","times_seen":39,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:49 GMT","end":"Mon, 01 Dec 2025 08:36:48 GMT"},"fingerprint":{"sha1":"9E:38:51:02:B6:22:9C:08:6B:24:B8:A0:EB:DB:60:D9:27:B2:68:90","sha256":"67:AF:7E:56:AB:8D:96:FB:D0:75:CA:28:6D:16:B6:67:FD:7F:58:6F:CC:AA:78:B5:01:13:76:2C:AB:BE:80:4E"}}},"request":{"raw":"GET /ajax/libs/jquery/1.9.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 33018\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 22 Sep 2025 10:00:07 GMT\r\nexpires: Tue, 22 Sep 2026 10:00:07 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 520270\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":92629,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (32089)","md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-04-04T11:42:47.462928Z","times_seen":60582,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":0,"dns":3,"connect":14,"send":0,"wait":15,"receive":15,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gridesaphids.shop/s/7d/7b/7d7b4bd720c7c70ed7f7fd0608dddb8a.svg","fqdn":"gridesaphids.shop","domain":"gridesaphids.shop","tld":"shop"},"ip":{"addr":"172.255.103.8","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:20.764Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gridesaphids.shop","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 Aug 2025 02:45:42 GMT","end":"Thu, 13 Nov 2025 02:45:41 GMT"},"fingerprint":{"sha1":"6A:CC:73:F7:08:24:C0:9E:0A:13:55:D5:A1:96:55:5B:59:57:21:90","sha256":"C5:6E:E7:D9:1C:55:40:78:CB:12:DC:24:48:96:2A:12:AD:E6:E5:8F:F1:08:36:BB:CA:4E:61:0C:46:52:12:E5"}}},"request":{"raw":"GET /s/7d/7b/7d7b4bd720c7c70ed7f7fd0608dddb8a.svg HTTP/1.1\r\nHost: gridesaphids.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Sep 2025 10:31:20 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 255\r\nLast-Modified: Wed, 19 Oct 2022 11:48:30 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nETag: \"634fe40e-ff\"\r\nExpires: Wed, 08 Oct 2025 10:31:20 GMT\r\nCache-Control: max-age=864000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":255,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7d7b4bd720c7c70ed7f7fd0608dddb8a","sha1":"b8db9602777bd2f1ea35cea92142fd72fd89b47e","sha256":"6c53041bda020f38d6cd3929d809f6110619247168e982bb41771bd000bd40c2","sha512":"4785625bd35c3410d25fdf1a809742835f00a391c18279b0b590ef146e64f355a102d0cf65f2c379faafb67891ffe4adaa520944ef91d312a03d1c03cd1f125e","ssdeep":"","tlshash":"79d0a77ca39dd81e082786b06b6bb520236f50da91cc43edfacd0b58d760dcb34d6559","first_seen":"2025-08-11T00:01:40.451557Z","last_seen":"2025-10-06T23:52:11.76073Z","times_seen":27,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":100,"dns":36,"connect":21,"send":0,"wait":20,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"gridesaphids.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/double_btn/1/img/close.svg","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/double_btn/1/img/close.svg HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:21 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jbnbv9vWa03XcuBmIgHv1mD81Qq6c4VK9Sp4szc31csjNFhIDPZDBhxsjZKl0j1qQALCJ1PrhzqJevhvt0NgPsMwGQLMncZpWx987T0Z\"}]}\r\nage: 188976\r\ncf-cache-status: HIT\r\netag: W/\"65aa8501-4ff\"\r\ncontent-encoding: br\r\ncf-ray: 986292146f1d712a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1279,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"369850b9873659adf0951d845f57dba1","sha1":"a64257186daa33b6b318943a457b6cf8d80b26b6","sha256":"9630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21","sha512":"6441b40e85c86e21362c7061a6b9610f52a5c801b274b246711546ad45c68c3e7f2f242f1621b90967eaeebf52709545d06283c2015d6b9ad7f6f7d37fb14a88","ssdeep":"","tlshash":"6821d8dc958f223ef324ff6189b316606ba423f6bb18c5bcb199a8157e1cb910c48e14","first_seen":"2023-04-07T22:39:47Z","last_seen":"2026-04-04T11:42:40.852245Z","times_seen":8740,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/67/5e/f6/675ef675769cbcf945aa9accb79e5bae7578651ffe10218069b414ef7fa5435c.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.032Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /si/67/5e/f6/675ef675769cbcf945aa9accb79e5bae7578651ffe10218069b414ef7fa5435c.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 18195\r\nserver: nginx/1.21.6\r\nlast-modified: Wed, 03 Sep 2025 08:07:41 GMT\r\netag: \"68b7f74d-4713\"\r\nexpires: Tue, 30 Sep 2025 10:31:21 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18195,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"2cc51973efbe9a0c7dbd8f341b78b1dd","sha1":"7855563f3ec07a83f8f4f97d99002ecd2d9f3b16","sha256":"b2b71f41f46cff648d7fa602b872caa815d6a7e37a2715c15595ed6219f914fa","sha512":"17ca48f1a9cc380b759666ae54b0abc20162246adbdb42afae1c8a566e321c4a8b952b2a35241eb1a1427b8ffe81dbf571dc69c31f1ff2f3c50e13d4884b5499","ssdeep":"384:zw+W6qnrqQ/gATqYq8lYz1HSS5hdvhUyyemkDMLl4mo1RaCrrrrO0:VpMqUqYqV5HSS5jvh8XtJ4msku","tlshash":"b682c08313a314f5b58b3cef6270489666c01a90786c4bc4e56cd59eb32c8478eedecc","first_seen":"2025-09-10T10:37:14.971643Z","last_seen":"2026-01-16T15:32:32.584016Z","times_seen":88,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":79,"dns":25,"connect":20,"send":0,"wait":59,"receive":24,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/71/36/d9/7136d9d7eb7ce81a8bf8a865955ce95d/1680149780.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.044Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /si/71/36/d9/7136d9d7eb7ce81a8bf8a865955ce95d/1680149780.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 126360\r\nserver: nginx/1.21.6\r\nlast-modified: Thu, 30 Mar 2023 04:16:29 GMT\r\netag: \"64250d1d-1ed98\"\r\nexpires: Tue, 30 Sep 2025 10:31:21 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":126360,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 320 x 180, 8-bit/color RGBA, non-interlaced","md5":"41f4b2ca195f511c887edd41139628b2","sha1":"e5d89c34cd328a03dff19ea3e4dac96d46dcccad","sha256":"68643d88434bb202c0a963a1330d3bfb7679fd3bc177f2f64d3ac76fded15eb7","sha512":"e852323c5190d9e721ebfdd687169ce71ed866085d0d2593fdfa73f63ecfa6a1cb038c210651628696ba48568e0084f375d7e5716525dd742337cd88c342a6a9","ssdeep":"3072:tdoVkGljQsodkkuIsC2tphyGTlIeSmV9x4/pY7LSCq0BLO:noSGF2dkzIsC2tpht+eSii/pWY","tlshash":"48c312cdf46973d54c29cdcc8b6e60a8dfeb9d81502c6d03992554c5e2bd8fea88078e","first_seen":"2023-06-24T15:48:47Z","last_seen":"2026-04-04T05:52:30.284648Z","times_seen":789,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":-1,"dns":12,"connect":20,"send":0,"wait":72,"receive":30,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/register_icon1.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/register_icon1.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:17 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qrjJKZ5JQTpSqVtMeARuGKqkE4MiHRTrsWY25383mGwChJy8T3QUSBk2ik%2BKju1jYjHBdq2gtUaS%2BRweFHc4WMLia%2Bh2pPVSNAg4AVZPuq%2BPg%2FNWfei9PQ%3D%3D\"}]}\r\ncf-ray: 986291fac930568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":374,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 8x8, components 3","md5":"b9ad678239f4a553642951c67d6003b0","sha1":"0a24740c4654163806d9cf4204409ca8a4518389","sha256":"537f7624d9bf51106147532048bbc545d47d7b9dcd2ce11d2f53ea953e85a841","sha512":"197b38ee2b38dd37293955eb2124faae5b026194162296c763f1e3d006fdc58bd223d3955597a07ad6189473e8f17c5087b68598ef50c3131f59641930f2eed8","ssdeep":"","tlshash":"01e02b77a781cf27eca324757abb830c5eac95c724032f4d05f5756178692e10c82105","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.843642Z","times_seen":45,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/css/style.css","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/css/style.css HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:16 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:16 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GLh42mpWNsYxXczCH%2FIzDcdbwoW6N0sec0UBJNDNvp5WgZfi5mNVg9fF2CVLCli9spLGkDc4jXPogbS9WfSOC6imSgLnWPy699u1TMc%2FdHOuy5TGGKNKHaqB\"}]}\r\ncontent-encoding: br\r\ncf-ray: 986291f98e83c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29722,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (382)","md5":"d67bb245276001fe01b45c2c455c60a4","sha1":"2a4d80dade201b8454042fa9aa1febba9a277f66","sha256":"310f3e0fef897ee9d73a2cfeddc99018a1779e4c132a65fe97db3cd27587878b","sha512":"d7798a706d6a02801d157178a1bbb57ad1d30992911a336ff0c8ae4188e396f772ed49d91291ecde8ca84b689a8982a8f8c8893da17bfd12b5209d01bd48bbc4","ssdeep":"384:gdwjb3EfEccANcBKadPQV1bcGcyFlYAzfoB0enHaq1it0:KwjocBAKAaJgcOIAzfxqD","tlshash":"f9d26365c5a420aeb03bc072fc9363da73a8409765134fb8f66db735e41e078a6727c9","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.791933Z","times_seen":41,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"3.123.144.251","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.289Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://torrentdownloads.rutor.app\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=00be331e-6cbf-4e91-a1ce-da2ac7167360:2:1; expires=Wed, 26 Sep 2035 10:31:17 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"aec73093ec86fc90865bf41c48411f83","sha1":"d5fe31d5fb570b1147f22caba3810821dca99d2c","sha256":"cf6cf9d9e52d8d42eb9fa88b45cce58d3b2fb2f3918d183e82d292e6628f2e80","sha512":"f4bfabbe32247384814fa701281d6c917a6549eede12e0d31e88e0e04bc78164fdf7e32f265571b17a044d04284309a10f8a1fe70d898ecc54621b7d7eeffe4d","ssdeep":"","tlshash":"819004f133007430541f01000453d05c4100f1d55f1d055c1ccc5d00cc504355df4317","first_seen":"2025-09-28T10:31:49.126977Z","last_seen":"2025-09-28T10:31:49.126977Z","times_seen":1,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":121,"dns":4,"connect":25,"send":0,"wait":24,"receive":0,"ssl":91},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/double_btn/1/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:20.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/double_btn/1/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:21 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa8501-13361\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Vd9QF1hfrGvCVi1ufTb49tCItBSK%2Fg8BZ9Lg4KmvKwfrE8OnIJ98tpWMRqpYOaP5o4JaF0gD%2BXUogHoByfbbR1%2F4bfxtz9M8S2R0m%2F2f\"}]}\r\ncf-ray: 98629214bf40712a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78689,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"3d4123dbfb33d27a5cfdfcfa91df6783","sha1":"e7d0eeeec54b848f0bc3da8685fa3bc88429d660","sha256":"cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887","sha512":"75c8a48dc207595e201b50b87ff68782112a21aded9f15f14185c07d40f0151d6afe74a2b278aa575caf12ac422e8166316296ed7b6573ea24e667cca4af51dd","ssdeep":"384:jvuAuF81dghu3ublZlX/m/Gu7uNUtrL4VrbZJgBhLYNKwZiMUL6Vpaj7F:jvuAu21dghu3uLu7uNKwZiMUL6Vpaj7F","tlshash":"22731bad399115845263861d83df9e68273ce5731826acef73c2488bcf8bf9867c9147","first_seen":"2024-01-20T06:37:31Z","last_seen":"2026-04-04T10:49:57.044251Z","times_seen":10533,"resource_available":false,"data":null}},"time_used":745,"timings":{"blocked":157,"dns":3,"connect":1,"send":0,"wait":427,"receive":0,"ssl":155},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alarbus.nutmeatdruxy.shop/0/05N6Xmx4gMCL_7qaAdqF0FXPDrWjJZvuSbxEZZXiuykcTxT1ZJFYzPWFSPlO0RbRD8UbHn0rbMxEjlaIxQkw4jPUyYwYf_YPONgIe*qxMjIbVAtDNJJdd*ypkG39q4tlGy3UCJJB8KyRhwR18Ewi38POWMvv90eWZmMfOAwEBxFYqRg2m5IHrSFSyfKEuDryFoNKyqRfb89lf2RNlfg71_8AhQsKE7ovLnxOiJe1yCnYcJ8GhttA1m2MN2GpdiBZt_EHGlaxRRTuvCNqmZgeGvwmYcZlZhdE76a97ZR_EUtel2T7Cwqt0NmedqitVkm8oGq4SQ2WyNgcH4ov9aI5Qef_R5eeo7veGut6HZOFoLccYBpG32nsuPgoJcfyFDHRdKaMVsUInsNK7fNfF9jsFRgDP5aWk*He1QYwWtWK7g_vEo*hDpRxKmImhfzdv5ef?ck9=eyJhIjo1MzAzLCJzIjoiMTI4MHgxMDI0IiwiYiI6IjEyODB4MTAyNCIsInIiOiIiLCJxIjoiaHR0cHM6Ly90b3JyZW50ZG93bmxvYWRzLnJ1dG9yLmFwcC8iLCJoIjo3NCwibCI6ImVuLVVTIiwidCI6MCwieiI6MzU1MiwiayI6NCwidSI6IjY3ZjMxNWViNDcyNGJhYTM0NjdmYWUiLCJmIjpmYWxzZSwid2giOiJub3QgaW4gaWZyYW1lIiwiaWgiOiJub3QgaW4gaWZyYW1lIiwiZSI6Im1xNmdyYjljc2U4N3B3MSIsIm8iOnRydWUsIm0iOjE3NTkwNTU0ODA5NDEsInRzIjowLCJwciI6MSwiaGMiOjMyLCJibCI6LTEsImJjIjozLCJ2diI6Ik1lc2EiLCJ2ciI6Imxsdm1waXBlIiwiYWMiOjAsImN0IjoidW5rbm93biIsImNldCI6InVua25vd24iLCJjZGxtIjotMSwiY2RsIjotMSwiY3J0dCI6LTEsInRtcyI6MTIwLCJjZSI6dHJ1ZSwiY2QiOjI0LCJvciI6ImxhbmRzY2FwZS1wcmltYXJ5IiwiaW0iOnRydWUsImlzRGFya1RoZW1lIjpmYWxzZX0","fqdn":"alarbus.nutmeatdruxy.shop","domain":"nutmeatdruxy.shop","tld":"shop"},"ip":{"addr":"172.255.103.170","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:20.953Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alarbus.nutmeatdruxy.shop","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 19 Aug 2025 01:17:45 GMT","end":"Mon, 17 Nov 2025 01:17:44 GMT"},"fingerprint":{"sha1":"D6:75:F2:F8:C6:E6:B3:B7:DE:C6:A4:CA:E6:59:CC:F1:3A:31:83:8D","sha256":"08:C6:EC:8C:E3:75:33:A2:86:A5:B0:96:98:91:1C:F6:3D:F2:A4:CA:0B:06:CE:40:A9:F2:8D:25:8E:17:5C:F7"}}},"request":{"raw":"GET /0/05N6Xmx4gMCL_7qaAdqF0FXPDrWjJZvuSbxEZZXiuykcTxT1ZJFYzPWFSPlO0RbRD8UbHn0rbMxEjlaIxQkw4jPUyYwYf_YPONgIe*qxMjIbVAtDNJJdd*ypkG39q4tlGy3UCJJB8KyRhwR18Ewi38POWMvv90eWZmMfOAwEBxFYqRg2m5IHrSFSyfKEuDryFoNKyqRfb89lf2RNlfg71_8AhQsKE7ovLnxOiJe1yCnYcJ8GhttA1m2MN2GpdiBZt_EHGlaxRRTuvCNqmZgeGvwmYcZlZhdE76a97ZR_EUtel2T7Cwqt0NmedqitVkm8oGq4SQ2WyNgcH4ov9aI5Qef_R5eeo7veGut6HZOFoLccYBpG32nsuPgoJcfyFDHRdKaMVsUInsNK7fNfF9jsFRgDP5aWk*He1QYwWtWK7g_vEo*hDpRxKmImhfzdv5ef?ck9=eyJhIjo1MzAzLCJzIjoiMTI4MHgxMDI0IiwiYiI6IjEyODB4MTAyNCIsInIiOiIiLCJxIjoiaHR0cHM6Ly90b3JyZW50ZG93bmxvYWRzLnJ1dG9yLmFwcC8iLCJoIjo3NCwibCI6ImVuLVVTIiwidCI6MCwieiI6MzU1MiwiayI6NCwidSI6IjY3ZjMxNWViNDcyNGJhYTM0NjdmYWUiLCJmIjpmYWxzZSwid2giOiJub3QgaW4gaWZyYW1lIiwiaWgiOiJub3QgaW4gaWZyYW1lIiwiZSI6Im1xNmdyYjljc2U4N3B3MSIsIm8iOnRydWUsIm0iOjE3NTkwNTU0ODA5NDEsInRzIjowLCJwciI6MSwiaGMiOjMyLCJibCI6LTEsImJjIjozLCJ2diI6Ik1lc2EiLCJ2ciI6Imxsdm1waXBlIiwiYWMiOjAsImN0IjoidW5rbm93biIsImNldCI6InVua25vd24iLCJjZGxtIjotMSwiY2RsIjotMSwiY3J0dCI6LTEsInRtcyI6MTIwLCJjZSI6dHJ1ZSwiY2QiOjI0LCJvciI6ImxhbmRzY2FwZS1wcmltYXJ5IiwiaW0iOnRydWUsImlzRGFya1RoZW1lIjpmYWxzZX0 HTTP/1.1\r\nHost: alarbus.nutmeatdruxy.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://torrentdownloads.rutor.app/\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: GGI10=G/kAAASiWFuqP5sxvQhEsekvpqw7Pij+8G8v+spKOr4tqAAgwfRU4vIKxGrurY7k/yOrGX6GcFovzvvFab1Yn3fMcO0U4flieTI89Td1IDCjx0JYbZVT4lVGqbIZ2td3v+oDKOaX3Z6vy+unvDI7edoVeWJXKtCBcIXiy9vvXnCrWZF2PeulnJxmmdVRNGTjD7Xy7UJmmemx+r/CJiOlUyIspWdCbf8/; GUI42=G1EDAGRzTeWjR7p6Qu3mU4YH9Pm/d8f/s18Bwh2ttYAWSICBJJLv1p7hISgwsLmvbx6l1gny/4B8HjAzIAA9j+CKoejWQE7Q1BwPyagP3EDzrQkKAFxCMsFpubg+UtqnIlX8zN9T+7IO1X2MMktWiYNbyuVNiRJnf7wfUIbm+H7AEgzQyUwzPGiPsMTAVKsDJfFwD4xfforJPYXioCIf2lWxUYhhKoQ7HRcZYY50oYzyqxv9qsGaDbWD1wCyt75hKpW3uB8gHqUhyEoTSk1RxkUr1lwWVmkJtMRDLDKRhK6JKZeSpVJNYZhr9NBIY1zkqp1pIcXRmpOuXZbnZmrK1GQprh3FhAWw37LLQmbTCH66VE33X9bD3yqgSeP7AeXr1OsuO6qcJayqp9VMtT1A/4JTwT1AkJZzjPhTkAfWGyG/j8JzziRG0P/cNw==\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 28 Sep 2025 10:31:20 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 2\r\naccess-control-expose-headers: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://torrentdownloads.rutor.app\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Megageocheckolololo, X-Forwarded-For, X-Requested-With, Cache-Control, Pragma, Expires, Credentials\r\naccess-control-allow-methods: GET, HEAD, POST, PUT, OPTIONS\r\naccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\nvary: Origin, Origin\r\nset-cookie: GGI10=G/kAAASiWFuqP5sxvQhEsekvpqw7Pij+8G8v+spKOr4tqAAgwfRU4vIKxGrurY7k/yOrGX6GcFovzvvFab1Yn3fMcO0U4flieTI89Td1IDCjx0JYbZVT4lVGqbIZ2td3v+oDKOaX3Z6vy+unvDI7edoVeWJXKtCBcIXiy9vvXnCrWZF2PeulnJxmmdVRNGTjD7Xy7UJmmemx+r/CJiOlUyIspWdCbf8/; max-age=3600000; path=/; secure; SameSite=None\nGUI42=G1EDAGRzTeWjR7p6Qu3mU4YH9Pm/d8f/s18Bwh2ttYAWSICBJJLv1p7hISgwsLmvbx6l1gny/4B8HjAzIAA9j+CKoejWQE7Q1BwPyagP3EDzrQkKAFxCMsFpubg+UtqnIlX8zN9T+7IO1X2MMktWiYNbyuVNiRJnf7wfUIbm+H7AEgzQyUwzPGiPsMTAVKsDJfFwD4xfforJPYXioCIf2lWxUYhhKoQ7HRcZYY50oYzyqxv9qsGaDbWD1wCyt75hKpW3uB8gHqUhyEoTSk1RxkUr1lwWVmkJtMRDLDKRhK6JKZeSpVJNYZhr9NBIY1zkqp1pIcXRmpOuXZbnZmrK1GQprh3FhAWw37LLQmbTCH66VE33X9bD3yqgSeP7AeXr1OsuO6qcJayqp9VMtT1A/4JTwT1AkJZzjPhTkAfWGyG/j8JzziRG0P/cNw==; max-age=3600000; path=/; secure; SameSite=None\nsbtc_123057=Gy0AAMTylvp3dn+H+S9ZYlIyBZBGEfAZmxguy9NgL4jCuRwpT6LGkAaEtu1+; expires=Tue, 28 Oct 2025 10:31:20 GMT; path=/; secure; SameSite=None\nscvn1=CwaAeyIyNDMyOTEzIjoxfQM=; expires=Tue, 28 Oct 2025 10:31:20 GMT; path=/\nsbto1=GycAAETnlvo7DmBnQskmnSk5SxeN4uPBiD6IKdESn8u0w9p1VAaT5Mb9; expires=Tue, 28 Oct 2025 10:31:20 GMT; path=/; secure; SameSite=None\nsbtcr_123057=GysAAETdlvr6ZZ9w/pdsUkxJLIE0ik8PGUxHH9CcsUy5nD29xVExI6jSxv0=; expires=Tue, 28 Oct 2025 10:31:20 GMT; path=/; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-04-04T11:48:58.521263Z","times_seen":256988,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"alarbus.nutmeatdruxy.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"alarbus.nutmeatdruxy.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"alarbus.nutmeatdruxy.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"alarbus.nutmeatdruxy.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fcss%2Fstyle.css\u0026l=4143\u0026fd=481","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.412Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fcss%2Fstyle.css\u0026l=4143\u0026fd=481 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:21 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xml-v4.pushub.net/thumbnail?i=3on3AsrcJD4_0\u0026imgt=icon","fqdn":"xml-v4.pushub.net","domain":"pushub.net","tld":"net"},"ip":{"addr":"173.239.53.32","port":443,"asn":27257,"as":"WEBAIR-INTERNET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pushub.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 06:55:03 GMT","end":"Tue, 25 Nov 2025 06:55:02 GMT"},"fingerprint":{"sha1":"A3:5A:ED:BD:36:B2:05:66:F8:E3:E6:B0:39:04:B8:E1:97:FB:C9:A2","sha256":"0D:F6:9E:28:3C:35:99:6B:9E:9F:C6:9E:C4:01:77:5F:65:1A:86:09:0A:70:19:3A:87:FF:E4:09:95:EC:9C:52"}}},"request":{"raw":"GET /thumbnail?i=3on3AsrcJD4_0\u0026imgt=icon HTTP/1.1\r\nHost: xml-v4.pushub.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Sun, 28 Sep 2025 10:31:21 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nCache-Control: no-store\r\nLocation: https://static.pushub.net/n889/ad/81/bd/0e/f8/2d/1a/fe/ed/61/46/b5/95/8b/27/7d/d6/6f/89/f9/ba/64/65/e9/71/7c/26/3f/25/e7/20/c9/192x192_8a.jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4574,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":624,"timings":{"blocked":266,"dns":2,"connect":87,"send":0,"wait":92,"receive":0,"ssl":175},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:wght@400\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.729Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:49 GMT","end":"Mon, 01 Dec 2025 08:36:48 GMT"},"fingerprint":{"sha1":"9E:38:51:02:B6:22:9C:08:6B:24:B8:A0:EB:DB:60:D9:27:B2:68:90","sha256":"67:AF:7E:56:AB:8D:96:FB:D0:75:CA:28:6D:16:B6:67:FD:7F:58:6F:CC:AA:78:B5:01:13:76:2C:AB:BE:80:4E"}}},"request":{"raw":"GET /css2?family=Roboto:wght@400\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 28 Sep 2025 10:31:16 GMT\r\ndate: Sun, 28 Sep 2025 10:31:16 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5746,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"017672004526d49c616a83a1885ca6cb","sha1":"317c4a759af5149d1777a5c195c2030c842d4b70","sha256":"6ad67efe8c01a7f843a39344a43ca877e30726dd0cae6db3ce719a22a63bbc70","sha512":"f1dbb144b98e0a05fcaefd0367bb48be095ce28add6c7e8e8ac4d6b4b31dd76e2a7edaa4587bb78841aac8d679c53ba06e7a98775e9c6eaeee11c18c4f251ed7","ssdeep":"96:1OEbaNllOEbaNsFZKOEbaNWOEbaNVTOEbaNVy+aZjzBrgOEbaNIubqGIFuV4yOE6:2NlmNMNVNVkNVqbNfbqGIwV4BNdNzwNY","tlshash":"9bc1fd91041704409b835cd227ce7f34fe1f92116544d0b9abfc9b6beddbda6426836e","first_seen":"2025-09-08T23:56:02.073922Z","last_seen":"2026-03-05T16:22:21.514891Z","times_seen":5277,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":70,"dns":0,"connect":15,"send":0,"wait":32,"receive":0,"ssl":59},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/menu_icon2.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.944Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/menu_icon2.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nset-cookie: view=1; Max-Age=86400; Expires=Mon, 29 Sep 2025 10:31:17 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ECV%2FY1vakPfBb0Z557%2FFCPaVxMua%2Bhi7PibBiqX1vAEvD1x93qbHYjH7U3CVQR7mhVziTC1mWwHXtgn3HaY4WrqOvtut1UkXOSGqL6slcdRvKnr2K8YcfQ%3D%3D\"}]}\r\ncf-ray: 986291fad942568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":801,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 16x36, components 3","md5":"22a64f4a92fb8ecf0bb0eaecce3278a6","sha1":"ca45b680e8d78dba1a7d43485302a373a071a386","sha256":"a12b987cf16c05e94ea1ce3b7048331cae9de666900b0cc1e2ef60da064540c0","sha512":"6a96d9244ef83e6db4aa8fce3dc14159e7efdc822086982bc995dfbe6c539c01a6819b8ef079b07909e225da21c2436c05c83d7a32ff33c3214eb4e71da22f96","ssdeep":"","tlshash":"500194363b4ee70bdee6307454344b28c7ac505e0146830c59f0842eb9842850da795d","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.794393Z","times_seen":44,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wrathypenitis.help/cuid/?f=https%3A%2F%2Ftorrentdownloads.rutor.app","fqdn":"wrathypenitis.help","domain":"wrathypenitis.help","tld":"help"},"ip":{"addr":"212.117.186.92","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wrathypenitis.help","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Sep 2025 21:21:47 GMT","end":"Wed, 24 Dec 2025 21:21:46 GMT"},"fingerprint":{"sha1":"AB:7F:25:A4:47:EA:FD:C0:FD:04:9D:5B:DE:04:FB:AC:82:37:67:A1","sha256":"8C:B6:C9:8F:CE:4F:DB:23:24:8F:04:DB:40:06:BA:C3:2B:0E:91:55:37:A9:E1:FF:A6:E7:DF:7F:FE:FD:BB:65"}}},"request":{"raw":"POST /cuid/?f=https%3A%2F%2Ftorrentdownloads.rutor.app HTTP/1.1\r\nHost: wrathypenitis.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://torrentdownloads.rutor.app/\r\nContent-Type: application/json\r\nContent-Length: 10\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: application/json\r\ncontent-length: 32\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://torrentdownloads.rutor.app\r\naccess-control-allow-headers: content-type, megageocheckolololo, x-forwarded-for\r\naccess-control-max-age: 600\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nset-cookie: a97fa794a0f9=67f315eb4724baa3467fae; expires=Sat, 01 Feb 2053 13:39:16 GMT; domain=wrathypenitis.help; path=/; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":32,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"c8990e26534301b9011e7ca4b01beb6c","sha1":"3e2d02d1155e085a8d6c7475ca36ef344c5d4cd0","sha256":"4e57e2611a721fe26c302b85ad59bbe23984c0fa852030ec0fce1e3877d51593","sha512":"50d540e53ec9cf2abb00533ffdd274453f5ef2ccf6d1b892ac8c86b26449e9186a0fe11b3e22ce0cf1ea8a211da53c7da8d0b200ab5dbaccbefdc93f384f7720","ssdeep":"","tlshash":"4580000aa2f80a2b02200b0eba820c038e0020aaf0803000b02c0acc8b020caaf88803","first_seen":"2025-09-28T10:31:49.130767Z","last_seen":"2025-09-28T10:31:49.130767Z","times_seen":1,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":18,"connect":21,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"wrathypenitis.help","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"wrathypenitis.help","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"wrathypenitis.help","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"wrathypenitis.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bunkersparring.shop/gd/70341?md=eyJhIjoyMTc4LCJzIjoiMTI4MHgxMDI0IiwiYiI6IjEyODB4MTAyNCIsInIiOiIiLCJxIjoiaHR0cHM6Ly90b3JyZW50ZG93bmxvYWRzLnJ1dG9yLmFwcC8iLCJoIjo0NDc5LCJsIjoiZW4tVVMiLCJ0IjowLCJ6Ijo3Mzg5LCJrIjowLCJ1IjoiIiwiZiI6ZmFsc2UsIndoIjoibm90IGluIGlmcmFtZSIsImloIjoiMTI4MHgxMDI0IiwiZSI6Ijd6NmI5bThhM3kwczRvZSIsIm8iOnRydWUsIm0iOjE3NTkwNTU0NzcwNDMsInciOiIlN0IlMjJ0aXRsZSUyMiUzQSUyMlRvcnJlbnQlMjBEb3dubG9hZHMlMjAtJTIwZG93bmxvYWQlMjBmcmVlJTIwdG9ycmVudHMhJTIyJTJDJTIya2V5d29yZHMlMjIlM0ElNUIlNUQlMkMlMjJ0b3B3b3JkcyUyMiUzQSU1QiU1RCU3RCIsInRzIjowLCJwciI6MSwiaGMiOjMyLCJibCI6LTEsImJjIjozLCJ2diI6Ik1lc2EiLCJ2ciI6Imxsdm1waXBlIiwiYWMiOjAsImN0IjoidW5rbm93biIsImNldCI6InVua25vd24iLCJjZGxtIjotMSwiY2RsIjotMSwiY3J0dCI6LTEsInRtcyI6MTIwLCJjZSI6dHJ1ZSwiY2QiOjI0LCJvciI6ImxhbmRzY2FwZS1wcmltYXJ5IiwiZnMiOm51bGwsImZzbyI6bnVsbCwiaW0iOnRydWV9\u0026fc=1BfYCuGdmMB3Nwl9caEngA\u0026pr=107qObpr1uAC85jtISvwpA","fqdn":"bunkersparring.shop","domain":"bunkersparring.shop","tld":"shop"},"ip":{"addr":"94.242.236.150","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.148Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bunkersparring.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Sep 2025 00:53:21 GMT","end":"Tue, 23 Dec 2025 00:53:20 GMT"},"fingerprint":{"sha1":"D4:1F:24:AA:9C:8A:98:1D:7A:D9:5C:BA:16:C8:5C:DB:CF:AD:7C:14","sha256":"5F:E1:2A:F5:32:CD:96:E1:97:E9:3C:53:8A:AF:11:E6:59:FA:A7:BC:EA:E9:82:89:8B:97:0D:C0:96:DD:95:ED"}}},"request":{"raw":"POST /gd/70341?md=eyJhIjoyMTc4LCJzIjoiMTI4MHgxMDI0IiwiYiI6IjEyODB4MTAyNCIsInIiOiIiLCJxIjoiaHR0cHM6Ly90b3JyZW50ZG93bmxvYWRzLnJ1dG9yLmFwcC8iLCJoIjo0NDc5LCJsIjoiZW4tVVMiLCJ0IjowLCJ6Ijo3Mzg5LCJrIjowLCJ1IjoiIiwiZiI6ZmFsc2UsIndoIjoibm90IGluIGlmcmFtZSIsImloIjoiMTI4MHgxMDI0IiwiZSI6Ijd6NmI5bThhM3kwczRvZSIsIm8iOnRydWUsIm0iOjE3NTkwNTU0NzcwNDMsInciOiIlN0IlMjJ0aXRsZSUyMiUzQSUyMlRvcnJlbnQlMjBEb3dubG9hZHMlMjAtJTIwZG93bmxvYWQlMjBmcmVlJTIwdG9ycmVudHMhJTIyJTJDJTIya2V5d29yZHMlMjIlM0ElNUIlNUQlMkMlMjJ0b3B3b3JkcyUyMiUzQSU1QiU1RCU3RCIsInRzIjowLCJwciI6MSwiaGMiOjMyLCJibCI6LTEsImJjIjozLCJ2diI6Ik1lc2EiLCJ2ciI6Imxsdm1waXBlIiwiYWMiOjAsImN0IjoidW5rbm93biIsImNldCI6InVua25vd24iLCJjZGxtIjotMSwiY2RsIjotMSwiY3J0dCI6LTEsInRtcyI6MTIwLCJjZSI6dHJ1ZSwiY2QiOjI0LCJvciI6ImxhbmRzY2FwZS1wcmltYXJ5IiwiZnMiOm51bGwsImZzbyI6bnVsbCwiaW0iOnRydWV9\u0026fc=1BfYCuGdmMB3Nwl9caEngA\u0026pr=107qObpr1uAC85jtISvwpA HTTP/1.1\r\nHost: bunkersparring.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://torrentdownloads.rutor.app/\r\nContent-Type: application/json\r\nContent-Length: 82\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: application/json\r\naccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://torrentdownloads.rutor.app\r\naccess-control-allow-headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires\r\naccess-control-max-age: 600\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nset-cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWdcFnYQDeASKQHj1xSv4SAr9g3Wh3ZQKensbE32bTH6T8TwvKB7g78kZ4Sdv8MRY13Z1U3VlPXa8GoaubZtyaLqSVc00NbiTW2%2F5sJCNcNpWbmxv9wiXmRQZOfajFpTh0am%2F5qr0oSLEg%2BFKZIhXJ5YM6WD0sZEpQkSKr4T0VRqa9JcT%2FEMbhOy5dlkql%2F0Sgd6KMD8jfZNKuGV%2BQcDKPE883N8Wbidt1l6KxEc8Gy4I%2FgtOI7c0a%2FONVNB2tfoG6EX0%2F%2F73ODxYiUTQLkdCrO07mR%2B4dk3m; expires=Mon, 29-Sep-2025 10:31:17 GMT; Max-Age=86400; path=/; secure; SameSite=None\nGL_GI10=eJwVyLEKwjAURuHcSwmIWX6oe5%2BgWrRgV%2BsoydAnqDVIoSQhiYpvb10OfEcIwaUCzwHq3NRdW69tuhPoCdYGPDlI7eNn%2FIIi%2BHAER4etSYuvev9yef0Tir9BM5S5mKEywTptM9glbPrxvtj9dbiBghTg7CWD06MUoLfc%2FQD8TBxp; expires=Mon, 29-Sep-2025 10:31:17 GMT; Max-Age=86400; path=/; secure; SameSite=None\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":959,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"6d1a9c2128e04d4d19dabe897c3ffdf5","sha1":"cfcf0a31a9fc4a534b25d0d7187c9157bbc06edd","sha256":"8f7cf3e8328e9132408daae3be5ee3ecfcfc6b57ea596f54e7747cee4d3d0895","sha512":"a9f9063a78a40390e44a6e52de05fbfb4cd90fbd8682fdfee7a17ee0b8467e908b9939080a38bf4380d605d8e2e9288a16c55076ba9a977546418811fa8395b4","ssdeep":"","tlshash":"b711947570c2312b52c944d1516b3d5bbf9256a732715efbbe1021974c6af2c22445ce","first_seen":"2025-09-28T10:31:49.13212Z","last_seen":"2025-09-28T10:31:49.13212Z","times_seen":1,"resource_available":false,"data":null}},"time_used":359,"timings":{"blocked":-1,"dns":4,"connect":20,"send":0,"wait":290,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"bunkersparring.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"bunkersparring.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"bunkersparring.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"bunkersparring.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brewed.grasnibrowsed.shop/mtn/123057/fa5f27a2cebac1abf4a2101373d5e03d.1351055434.000","fqdn":"brewed.grasnibrowsed.shop","domain":"grasnibrowsed.shop","tld":"shop"},"ip":{"addr":"23.109.170.198","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.257Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"brewed.grasnibrowsed.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Sep 2025 04:21:52 GMT","end":"Sat, 27 Dec 2025 04:21:51 GMT"},"fingerprint":{"sha1":"CF:43:8D:F9:8A:55:69:59:6C:6B:C7:67:5C:5D:B2:BD:8A:1E:00:3F","sha256":"2A:DF:64:DD:5D:14:25:B6:20:E4:EA:7B:9F:DD:CA:F9:78:D2:51:14:65:05:C8:83:24:31:1B:B3:1E:8E:AE:0C"}}},"request":{"raw":"POST /mtn/123057/fa5f27a2cebac1abf4a2101373d5e03d.1351055434.000 HTTP/1.1\r\nHost: brewed.grasnibrowsed.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 36\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://torrentdownloads.rutor.app\r\naccess-control-allow-headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires\r\naccess-control-max-age: 600\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nset-cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWdcFnYQDeASKQHj1xSv4SAr9g3Wh3ZQKensbE32bTH6T8TwvKB7g78kZ4Sdv8MRY13Z1U3VlPXa8GoaubZtyaLqSVc00NbiTW2%2F5sJCNcNpWbmxv9wiXmRQZOfajFpTh0am%2F5qr0oSLEg%2BFKZIhXJ5YM6WD0sZEpQkSKr4T0VRqa9JcT%2FEMbhOy5dlkql%2F0Sgd6KMD8jfZNKuGV%2BQcDKPE883N8Wbidt1l6KxEc8Gy4I%2FgtOI7c0a%2FONVNB2tfoG6EX0%2F%2F73ODxYiUTQLkdCrO07mR%2B4dk3m; expires=Mon, 29-Sep-2025 10:31:17 GMT; Max-Age=86400; path=/; secure; SameSite=None\nGL_GI10=eJwVyLEKwjAURuHcSwmIWX6oe5%2BgWrRgV%2BsoydAnqDVIoSQhiYpvb10OfEcIwaUCzwHq3NRdW69tuhPoCdYGPDlI7eNn%2FIIi%2BHAER4etSYuvev9yef0Tir9BM5S5mKEywTptM9glbPrxvtj9dbiBghTg7CWD06MUoLfc%2FQD8TBxp; expires=Mon, 29-Sep-2025 10:31:17 GMT; Max-Age=86400; path=/; secure; SameSite=None\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":87,"connect":21,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.461Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 28 Aug 2025 13:14:02 GMT","end":"Wed, 26 Nov 2025 14:13:48 GMT"},"fingerprint":{"sha1":"7A:B2:21:7F:72:E3:39:3E:95:5D:FB:ED:BB:1C:7E:88:C4:7A:B1:B3","sha256":"FB:1D:6D:AF:DA:57:8D:9A:8B:B2:CC:FF:A2:55:C8:F3:71:3D:49:77:06:FC:4D:6F:16:91:61:6F:89:1C:A3:CB"}}},"request":{"raw":"GET /gid.js HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: https://torrentdownloads.rutor.app\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=0802527612bf48edf56b687e06db9861; expires=Mon, 28 Sep 2026 10:31:17 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 986291fe6cf156c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"94b8f2bf78e772c01f5dfbc804a23baf","sha1":"5a8e92e7a25340d8eea35e16fb7d0a5618901749","sha256":"af79bd42b21e98f9359f5d3d8682d05270bf6f98595bc4080f6808cb4c841a8e","sha512":"81c4476784933a70526afad6da91934a7e175c2f3ca6b1279d4f6bfa1ebb83b9bb0ed97a344d7351cab21ce5dc5bfb2eab2c4493f87d5611d03b4a5ae61736be","ssdeep":"","tlshash":"8ba002972418868956c0e7191e5ad6a6526800a76444a20481d8d04652c794d4985b6d","first_seen":"2025-09-28T10:31:49.133437Z","last_seen":"2025-09-28T10:31:49.133437Z","times_seen":1,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":44,"dns":3,"connect":2,"send":0,"wait":34,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:300,400,700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.023Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:49 GMT","end":"Mon, 01 Dec 2025 08:36:48 GMT"},"fingerprint":{"sha1":"9E:38:51:02:B6:22:9C:08:6B:24:B8:A0:EB:DB:60:D9:27:B2:68:90","sha256":"67:AF:7E:56:AB:8D:96:FB:D0:75:CA:28:6D:16:B6:67:FD:7F:58:6F:CC:AA:78:B5:01:13:76:2C:AB:BE:80:4E"}}},"request":{"raw":"GET /css?family=Roboto:300,400,700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 28 Sep 2025 10:31:21 GMT\r\ndate: Sun, 28 Sep 2025 10:31:21 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16755,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"a90fc2bf15e304ef3fa4e7f75b6a8608","sha1":"0f8c2853b49a7c206d75af99117482d80a60f869","sha256":"6e10be4b6befecf6f3d1ae34b727939e6da334a1f2d815fd325ba9c455520772","sha512":"0d1a14e11c436dadf51cc489592867eaff3cae2c4a95748d2a25614c984560ad3588fb95e2aaafd4060d4954594951d09e71ab36e9859fb8590198811f156fc4","ssdeep":"384:pwf5wgwPwrwyUw/qY4+w4wYwpwfMw1wWw6wyhw/qY4XwNwtw4wfdwkwDw3wyQw/P:pc70afUQRptmJKBLfhQE8YTYHw+fQQVl","tlshash":"b472ed91041700009b835ce223cebf35fe5f92117141d0b9abfd9b6badcbc6652693ad","first_seen":"2025-09-08T23:24:40.129975Z","last_seen":"2025-11-18T23:33:55.863403Z","times_seen":3582,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/small/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:21 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qWs7XgySdKH55nWS8KIZibdFtzxMj%2Fn1Q7eRE2xK9nre%2FEa%2B628VBrc06pxj7u05Qpa4RrDxqtdWdWrCSxIobR1Hh2y%2BDZRnKCGKGGPg\"}]}\r\nage: 33114\r\ncf-cache-status: HIT\r\netag: W/\"65aa84fe-1499c\"\r\ncontent-encoding: br\r\ncf-ray: 986292146f1b712a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":84380,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32025)","md5":"4a356126b9573eb7bd1e9a7494737410","sha1":"8258d046f17dd3c15a5d3984e1868b7b5d1db329","sha256":"22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5","sha512":"005c3102459dbf145df6a858629d6a6de4598fafe24cd989d86170731b0c3b3c304da470cf66bfd935f6db911b723df0857b5ed561906f7f1c5c4e63ed9430de","ssdeep":"1536:/P10iSi65U/dXXeyhzeBuG+HYE0mdkuJO1z6Oy4sh3J1A72BjmN7TwpDKba98HrZ:++414Jiz6fh6lTqya98HrZ","tlshash":"dc83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-04T10:53:20.244551Z","times_seen":15945,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"qo.caromedlusk.com/ra0oXIFUcinxsTE/70341","fqdn":"qo.caromedlusk.com","domain":"caromedlusk.com","tld":"com"},"ip":{"addr":"23.109.170.253","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.758Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"qo.caromedlusk.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Sep 2025 06:41:29 GMT","end":"Mon, 15 Dec 2025 06:41:28 GMT"},"fingerprint":{"sha1":"CF:FA:6B:E7:0E:25:E3:A7:4F:C4:F6:30:B6:89:1F:97:8F:86:7C:1E","sha256":"2E:9E:41:DE:C8:B1:40:85:5C:4A:EA:98:E7:69:29:8F:C6:7E:34:C0:65:20:39:3C:97:9B:D5:B0:FC:58:08:8F"}}},"request":{"raw":"GET /ra0oXIFUcinxsTE/70341 HTTP/1.1\r\nHost: qo.caromedlusk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 28 Sep 2025 10:31:16 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://torrentdownloads.rutor.app\r\naccess-control-allow-headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires\r\naccess-control-max-age: 600\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nset-cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWdcFnYQDeASKQHj1xSv4SAr9g3Wh3ZQKensbE32bTH6T8TwvKB7g78kZ4Sdv8MRY13Z1U3VlPXa8GoaubZtyaLqSVc00NbiTW2%2F5sJCNcNpWbmxv9wiXmRQZOfajFpTh0am%2F5qr0oSLEg%2BFKZIhXJ5YM6WD0sZEpQkSKr4T0VRqa9JcT%2FEMbhOy5dlkql%2F0Sgd6KMD8jfZNKuGV%2BQcDKPE883N8Wbidt1l6KxEc8Gy4I%2FgtOI7c0a%2FONVNB2tfoG6EX0%2F%2F73ODxYiUTQLkdCrO07mR%2B4dk3m; expires=Mon, 29-Sep-2025 10:31:16 GMT; Max-Age=86400; path=/; secure; SameSite=None\nGL_GI10=eJwVyLEKwjAURuHcSwmIWX6oe5%2BgWrRgV%2BsoydAnqDVIoSQhiYpvb10OfEcIwaUCzwHq3NRdW69tuhPoCdYGPDlI7eNn%2FIIi%2BHAER4etSYuvev9yef0Tir9BM5S5mKEywTptM9glbPrxvtj9dbiBghTg7CWD06MUoLfc%2FQD8TBxp; expires=Mon, 29-Sep-2025 10:31:16 GMT; Max-Age=86400; path=/; secure; SameSite=None\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":163085,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators","md5":"9a7cf1df45ee0e16053151d301617e90","sha1":"cb4f9ff84c1f24a20e93eb2e6d63990920d1b793","sha256":"9c43b435e9a563bb30597cccc3ec59f13aaaae1f26760d07ed5da0239fc25cd6","sha512":"0d2579b038d8ba7f747ca92926a0cfea41bb1d9d3f125124530934ee3fc86d11e191436631e14231d31bf326378b45fabd0d82849dc58db67c49958e7e820622","ssdeep":"3072:pxISGx4vnyfBUCV5Q3lQBsWLslW8D2VVsvWU9e9f2KsVboPxDl+XoFLRISfgRGsq:pGSGyyfbV5Q3lQBsWLslMVVsvWU9e9fn","tlshash":"aff33ce0b771b2b98f9340e5e13b9112f22e0d51308c98b0d26a9d747e7159ed27fad8","first_seen":"2025-09-28T10:31:49.136217Z","last_seen":"2025-09-28T10:31:49.136217Z","times_seen":1,"resource_available":true,"data":null}},"time_used":375,"timings":{"blocked":167,"dns":125,"connect":20,"send":0,"wait":39,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"qo.caromedlusk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"qo.caromedlusk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"qo.caromedlusk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 22 Sep 2025 23:17:32 GMT\r\nexpires: Tue, 22 Sep 2026 23:17:32 GMT\r\ncache-control: public, max-age=31536000\r\nage: 472429\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T11:46:59.437094Z","times_seen":714426,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/double_btn/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.033Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/double_btn/1/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:21 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HzPt90oyp5FhL7vULiWA%2F7oKsz9pv9YKEibWPgxAqmfKa2C%2BBP6%2Bo7YYrBAZQbnyAvoGkKhryo0Swdgr7n2DgeKP8W%2FE7sjx78E1boJp\"}]}\r\nage: 365311\r\ncf-cache-status: HIT\r\netag: W/\"65aa8501-15d94\"\r\ncontent-encoding: br\r\ncf-ray: 986292146f1f712a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89492,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"561acb3e541133bbdd2c0c19f8ee35a1","sha1":"ffd1353cf3f77d25f801c84d8208613eb0d3d548","sha256":"9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc","sha512":"8a647ed6f56b4da93c7a034609060991cc8080350f057f4f2af2c369f18af066db3b4e77701fc017027fd774264a6d0f84927239d7d2f693edc6f7d6a0917be3","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakV:YYh8eip3hXuf6IidlrvakdtQ47GKl","tlshash":"f993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:04:00Z","last_seen":"2026-04-03T18:56:22.048855Z","times_seen":6515,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"3.123.144.251","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.361Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://torrentdownloads.rutor.app\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=d995e3f7-3ab8-4202-88f2-ba729b81cf19:2:1; expires=Wed, 26 Sep 2035 10:31:17 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"9eed356908528740e9be906f9f87282f","sha1":"08cc47301aa3882c2b781b1f6197ff7f1cdbed0f","sha256":"318e98924085febb87bf6b53a931e037d8ed3eba0cac9b42c0bbe56cc7a173a8","sha512":"5a7d92c8303f625799ae7aa598b021a377ee9309d9f00ffb90b29c6d11ab8f6ef66d2dc55e154dc3fec2f808adef18aab0d934dcf9059caaf3d2ad8cc5534724","ssdeep":"","tlshash":"32900441c7c10cc3d574d7054d0100ccc4110110007d44037c00c51c1d4f741f55d330","first_seen":"2025-09-28T10:31:49.138398Z","last_seen":"2025-09-28T10:31:49.138398Z","times_seen":1,"resource_available":false,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":29,"send":0,"wait":24,"receive":0,"ssl":61},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/ren.gif?sid=H4sIAAAAAAAC_1RSQWgkRReunvz8CIqiBy8qzGEPK5hJd0-nZ-Iell13V6NrJuyuBlkv1V3VkzLdXW1V9fRkvAQDujdHQfDY-SbZoOagdwWZeJGgkPbiHAyCJ--y4EVkksGs7_Deq_pePb731ftgJz8hTeR0svq6HIg4pguLDbt-cU2kTBa6vnKn7tgN-1J9TaS-d6nenzrVe9Fpeg37-frLPNyQC67t2LZjO_UbQvFI9hdOUYjsoO00lhYbbafhLHnoq_-edW5BUwusd0KegmDVE79HdyHCMdLkq2tcbxiZvXA9yWNqpEKP7b-RbqSySJGcp5GyEKX7s2pIXRHyWQ0y3Z9NANnbnU6AQFSk9vSvCNL9GU0Evb0zpkEMniJgj6LojcHjMQQdI5TbEOyYACHDSgdpcn9FqoJunqF0ilbk_3_-AVFU5JFnCdLkoHO1c7veyXi6wg36UQnRH0N0x8jyQ5hBDaI4RGjeh2A_kYUHN5Emux0dSwg2ueA4vrMY0GjetUN_3ou4N09bPJhvR4xSZvus5dmnAoloDKrnkGsLubCQRzXkWQ0Jm9RdFnKn5fJ2EPl-y7fbju_4nsvaLmPu0pKHPJwyH8JkQ4TxEKHaQqa2sCE-OfZWj5tvQuXfQa-X0MyCNgQ9VqLgBIUmKChBIQgKQ1D0yj0Wa1eX91ms88CZRXcWm-VImu4O3ZOmy1MCqoZQrNwV2bt6G6GxRoNIk5GcOhqYckQDVu5kJ-TJqbTWW39rbPBJndpNN_BYsxm2Kad-m3rRUtD23Oai73hBFEGLEkLXQLWFgahIq_oBmagI-egXBPQQOj5EKOZA8-dAixJ0vcQgPWBCZUr2NxuhTMBkicz8D2bT2olPyDOnn3vlr0_Bw6PLPzdPDaEqkakS74jvCbrxvdEtWZDdW7LQ5OtOZkQiBtQImd421PC5L17jm4VUbPmaHn5-JZwC0_TgDtfmJk2ZSLuafHlVMMbVDalCTr5d1ms8WM31-tVcpXl2c_WlG8tJprjWQqZjUFER670fEYqKPPbq9dOlvrD8IYQaQ-UlkvyIzAxhtgWdnXPXkkDF53iQWSjycqTc4N_LkQqi84pYVOSVu78h5keXD8038u2LD0CDEpo_1IU_9JhO21FR7uh76CoL1GwjTUr0VIleXILGQ-h8bmQydc4riK1RECtrN4hV_PGZ5lpM6o7n-qzl2B6LfCdajNxmZEfc9inz7JCxCEZX65PHe_8EAAD__7SKCcbDBAAA","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:18.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Aug 2025 21:31:25 GMT","end":"Sun, 02 Nov 2025 21:31:24 GMT"},"fingerprint":{"sha1":"8C:BC:E6:45:99:A6:42:A8:C3:7C:33:7D:77:C5:9E:C7:70:2A:A9:6C","sha256":"44:0D:F2:B1:46:00:9E:72:AB:F2:58:53:DB:2A:6F:97:C8:DF:54:6F:43:D4:84:F7:D4:6A:D5:F7:8B:ED:15:C2"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSQWgkRReunvz8CIqiBy8qzGEPK5hJd0-nZ-Iell13V6NrJuyuBlkv1V3VkzLdXW1V9fRkvAQDujdHQfDY-SbZoOagdwWZeJGgkPbiHAyCJ--y4EVkksGs7_Deq_pePb731ftgJz8hTeR0svq6HIg4pguLDbt-cU2kTBa6vnKn7tgN-1J9TaS-d6nenzrVe9Fpeg37-frLPNyQC67t2LZjO_UbQvFI9hdOUYjsoO00lhYbbafhLHnoq_-edW5BUwusd0KegmDVE79HdyHCMdLkq2tcbxiZvXA9yWNqpEKP7b-RbqSySJGcp5GyEKX7s2pIXRHyWQ0y3Z9NANnbnU6AQFSk9vSvCNL9GU0Evb0zpkEMniJgj6LojcHjMQQdI5TbEOyYACHDSgdpcn9FqoJunqF0ilbk_3_-AVFU5JFnCdLkoHO1c7veyXi6wg36UQnRH0N0x8jyQ5hBDaI4RGjeh2A_kYUHN5Emux0dSwg2ueA4vrMY0GjetUN_3ou4N09bPJhvR4xSZvus5dmnAoloDKrnkGsLubCQRzXkWQ0Jm9RdFnKn5fJ2EPl-y7fbju_4nsvaLmPu0pKHPJwyH8JkQ4TxEKHaQqa2sCE-OfZWj5tvQuXfQa-X0MyCNgQ9VqLgBIUmKChBIQgKQ1D0yj0Wa1eX91ms88CZRXcWm-VImu4O3ZOmy1MCqoZQrNwV2bt6G6GxRoNIk5GcOhqYckQDVu5kJ-TJqbTWW39rbPBJndpNN_BYsxm2Kad-m3rRUtD23Oai73hBFEGLEkLXQLWFgahIq_oBmagI-egXBPQQOj5EKOZA8-dAixJ0vcQgPWBCZUr2NxuhTMBkicz8D2bT2olPyDOnn3vlr0_Bw6PLPzdPDaEqkakS74jvCbrxvdEtWZDdW7LQ5OtOZkQiBtQImd421PC5L17jm4VUbPmaHn5-JZwC0_TgDtfmJk2ZSLuafHlVMMbVDalCTr5d1ms8WM31-tVcpXl2c_WlG8tJprjWQqZjUFER670fEYqKPPbq9dOlvrD8IYQaQ-UlkvyIzAxhtgWdnXPXkkDF53iQWSjycqTc4N_LkQqi84pYVOSVu78h5keXD8038u2LD0CDEpo_1IU_9JhO21FR7uh76CoL1GwjTUr0VIleXILGQ-h8bmQydc4riK1RECtrN4hV_PGZ5lpM6o7n-qzl2B6LfCdajNxmZEfc9inz7JCxCEZX65PHe_8EAAD__7SKCcbDBAAA HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nCookie: uid_id2=11615baf-20c6-4fe4-a7eb-8fdaad06d740:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl15816950=1; sleca286902791a7f4c98bcb1e812322cd78=[6154259]; u_pl22675059=1; sleca032b4d33c8aea68a4f9b84235614bff=[4323733]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:18 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 30843e2b93c82ae9716fda41876ac113\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.pushub.net/inpage/inpage.js","fqdn":"static.pushub.net","domain":"pushub.net","tld":"net"},"ip":{"addr":"2.23.13.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:20.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.pushub.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Sep 2025 06:36:20 GMT","end":"Sun, 30 Nov 2025 06:36:19 GMT"},"fingerprint":{"sha1":"4A:0F:42:EB:C4:7F:19:81:5F:07:34:1C:6D:DE:AF:C5:92:2F:27:1D","sha256":"9C:61:86:93:1F:8F:33:46:59:63:BF:9D:D6:CC:EE:2B:09:61:70:AE:D8:57:40:28:80:E9:9D:FD:54:3C:75:67"}}},"request":{"raw":"GET /inpage/inpage.js HTTP/1.1\r\nHost: static.pushub.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/javascript\r\nContent-Length: 13180\r\nLast-Modified: Thu, 05 May 2022 12:41:49 GMT\r\nETag: \"6273c60d-337c\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=4985\r\nExpires: Sun, 28 Sep 2025 11:54:25 GMT\r\nDate: Sun, 28 Sep 2025 10:31:20 GMT\r\nConnection: keep-alive\r\nX-Forward-Proto: http\r\nCDN-Origin-Protocol: HTTP\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13180,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (13123)","md5":"5910e494b34694553906c84adbf11b84","sha1":"abcc4dad695e8dbbcb817d6c69048001b6e58f36","sha256":"be9ce430b5c00ab65a0ab52c4a3e3b2e764a2da413b1b83986e59ce810678f2c","sha512":"5a82f4a292ed4dd443293dc9f882ae9411fa9aab64bbf5c44653a02a08314571988748b36b22137e70ec6bcaf5d3f3b11672d06610eb47ff073590f97ef8e024","ssdeep":"192:CBuLuLVBuL/LyzOVeydZr1qIcVirXhNST01h2LJ:CBBLVBgLvVeydzocST01hqJ","tlshash":"7b42f9b63962313193e3d1b3a4df574db174c4202942446ca264d6e90ee5a4f5737bec","first_seen":"2023-03-10T14:20:49Z","last_seen":"2025-09-30T09:51:01.538981Z","times_seen":90,"resource_available":true,"data":null}},"time_used":60,"timings":{"blocked":27,"dns":11,"connect":2,"send":0,"wait":2,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=500","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=500 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:21 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/titl_tag2.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.755Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/titl_tag2.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:16 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\ncf-cache-status: BYPASS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ifzIjs8tD6TPthiAF%2Fnkh4ZZNZt6YnE9PmMpvJy0Vkv2JQZ%2B6pFJxOmwjCk%2B4q7o4UFvNOB2zUIKdPRsuVjSm9vBo%2Bdv9icjFr%2BF6oBHD%2Bq7oXJDRKhtoFpJ\"}]}\r\nset-cookie: view=1; Max-Age=86400; Expires=Mon, 29 Sep 2025 10:31:16 GMT\nPHPSESSID=au979e7kmdjo66ufs87vgkcioi; Path=/\r\ncf-ray: 986291f9bf17c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3596,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 214x34, components 3","md5":"51072b554b215f24eb097bc60ce92528","sha1":"6243c7915c53938aa5862ac5f3ec1632b1534653","sha256":"f7b0fe7ca81d2c2d0ddc1bfbf7c4eb86112f2139f865ad38868fa0844314963d","sha512":"f4e152998f0866aa04392a8751322645ded89d5bca5557e79340fdf56992da9e90de08a643c2bc20f66d3b1681be538adc2e410a109cea589507428b64cfa01d","ssdeep":"","tlshash":"6e713c5ee20b4b9bf9cb48b251b21288469c1879a56bbb1c017e3bb6e7a41e518421d3","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.867919Z","times_seen":47,"resource_available":false,"data":null}},"time_used":187,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":187,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/menu_icon7.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.946Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/menu_icon7.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:17 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Qa0ivmf%2Bpi0u9bWOK%2B5Iodk0RTrYnuTiJJZFoNdQRAZx8UdT4SOdTuykOP%2FpsS746LEYRkEx9R01zZaBtB5Kdh9IWm0xBAF69CmAUZ0QLSNbxKyj207NKA%3D%3D\"}]}\r\ncf-ray: 986291fae947568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":641,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 16x32, components 3","md5":"531afccc98e5e1492174b4c03ba09c94","sha1":"65b392a735a98ef0fc301b86afed757d3697c3de","sha256":"e13a0d9293d1a2418c34f0b0d4cbea140241c483b6b80ac477434be843ff0daf","sha512":"6f85a5e3710f5ae589a9c8ea67812e07771363d4ccccc8c2aa7271232672b6486c0dee056a063c08458222b51b05ba16c51bb60a4df2164265171c52e19e0fb5","ssdeep":"","tlshash":"19f0c07b63a7ab26e4903170767252249bdc098a94271f9e18f9b920f8243d50f6120e","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.891854Z","times_seen":45,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:20.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/small/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:21 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa84fe-13361\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DrjzXH8NJhgo%2B0CLUtQe3j6suUE5sW0YqZ7d2B0%2F3R69OaSx1iao%2FzcfEtFB0zlIZAfw%2F8t2EXadYZL6jfGRFdCis2Am8nge7krK0o9Q\"}]}\r\ncf-ray: 986292141ecb712a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78689,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"3d4123dbfb33d27a5cfdfcfa91df6783","sha1":"e7d0eeeec54b848f0bc3da8685fa3bc88429d660","sha256":"cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887","sha512":"75c8a48dc207595e201b50b87ff68782112a21aded9f15f14185c07d40f0151d6afe74a2b278aa575caf12ac422e8166316296ed7b6573ea24e667cca4af51dd","ssdeep":"384:jvuAuF81dghu3ublZlX/m/Gu7uNUtrL4VrbZJgBhLYNKwZiMUL6Vpaj7F:jvuAu21dghu3uLu7uNKwZiMUL6Vpaj7F","tlshash":"22731bad399115845263861d83df9e68273ce5731826acef73c2488bcf8bf9867c9147","first_seen":"2024-01-20T06:37:31Z","last_seen":"2026-04-04T10:49:57.044251Z","times_seen":10533,"resource_available":false,"data":null}},"time_used":547,"timings":{"blocked":59,"dns":3,"connect":1,"send":0,"wait":426,"receive":0,"ssl":56},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 22 Sep 2025 23:17:32 GMT\r\nexpires: Tue, 22 Sep 2026 23:17:32 GMT\r\ncache-control: public, max-age=31536000\r\nage: 472429\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T11:46:59.437094Z","times_seen":714426,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/top_curve-left.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.936Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/top_curve-left.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:17 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7m0jlo1fJLef74pSz5fPlnzWiiMMGYgors9aS19Im85LEjX3%2BdKohEjvUGVzAPVKz53ggVahBFKE%2FiEZbs%2F8tSJWV%2BRJZvB8SYmyBLNtkIWju4SN6csUuA%3D%3D\"}]}\r\ncf-ray: 986291fad938568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1435,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1207x15, components 3","md5":"181c0c0658c7aba0a6fea867ed146d7c","sha1":"9be994c54effc36bfadbe9caecc499d0238424fa","sha256":"73f9ccc557f889fbfc1cb42ad7827158eaaf0d17fd180caead1e779ab61f29eb","sha512":"d72e02a9f3a0b1fc2e21815ef445a2190fde36e5b250d13cff32851bfdc8dc01b3d8bcfcdc03997d3c5bef63c276a888ff5ad6358b4cf2d3c71c15082c202c2d","ssdeep":"","tlshash":"ff21d8212396b717c87a1875f6b9e33c1e15515ea3424679a0b80e4b3c30de326f6369","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.891326Z","times_seen":45,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":134,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1152\u0026rd=1152\u0026fd=591\u0026bv=25.9.7989\u0026tmpl=70","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1152\u0026rd=1152\u0026fd=591\u0026bv=25.9.7989\u0026tmpl=70 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:17 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":787,"timings":{"blocked":336,"dns":4,"connect":110,"send":0,"wait":115,"receive":0,"ssl":221},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.951Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /s/roboto/v49/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 20612\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 22 Sep 2025 23:18:44 GMT\r\nexpires: Tue, 22 Sep 2026 23:18:44 GMT\r\ncache-control: public, max-age=31536000\r\nage: 472353\r\nlast-modified: Mon, 08 Sep 2025 18:08:15 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20612,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20612, version 1.0","md5":"b07da7aa3e4f363c5cdbc11312239e8c","sha1":"47bf5b2f24ea4a4caafccc89b9d2a6677ef9e3b8","sha256":"e44c11f4834bdd4d6b6da7b8ee5eaebc8acb41250cd6bce5cc82ea8262140eaa","sha512":"420729406b315d8af34b62b78f39e763f5cf33cbf94467457b393fde0573dd7ffc6a23f25680988f9b82a4a3b719876ff76f3e1db047ce82615f544fc3a82532","ssdeep":"384:k5Eu+yl5Y9RpwjjmD/8Qu+POP9w+oB7rezldH9W4EMs8qCr9WvS80M8T4PTEXPFw:YEu+/Jw3FF+WP9DC/ez79jcCrb8BK4Eq","tlshash":"8192df6bce71497ac711262c773917addb8b44f627f91f2ba0562411c7b8e015c2cc7a","first_seen":"2025-01-09T06:25:34.419113Z","last_seen":"2026-04-04T11:20:55.701021Z","times_seen":45624,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":76,"dns":0,"connect":16,"send":0,"wait":16,"receive":5,"ssl":60},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/top_curve_right.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.936Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/top_curve_right.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:17 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CxXgpIsGMZbjb0eDq%2BzJh%2FVzwKIaBPFSZ0zWrhK5yhlqKO5F%2FQY8JAJtF3TbveIvJJ9XNtovWilqCUmIQeqEQZCm1U%2BbtaSQYsHAVPScScrbAMQdD3lqlA%3D%3D\"}]}\r\ncf-ray: 986291fad939568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1435,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1207x15, components 3","md5":"90ffb6448fc545065a62f593585b5a78","sha1":"7bfce41672208856f67de5a16c5ea758508c30b1","sha256":"92e069fb8e8a817c00354168e6e6d94c93dd80c3e2814e4498222e6e8057bdab","sha512":"3ec2ef691ac23fc24c579429560e31b870af4a0390af207bf3dbc698482396be20140a0f428cbdd35a5f60befe03aede2131d5bd4fa8e1679e24a5b4feb85f75","ssdeep":"","tlshash":"7921c0353325af4ad46524f0f4f8e62d29398256a206259835b40d5abcb0dc73cf537a","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.864331Z","times_seen":45,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vmuid.com/uid/send","fqdn":"vmuid.com","domain":"vmuid.com","tld":"com"},"ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"vmuid.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Sep 2025 01:59:37 GMT","end":"Mon, 15 Dec 2025 01:59:36 GMT"},"fingerprint":{"sha1":"84:BD:C5:EF:9D:1D:34:8C:A0:22:2D:D2:FB:A2:D3:F5:74:5F:7A:90","sha256":"30:7E:44:EB:16:94:91:A3:8A:D6:C1:32:D3:2D:D0:B9:A7:40:77:14:44:AB:8F:B5:EE:45:E6:8B:43:50:B5:55"}}},"request":{"raw":"POST /uid/send HTTP/1.1\r\nHost: vmuid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://torrentdownloads.rutor.app/\r\nContent-Type: multipart/form-data; boundary=---------------------------77535824034133709921963056058\r\nContent-Length: 320\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Sep 2025 10:31:17 GMT\r\nContent-Type: application/json\r\nContent-Length: 65\r\nConnection: keep-alive\r\nCache-Control: no-store, max-age=0\r\nAccept-Ch: Sec-CH-UA-Platform,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform-Version\r\nAccess-Control-Allow-Origin: https://torrentdownloads.rutor.app\r\nAccess-Control-Allow-Headers: X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers, set-cookie, Cookie\r\nAccess-Control-Allow-Credentials: true\r\nSet-Cookie: guid=0963af0f-7465-4248-b3c9-5dc19f8aa4ce; expires=Wed, 31 Dec 2025 00:00:00 GMT; domain=vmuid.com; path=/; secure; SameSite=None\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"39e5892133f0466132c8c3422042de97","sha1":"b67bd8d43f4060d0fc391586381afe6664b9760f","sha256":"6b7a69f754c7eedede3db97c262b8a88284a74dea29d99e70c956a50420ba23a","sha512":"ef8a370821cf78e651525339dda9d1892b5fd055922e9ad440c9bca33949941aeef3f2999aa924b47e6b5cdb7cbfc73fb935052d5082a878630b8d841ec21ff6","ssdeep":"","tlshash":"b7a002197316016abe94394809b866492c5549c994e6d459c555482f6d1820e7082229","first_seen":"2025-09-28T10:31:49.145124Z","last_seen":"2025-09-28T10:31:49.145124Z","times_seen":1,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":14,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"vmuid.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/5783333ceb22/main.js?","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:20.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/5783333ceb22/main.js? HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=66gpcavpdjto0ovn346m5m24fj; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d995e3f7-3ab8-4202-88f2-ba729b81cf19%3A2%3A1; sb_main_a286902791a7f4c98bcb1e812322cd78=1; sb_count_a286902791a7f4c98bcb1e812322cd78=1; sb_main_a032b4d33c8aea68a4f9b84235614bff=1; sb_count_a032b4d33c8aea68a4f9b84235614bff=2; pp_main_2200540f09f939738419313a1a090c32=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=directlycascade.com\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\ndate: Sun, 28 Sep 2025 10:31:20 GMT\r\nserver: cloudflare\r\ncf-ray: 98629213fc07568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10175,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (10175), with no line terminators","md5":"6134b30bf2687a0e58305b56ac1270f2","sha1":"e3ef3f01e886b7f9ebfde95803d271f43d39a027","sha256":"01976eb16aa20828872252233bfe5f1a874f3a4bc5ce614e024211ee8c62ed00","sha512":"ba85990c4b0b0e553063d83d4457645149c43b4b754a2fb69720eaf6a32137cdca959d0968414ece9b77cbcb037a197dc3aebc882489a48f49bde0ad924ca493","ssdeep":"192:4TVi0VUoZYoIS9nktT6bRAqV7djquZydguXCm7CnCnnaL4XX+mTH4CQpVFybIogj:8Vi0VUoZYoIS9nkV6bRJV7JrZyeNL5mO","tlshash":"b922e6ce794cb96c430c79c404ffb3d70231fda5788aa98462a179a46f30b95b689d4f","first_seen":"2025-09-28T09:59:30.035133Z","last_seen":"2025-09-28T10:31:49.146409Z","times_seen":3,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css\u0026l=3355\u0026fd=522","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.431Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css\u0026l=3355\u0026fd=522 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:21 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":92,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":92,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/pixel/sbs?c=1","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.910Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Aug 2025 21:31:25 GMT","end":"Sun, 02 Nov 2025 21:31:24 GMT"},"fingerprint":{"sha1":"8C:BC:E6:45:99:A6:42:A8:C3:7C:33:7D:77:C5:9E:C7:70:2A:A9:6C","sha256":"44:0D:F2:B1:46:00:9E:72:AB:F2:58:53:DB:2A:6F:97:C8:DF:54:6F:43:D4:84:F7:D4:6A:D5:F7:8B:ED:15:C2"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nCookie: uid_id2=11615baf-20c6-4fe4-a7eb-8fdaad06d740:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl15816950=1; sleca286902791a7f4c98bcb1e812322cd78=[6154259]; u_pl22675059=1; sleca032b4d33c8aea68a4f9b84235614bff=[4323733]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:21 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/logo1.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.758Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/logo1.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:16 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:16 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aq2zJMa4NWbMIoMQ2RFx97f%2FcMFqq3fVa2jBRzJCUeadk8rhok%2BZdMcfzKvR5XBIlCn%2FR8j%2FdOO1J4Y2HCO3P8x7pM3O8DX4NBt32vqZbXJybHooLKW8jiok\"}]}\r\ncf-ray: 986291f9bf1ac759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3194,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 189x60, components 3","md5":"7822e3350fd71745eee2012a36e4b283","sha1":"689a199ca46361443abc576686abaffc49bfaca4","sha256":"d317951349bfedbc76c2ab6e8510e61be6c2df9d48b1124c8d4b208a382069d4","sha512":"d79cdeb6d57fcb850921433cbdda163b4c46e832dcaa51181d73ec308ab94467b22a0dc02dc6c853f3aa014512acef85bfa6223acc69ef7ba39483fa1879a786","ssdeep":"","tlshash":"d8615c2b97988f4bdcc616704a394146eb74b6838902fe70133bc1a085efbe3c1e5508","first_seen":"2023-06-27T13:08:24Z","last_seen":"2026-02-19T06:00:31.813257Z","times_seen":45,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=66gpcavpdjto0ovn346m5m24fj\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nlocation: /cdn-cgi/challenge-platform/h/b/scripts/jsd/5783333ceb22/main.js?\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public\r\naccess-control-allow-origin: *\r\ncontent-length: 0\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\nserver: cloudflare\r\ncf-ray: 986291fd895d568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10116,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":4,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/sbar.json?key=a286902791a7f4c98bcb1e812322cd78\u0026uuid=00be331e-6cbf-4e91-a1ce-da2ac7167360%3A2%3A1","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.792Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Aug 2025 21:31:25 GMT","end":"Sun, 02 Nov 2025 21:31:24 GMT"},"fingerprint":{"sha1":"8C:BC:E6:45:99:A6:42:A8:C3:7C:33:7D:77:C5:9E:C7:70:2A:A9:6C","sha256":"44:0D:F2:B1:46:00:9E:72:AB:F2:58:53:DB:2A:6F:97:C8:DF:54:6F:43:D4:84:F7:D4:6A:D5:F7:8B:ED:15:C2"}}},"request":{"raw":"GET /sbar.json?key=a286902791a7f4c98bcb1e812322cd78\u0026uuid=00be331e-6cbf-4e91-a1ce-da2ac7167360%3A2%3A1 HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:18 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 4832\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://torrentdownloads.rutor.app\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=00be331e-6cbf-4e91-a1ce-da2ac7167360:2:1; expires=Sun, 05 Oct 2025 10:31:17 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Mon, 29 Sep 2025 10:31:18 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Mon, 29 Sep 2025 10:31:18 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Mon, 29 Sep 2025 10:31:18 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Mon, 29 Sep 2025 10:31:18 GMT; path=/; secure; SameSite=None\nu_pl15816950=1; expires=Mon, 29 Sep 2025 10:31:18 GMT; path=/; secure; SameSite=None\nsleca286902791a7f4c98bcb1e812322cd78=[6154259]; expires=Sun, 28 Sep 2025 10:31:23 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 212\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: ea737c485c6bfe3245ab3306b2ca47ae\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":6219,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"8192ce0157ea53d0620fee5c02403aa1","sha1":"813b278ed123aef2d6261021f4f90a2157a8ff2b","sha256":"2d99fa2b83960bfc80c0f2222cd4718f43ad439ccf09b46cdc2c3359984fbcec","sha512":"14e2146933831bd6720eca7abb745911128a2b11f5f7a254d0b6798c435e39b16144ba621e3bfac3d8cc175b0f3f2763b86177c13008d12cec5487255f91a79d","ssdeep":"96:9z7JwvkbhEGyVA7JOVEIONrPfbxUtgIB50UyZWOvbii5G+E05H8LY1kLGg:9z1hJn0EXp3bxH25fSWOvui55EgHsn","tlshash":"33d17e7f03ea75323d414e145ac93d6a3fb20487815036cef54bceac54b69243389576","first_seen":"2025-09-28T10:31:49.148645Z","last_seen":"2025-09-28T10:31:49.148645Z","times_seen":1,"resource_available":false,"data":null}},"time_used":304,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":304,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alarbus.nutmeatdruxy.shop/0/giDS1kMtzzz8kL0Yp8K4*A?ck9=eyJhIjo4MzQ5LCJzIjoiMTI4MHgxMDI0IiwiYiI6IjEyODB4MTAyNCIsInIiOiIiLCJxIjoiaHR0cHM6Ly90b3JyZW50ZG93bmxvYWRzLnJ1dG9yLmFwcC8iLCJoIjoyMjMzLCJsIjoiZW4tVVMiLCJ0IjowLCJ6Ijo4Mjc3LCJrIjo0LCJ1IjoiNjdmMzE1ZWI0NzI0YmFhMzQ2N2ZhZSIsImYiOmZhbHNlLCJ3aCI6Im5vdCBpbiBpZnJhbWUiLCJpaCI6Im5vdCBpbiBpZnJhbWUiLCJlIjoiNGNldXgwZ2Z3MzlrN2h0IiwibyI6dHJ1ZSwibSI6MTc1OTA1NTQ4MDA5MywidHMiOjAsInByIjoxLCJoYyI6MzIsImJsIjotMSwiYmMiOjMsInZ2IjoiTWVzYSIsInZyIjoibGx2bXBpcGUiLCJhYyI6MCwiY3QiOiJ1bmtub3duIiwiY2V0IjoidW5rbm93biIsImNkbG0iOi0xLCJjZGwiOi0xLCJjcnR0IjotMSwidG1zIjoxMjAsImNlIjp0cnVlLCJjZCI6MjQsIm9yIjoibGFuZHNjYXBlLXByaW1hcnkiLCJpbSI6dHJ1ZSwiaXNEYXJrVGhlbWUiOmZhbHNlfQ","fqdn":"alarbus.nutmeatdruxy.shop","domain":"nutmeatdruxy.shop","tld":"shop"},"ip":{"addr":"172.255.103.170","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:20.288Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alarbus.nutmeatdruxy.shop","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 19 Aug 2025 01:17:45 GMT","end":"Mon, 17 Nov 2025 01:17:44 GMT"},"fingerprint":{"sha1":"D6:75:F2:F8:C6:E6:B3:B7:DE:C6:A4:CA:E6:59:CC:F1:3A:31:83:8D","sha256":"08:C6:EC:8C:E3:75:33:A2:86:A5:B0:96:98:91:1C:F6:3D:F2:A4:CA:0B:06:CE:40:A9:F2:8D:25:8E:17:5C:F7"}}},"request":{"raw":"POST /0/giDS1kMtzzz8kL0Yp8K4*A?ck9=eyJhIjo4MzQ5LCJzIjoiMTI4MHgxMDI0IiwiYiI6IjEyODB4MTAyNCIsInIiOiIiLCJxIjoiaHR0cHM6Ly90b3JyZW50ZG93bmxvYWRzLnJ1dG9yLmFwcC8iLCJoIjoyMjMzLCJsIjoiZW4tVVMiLCJ0IjowLCJ6Ijo4Mjc3LCJrIjo0LCJ1IjoiNjdmMzE1ZWI0NzI0YmFhMzQ2N2ZhZSIsImYiOmZhbHNlLCJ3aCI6Im5vdCBpbiBpZnJhbWUiLCJpaCI6Im5vdCBpbiBpZnJhbWUiLCJlIjoiNGNldXgwZ2Z3MzlrN2h0IiwibyI6dHJ1ZSwibSI6MTc1OTA1NTQ4MDA5MywidHMiOjAsInByIjoxLCJoYyI6MzIsImJsIjotMSwiYmMiOjMsInZ2IjoiTWVzYSIsInZyIjoibGx2bXBpcGUiLCJhYyI6MCwiY3QiOiJ1bmtub3duIiwiY2V0IjoidW5rbm93biIsImNkbG0iOi0xLCJjZGwiOi0xLCJjcnR0IjotMSwidG1zIjoxMjAsImNlIjp0cnVlLCJjZCI6MjQsIm9yIjoibGFuZHNjYXBlLXByaW1hcnkiLCJpbSI6dHJ1ZSwiaXNEYXJrVGhlbWUiOmZhbHNlfQ HTTP/1.1\r\nHost: alarbus.nutmeatdruxy.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://torrentdownloads.rutor.app/\r\nContent-Type: application/json\r\ncredentials: include\r\nContent-Length: 2\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 28 Sep 2025 10:31:20 GMT\r\ncontent-type: application/json\r\ncontent-length: 97788\r\naccess-control-expose-headers: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://torrentdownloads.rutor.app\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Megageocheckolololo, X-Forwarded-For, X-Requested-With, Cache-Control, Pragma, Expires, Credentials\r\naccess-control-allow-methods: GET, HEAD, POST, PUT, OPTIONS\r\naccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\nvary: Origin, Origin\r\nset-cookie: GGI10=G/kAAASiWFuqP5sxvQhEsekvpqw7Pij+8G8v+spKOr4tqAAgwfRU4vIKxGrurY7k/yOrGX6GcFovzvvFab1Yn3fMcO0U4flieTI89Td1IDCjx0JYbZVT4lVGqbIZ2td3v+oDKOaX3Z6vy+unvDI7edoVeWJXKtCBcIXiy9vvXnCrWZF2PeulnJxmmdVRNGTjD7Xy7UJmmemx+r/CJiOlUyIspWdCbf8/; max-age=3600000; path=/; secure; SameSite=None\nGUI42=G1EDAGRzTeWjR7p6Qu3mU4YH9Pm/d8f/s18Bwh2ttYAWSICBJJLv1p7hISgwsLmvbx6l1gny/4B8HjAzIAA9j+CKoejWQE7Q1BwPyagP3EDzrQkKAFxCMsFpubg+UtqnIlX8zN9T+7IO1X2MMktWiYNbyuVNiRJnf7wfUIbm+H7AEgzQyUwzPGiPsMTAVKsDJfFwD4xfforJPYXioCIf2lWxUYhhKoQ7HRcZYY50oYzyqxv9qsGaDbWD1wCyt75hKpW3uB8gHqUhyEoTSk1RxkUr1lwWVmkJtMRDLDKRhK6JKZeSpVJNYZhr9NBIY1zkqp1pIcXRmpOuXZbnZmrK1GQprh3FhAWw37LLQmbTCH66VE33X9bD3yqgSeP7AeXr1OsuO6qcJayqp9VMtT1A/4JTwT1AkJZzjPhTkAfWGyG/j8JzziRG0P/cNw==; max-age=3600000; path=/; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":97788,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"7074e90cd95ebee99c1fa4aff6cee3a6","sha1":"997d5b6e551cc2ba34e9563e57750167f61b9a3d","sha256":"7b251ef728c38507aa096c9c4d4fdc9451bc264153ae0d5acbaacf81d2904761","sha512":"e28db7b231bfa0f7f5c9fcfd8c24e4a4ff8b4469c01d6726c63d5e303d0a1461013d0f68ea273ccb4c8e8aae52f5b609b9ff9105c0d7db23903f2bc372eb29f3","ssdeep":"1536:yv5JM4nw3yHfGn+Ddnff2kijZwbDsTKjE:yv5J3nwiHfGn+Bn2BjZmDHA","tlshash":"25a3085bf6f23ef22c8409fc581fd08b00e715ede13f477b25599b6a998096468cce86","first_seen":"2025-09-28T10:31:49.150641Z","last_seen":"2025-09-28T10:31:49.150641Z","times_seen":1,"resource_available":false,"data":null}},"time_used":650,"timings":{"blocked":-1,"dns":120,"connect":21,"send":0,"wait":440,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"alarbus.nutmeatdruxy.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"alarbus.nutmeatdruxy.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"alarbus.nutmeatdruxy.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"alarbus.nutmeatdruxy.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.933Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 22 Sep 2025 23:17:32 GMT\r\nexpires: Tue, 22 Sep 2026 23:17:32 GMT\r\ncache-control: public, max-age=31536000\r\nage: 472429\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T11:46:59.437094Z","times_seen":714426,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.361Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:17 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3430\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: bb5d985e8b8a33067587c8e705e29d79\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6293,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6293), with no line terminators","md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"resource_available":true,"data":null}},"time_used":303,"timings":{"blocked":-1,"dns":0,"connect":108,"send":0,"wait":95,"receive":0,"ssl":183},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/cloud_right.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.942Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/cloud_right.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nset-cookie: view=1; Max-Age=86400; Expires=Mon, 29 Sep 2025 10:31:17 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EYB8zI1lihLCSf3vsEiJXL8LhDVjwcRmZ1hkocv3IjfsddtPSCbrI%2F%2F%2BFkOHzyKJA9DXKBlYZPXrRAawrz8rBOip1V20EtUtNV71WwhiTlFhyyqvu9M5og%3D%3D\"}]}\r\ncf-ray: 986291fad93d568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":521,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 20x17, components 3","md5":"05f15635b11488b884928c59a8fda4b1","sha1":"30e72a9bcb8f5c89ece6d7d96e009c551e9178ae","sha256":"ab6d6ce2462b792165029038601d57ed88d82fd85f81fb2b01dff3989dd06d01","sha512":"a77d9be53769b7bb2d4d0e3820293327b28c5eab3ab986fe25d7751665e9638fed0daaad5b2c109394db7387f82a1463a8f1feb72135a938ef546359c8e785f1","ssdeep":"","tlshash":"a4f05577a2429b17d8c4407129b29f18ddbc7ec32556b78e0af6b85938b67610c0012c","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.803546Z","times_seen":45,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/dividen1.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.943Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/dividen1.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=2u8k63dg4d7raoouspjlpa76fm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 10:31:17 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ECOe7nIkphfyKiUrURw9SucMAsbeVemX0MG81MvUGqVgbk3YapX2LV5EkctaZy812hVT0Ecf4qNVqIl4Hqrb3B1mGjaZgKfrFMDpRf7jLFN3maRmiPP9oA%3D%3D\"}]}\r\ncf-ray: 986291fad93f568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":307,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 2x12, components 3","md5":"21fabcaeff05c51309b4bee6f7286f26","sha1":"372ad82808427f1b41d19ad094ea36e4cf658f16","sha256":"efbe2020fa90c3c8931a24172b7af5357e8d7a3a632dbbc05f6434c8ce4ac228","sha512":"7565ca9bf21b4d1efb944dd74a8a13d27a9a138c4016cce8f92285d248bf43cdf1c7d6465b4e369d6a69c72ebec2fa896e784557103198132859aace8cef4c8e","ssdeep":"","tlshash":"afe012773342df17e8e5213077b1935c5b9c65c770175f4e4af17865bc942a40d41159","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.884316Z","times_seen":45,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"directlycascade.com/sbar.json?key=a032b4d33c8aea68a4f9b84235614bff\u0026uuid=d995e3f7-3ab8-4202-88f2-ba729b81cf19%3A2%3A1","fqdn":"directlycascade.com","domain":"directlycascade.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.872Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"directlycascade.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Sep 2025 11:12:27 GMT","end":"Tue, 09 Dec 2025 11:12:26 GMT"},"fingerprint":{"sha1":"76:17:4A:20:73:64:94:52:3B:6A:50:E2:7C:F7:F5:73:52:38:47:A4","sha256":"66:CD:95:7F:5E:D7:56:27:7A:6F:3B:80:CB:84:DC:89:A0:F0:BB:44:49:55:B4:81:76:24:2E:38:E3:FC:78:29"}}},"request":{"raw":"GET /sbar.json?key=a032b4d33c8aea68a4f9b84235614bff\u0026uuid=d995e3f7-3ab8-4202-88f2-ba729b81cf19%3A2%3A1 HTTP/1.1\r\nHost: directlycascade.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:18 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 3842\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://torrentdownloads.rutor.app\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=d995e3f7-3ab8-4202-88f2-ba729b81cf19:2:1; expires=Sun, 05 Oct 2025 10:31:17 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Mon, 29 Sep 2025 10:31:18 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Mon, 29 Sep 2025 10:31:18 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Mon, 29 Sep 2025 10:31:18 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Mon, 29 Sep 2025 10:31:18 GMT; path=/; secure; SameSite=None\nu_pl22675059=1; expires=Mon, 29 Sep 2025 10:31:18 GMT; path=/; secure; SameSite=None\nsleca032b4d33c8aea68a4f9b84235614bff=[4323736]; expires=Sun, 28 Sep 2025 10:31:23 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 216\r\nHost: directlycascade.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 9f192d0429ac8dd9a8343c5a4735dee3\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":6326,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"41de4ca01f3dc61d3ebba9b3bff80206","sha1":"378c8b8703050de285d26bebbbd02d036b371841","sha256":"fecc7f27f2b182dc228bb9db95fe2b5c0375ae452669d701e7d19cd67949ef44","sha512":"05c3c881c2d1229b17456fa7bdf3e4485f9c92e40da4d53a2e4b6a1bc59685db57480951101436c6a6baa65e339fa509bc0cca34c1e32f298f23290b1ea69395","ssdeep":"192:9z6nA/3wKoanA/3wKo5Q0I260n97LArFmfyMRfXp:9z6A/VoaA/VoU2p9EmfhRfXp","tlshash":"83d16c3e3fad7b364a8ace2862c29df45e0c4e4e3ddc7089d527e6cf5508d01a45e119","first_seen":"2025-09-28T10:31:49.159764Z","last_seen":"2025-09-28T10:31:49.159764Z","times_seen":1,"resource_available":false,"data":null}},"time_used":326,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":326,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/ren.gif?sid=H4sIAAAAAAAC_1RSTWgkRRSunhURBUUXvKgwiAcFM-numfTMuIfFdV1ZXDPZH42weKiuqp6U01PVVnVPJ3MKBmQ9OXoQ9dT5Jtmg5rCCV0Eme5GAkPHiHMxlL3rwIMjiUWYymPUd3ntV36uP733UR9vZMakio5OVt3RfxjFdXKq45RdXpeI6t-XlG2XPrbjnyqtSBbVz5fVpMr1XvGqt4r5UfkOwjl70Xc91PdcrX5JGRHp9cYZCJvsNr9JcqjS8itesYd38_2wzB5Y64L1j8hQkHz9xL7oJyUZQ3TsXhe2kOnn59W4W01Qb9Pje26qjdK7QPW0j4yBSe_NpaDsm5IsStNqbbwDd25lugFCOSenp3xCqvblMhL3dE6VhDKEQ8seQ90YQ8QiSjsD0FiQ_IgDjWG5BdW8va5PTjROUTtExefjvPyDzMXnkWQLV3W9daF0vtxKhlkWK9aiAXB9BtkdIsgOk_RJkfgCWfgjJfyaL969AdXdaNtaQfPKC64aiWvXEQsDCaKEmmt4C9ZhY4NSnrO4F9WrgzgyS0QjUlpBZB5l0kEUlZEkJXT4p-5wJr-6LRhgFQT1wG17gBTWfN3zO_WazhoxNlQ-QJgOweABmNpGYTXTkZ0e1laPqOzDZj7BrBSx3YFOCHi-QC4LcEuSUIJcEeUqQ94pdHlvfFrd5bLPQm1d_XqvFUKftbbqr07ZQBNQMYHixI5MP7BZY6gz7kSVDPU00TIshDXmxnRyTJ2fW_vXufXTEpEz9RtB0_XrTo_WoxpqNkIWeaHh-1fcZrzdgZQFpS6DWQV-OiVMcI5FjQj75FSE9gI0PwOTzoNlzoHkBulagr_YzFcaadQSvSA6uCyTpQ0g3nO34mDwzU_De72ch2OH5n76cxldgpkBiCrwv7xK041vDazonO9d0bsl3rSSVXdmnqdTqekpTceabN8VGrg2_fNEOvn6VTYFpu39D2PQKVVyqtiXfXpCcC3NJGybID5ftqghXMrt2ITMqS66svHbpcjcxwlqp1QhUjsmj3lUwOSZn734--9RLQQXSjGCyAt3skMwDLNmETQ7Pf39H_Xnv-j-wmsDEp3iYOMizYmj88L_LoQmj04lYjsnVj28iFqcsNCxgxQMs4oHHdEpHZbFtb6FtHNB0C6pboGcK9OICNB7AZmeGaWIOz_9SnQXC2BmGsXF2wtjEn554buWk7NX8gNc9t8ajwIuWIr8auZFwA8prLuM8QmrHa5PHe_8GAAD__8G58YvDBAAA","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:18.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Aug 2025 21:31:25 GMT","end":"Sun, 02 Nov 2025 21:31:24 GMT"},"fingerprint":{"sha1":"8C:BC:E6:45:99:A6:42:A8:C3:7C:33:7D:77:C5:9E:C7:70:2A:A9:6C","sha256":"44:0D:F2:B1:46:00:9E:72:AB:F2:58:53:DB:2A:6F:97:C8:DF:54:6F:43:D4:84:F7:D4:6A:D5:F7:8B:ED:15:C2"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSTWgkRRSunhURBUUXvKgwiAcFM-numfTMuIfFdV1ZXDPZH42weKiuqp6U01PVVnVPJ3MKBmQ9OXoQ9dT5Jtmg5rCCV0Eme5GAkPHiHMxlL3rwIMjiUWYymPUd3ntV36uP733UR9vZMakio5OVt3RfxjFdXKq45RdXpeI6t-XlG2XPrbjnyqtSBbVz5fVpMr1XvGqt4r5UfkOwjl70Xc91PdcrX5JGRHp9cYZCJvsNr9JcqjS8itesYd38_2wzB5Y64L1j8hQkHz9xL7oJyUZQ3TsXhe2kOnn59W4W01Qb9Pje26qjdK7QPW0j4yBSe_NpaDsm5IsStNqbbwDd25lugFCOSenp3xCqvblMhL3dE6VhDKEQ8seQ90YQ8QiSjsD0FiQ_IgDjWG5BdW8va5PTjROUTtExefjvPyDzMXnkWQLV3W9daF0vtxKhlkWK9aiAXB9BtkdIsgOk_RJkfgCWfgjJfyaL969AdXdaNtaQfPKC64aiWvXEQsDCaKEmmt4C9ZhY4NSnrO4F9WrgzgyS0QjUlpBZB5l0kEUlZEkJXT4p-5wJr-6LRhgFQT1wG17gBTWfN3zO_WazhoxNlQ-QJgOweABmNpGYTXTkZ0e1laPqOzDZj7BrBSx3YFOCHi-QC4LcEuSUIJcEeUqQ94pdHlvfFrd5bLPQm1d_XqvFUKftbbqr07ZQBNQMYHixI5MP7BZY6gz7kSVDPU00TIshDXmxnRyTJ2fW_vXufXTEpEz9RtB0_XrTo_WoxpqNkIWeaHh-1fcZrzdgZQFpS6DWQV-OiVMcI5FjQj75FSE9gI0PwOTzoNlzoHkBulagr_YzFcaadQSvSA6uCyTpQ0g3nO34mDwzU_De72ch2OH5n76cxldgpkBiCrwv7xK041vDazonO9d0bsl3rSSVXdmnqdTqekpTceabN8VGrg2_fNEOvn6VTYFpu39D2PQKVVyqtiXfXpCcC3NJGybID5ftqghXMrt2ITMqS66svHbpcjcxwlqp1QhUjsmj3lUwOSZn734--9RLQQXSjGCyAt3skMwDLNmETQ7Pf39H_Xnv-j-wmsDEp3iYOMizYmj88L_LoQmj04lYjsnVj28iFqcsNCxgxQMs4oHHdEpHZbFtb6FtHNB0C6pboGcK9OICNB7AZmeGaWIOz_9SnQXC2BmGsXF2wtjEn554buWk7NX8gNc9t8ajwIuWIr8auZFwA8prLuM8QmrHa5PHe_8GAAD__8G58YvDBAAA HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nCookie: uid_id2=11615baf-20c6-4fe4-a7eb-8fdaad06d740:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl15816950=1; sleca286902791a7f4c98bcb1e812322cd78=[6154259]; u_pl22675059=1; sleca032b4d33c8aea68a4f9b84235614bff=[4323733]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:18 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 6d3526b99a9cffce2da10fc3dcc2be1e\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xml.pushub.net/search?feed=731277\u0026auth=34VEZr\u0026subid=Torrentdownloads.pro\u0026url=https%3A%2F%2Ftorrentdownloads.rutor.app\u0026query=Content\u0026image_size=0x0\u0026icon_size=0x0\u0026ua=caller\u0026user_ip=caller\u0026format=json\u0026lang=caller\u0026count=1","fqdn":"xml.pushub.net","domain":"pushub.net","tld":"net"},"ip":{"addr":"173.239.53.32","port":443,"asn":27257,"as":"WEBAIR-INTERNET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:20.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pushub.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 06:55:03 GMT","end":"Tue, 25 Nov 2025 06:55:02 GMT"},"fingerprint":{"sha1":"A3:5A:ED:BD:36:B2:05:66:F8:E3:E6:B0:39:04:B8:E1:97:FB:C9:A2","sha256":"0D:F6:9E:28:3C:35:99:6B:9E:9F:C6:9E:C4:01:77:5F:65:1A:86:09:0A:70:19:3A:87:FF:E4:09:95:EC:9C:52"}}},"request":{"raw":"GET /search?feed=731277\u0026auth=34VEZr\u0026subid=Torrentdownloads.pro\u0026url=https%3A%2F%2Ftorrentdownloads.rutor.app\u0026query=Content\u0026image_size=0x0\u0026icon_size=0x0\u0026ua=caller\u0026user_ip=caller\u0026format=json\u0026lang=caller\u0026count=1 HTTP/1.1\r\nHost: xml.pushub.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Sep 2025 10:31:21 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 348\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://torrentdownloads.rutor.app\r\nCache-Control: no-store\r\nAccess-Control-Allow-Credentials: true\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":348,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7da81a2b5b12842d8128d08aae152239","sha1":"0d15edc57466f286703bb48c4d07130c76025f92","sha256":"47488b1aef1946fafb9f37be087ae88eecac0be58ee21a3805a67a73f9810c95","sha512":"5df55d439f1381a803cdedb040aba17ce309f0274f8bcbd7e87547e30617ae76876c44e826feaaf630110c62a89d81b3dbc0185f85bf98536ba2b7321ff44787","ssdeep":"","tlshash":"8de0207f06481d1ad35442447b5451e95c6757290c9e5a651305dd1840dc6ee7cf178c","first_seen":"2025-09-28T10:31:49.164749Z","last_seen":"2025-09-28T10:31:49.164749Z","times_seen":1,"resource_available":false,"data":null}},"time_used":854,"timings":{"blocked":320,"dns":4,"connect":104,"send":0,"wait":212,"receive":0,"ssl":212},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=d995e3f7-3ab8-4202-88f2-ba729b81cf19\u0026eb=bcc2bf15b54b9ef4041d8328a3a75221\u0026te=cb12021f3311658dba63bcdbf4a88a26\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=a286902791a7f4c98bcb1e812322cd78\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=10","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 21:53:17 GMT","end":"Fri, 28 Nov 2025 21:53:16 GMT"},"fingerprint":{"sha1":"AA:2A:FC:C2:EE:01:8F:55:3F:19:46:84:4A:C8:A0:95:62:50:5C:A3","sha256":"3D:8C:1A:2E:1F:32:30:D4:D8:4F:D2:FB:CC:99:F1:9C:05:E5:7B:D8:9D:7D:24:86:AD:C5:1E:62:55:44:A4:CA"}}},"request":{"raw":"GET /pxf.gif?uuid=d995e3f7-3ab8-4202-88f2-ba729b81cf19\u0026eb=bcc2bf15b54b9ef4041d8328a3a75221\u0026te=cb12021f3311658dba63bcdbf4a88a26\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=a286902791a7f4c98bcb1e812322cd78\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=10 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:21 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 14\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 5523da6bb9976a22baf16d192d110947\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":670,"timings":{"blocked":280,"dns":4,"connect":92,"send":0,"wait":109,"receive":0,"ssl":183},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fjs%2Fscript.js\u0026l=958\u0026fd=419","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fjs%2Fscript.js\u0026l=958\u0026fd=419 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:21 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":486,"timings":{"blocked":209,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":184},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/app/apx19.js","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.760Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /app/apx19.js HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:16 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Fri, 12 Sep 2025 20:22:01 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MxiZMmvwwbFMw92xOt5SLMxlGzcHntAUKkpwIflUX1O%2BhQsPtzTiIM0UP%2BFPdMNclReYCFwlLNhEkR1p0MY5l7cYJFF2jt4ZBgdYoP24xquUAOU3iPIA2ZrW\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"68c480e9-23df\"\r\ncontent-encoding: br\r\ncf-ray: 986291f9bf22c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9183,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (9183), with no line terminators","md5":"2344c3f05f624d595f6fb920e4d74ded","sha1":"eb4d1404ac2d5eecd307f4588aeeab5c8ef463f1","sha256":"3a28fe59e4a2af96d8edeeb12d7040c574cf71fa88fccb5cf49e9c0a1d4e4c7a","sha512":"b1660b062c77332a119e159c5c69d3f75d375915a33f141503232f424c4fdd990998a883c271efb94e8eb909f7837d235354ecae15b58fc23ab9d1908170e831","ssdeep":"192:yfBLCNsvzXnQQuWYQVN6nYaRB5c5FM/MR6Adpf04u7w2Br:4gNYXnrYtBONxpf05r","tlshash":"62126cc87ac7f00b53ed8a53ae1a66b8117b946362a47907d3bcf6cd15e920bc179cc4","first_seen":"2023-03-07T12:40:02Z","last_seen":"2026-04-03T18:56:21.982955Z","times_seen":3505,"resource_available":true,"data":null}},"time_used":225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":225,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.291Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:17 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3430\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: da09142989b5c63a66f3b96a0a4b3e72\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":6293,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6293), with no line terminators","md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"resource_available":true,"data":null}},"time_used":375,"timings":{"blocked":0,"dns":4,"connect":91,"send":0,"wait":95,"receive":0,"ssl":185},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/au/48/48/eb/4848ebd6f7295875a5d388ec2488aba3/1648542421.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"172.67.170.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:18.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 11:11:15 GMT","end":"Sat, 08 Nov 2025 12:08:40 GMT"},"fingerprint":{"sha1":"46:26:78:BD:18:7A:95:15:D4:B3:89:73:FE:7E:99:33:18:7F:21:3E","sha256":"AD:6B:6A:10:54:38:33:B9:BB:A6:FD:B7:B0:1B:2E:9D:62:B8:47:35:C4:E6:7B:F6:4A:92:AA:75:B0:29:F7:F3"}}},"request":{"raw":"GET /sb/au/48/48/eb/4848ebd6f7295875a5d388ec2488aba3/1648542421.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:18 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Tue, 29 Mar 2022 08:27:10 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oomVFuQBSJzi9lxbIwqcWXHf7%2Bp8oY3IXeTKSWGlUGTv5J%2Bgl2sixVSPKPD%2F%2BMpJ7PAuZjawat8egwm54w4%2FfklQD1bgTPofRjDd7yY%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 98629202d89e7127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1538,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"5a7df8dcac4cde2aeadb9f07a622d3fa","sha1":"4044f12fce935458c93ef71de58ac6bf97b28bba","sha256":"ccec003eccd7e299f825c7e48ba721d529f1c110bb5b60c60a18dca61cb6b45a","sha512":"4d075a467bec7bf6b68a5da10f2547cb101bf9ed75390e2d0629f7f35430a67b850253fb6b4c5381a1dfeaa642299088afce7a6d65e76ef173705c40a34fbc8f","ssdeep":"","tlshash":"6531055a2ee9c57701e35484bb342f2bed91aa83880a690173fc59a48f96dd1ce63407","first_seen":"2023-04-07T07:09:28Z","last_seen":"2026-04-04T10:53:20.228397Z","times_seen":995,"resource_available":false,"data":null}},"time_used":416,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":416,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:20.764Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:49 GMT","end":"Mon, 01 Dec 2025 08:36:48 GMT"},"fingerprint":{"sha1":"9E:38:51:02:B6:22:9C:08:6B:24:B8:A0:EB:DB:60:D9:27:B2:68:90","sha256":"67:AF:7E:56:AB:8D:96:FB:D0:75:CA:28:6D:16:B6:67:FD:7F:58:6F:CC:AA:78:B5:01:13:76:2C:AB:BE:80:4E"}}},"request":{"raw":"GET /css2?family=Roboto:wght@300;400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 28 Sep 2025 10:31:20 GMT\r\ndate: Sun, 28 Sep 2025 10:31:20 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22340,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"272f4d1bd71f769c1d68a20fc73925b1","sha1":"83631762c43a1453589bdf542c4ec309b1305c44","sha256":"bfe3f70239d945b864c31d976d9fc47603acb4809ce64a0d141a14c3d33713cc","sha512":"e40c4fe005c28a396890074c979fd9e6b9711d6a1d757eeb8048292dfc1581a90b23d964f718a1489637bf8a35a1cc55253c4a520ba275b0b5cfc0f75e63aa85","ssdeep":"384:pwf5wgwPwrwyUw/qY4+w4wYwpwfMw1wWw6wyhw/qY4XwNwtwiwfDwOwdwBwyaw/y:pc70afUQRptmJKBLfhQE8YtCR6UfaQ7a","tlshash":"fca2eda1041740009b835ce223cebf35fe5f92117141d0b9abfd9b6badcbc6652693ad","first_seen":"2025-09-08T23:33:19.770085Z","last_seen":"2025-11-18T23:51:39.525584Z","times_seen":7260,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/big1/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:20.925Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/big1/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:21 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa84fe-102f\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2hwS8xTY%2FdUwd%2FMGK6QxkYeSgnHclwHIJ4h%2BD9lmJkn0%2BpVIFIG9MQ2nJIA2u6J3Txkmj5OiiKJgiVCivSJ1uwKQ0iE02Hu6qKq6pI%2B3\"}]}\r\ncf-ray: 986292141ec5712a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4143,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"42edbe7ea0d50c15a58bcf3cd1f43df2","sha1":"5a96da3c26cc968e5d1e60959aaaf5bad7e69e0c","sha256":"e12dbbf55a5eca972392177c56db92c2d803a1f3d3052caed3fb8d48a1eb45ae","sha512":"3fedfc13ddece3079276d608e54e48e96cf1111800c0c3a89e7ada26676ece61e6454103e8f00d573f6853ee34fec799e4c2211f3d2361b9cedc9a3611d020d4","ssdeep":"96:iTMXPnMbz7yHP/qmJxMX5fivTMXEtsBxkTMG2bCIbkOWfQbkOWfAbkO3oYQD9ytP:IMXUXg3JxMX5oMXEt+x/nbP3T3D3jV","tlshash":"7381315367230e40b506c9a63fa57b4323284523864be9793fc1674c8fca69dd2d238f","first_seen":"2024-03-15T10:41:13Z","last_seen":"2026-04-04T10:53:20.226531Z","times_seen":782,"resource_available":false,"data":null}},"time_used":519,"timings":{"blocked":50,"dns":0,"connect":2,"send":0,"wait":419,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/img/close.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/small/img/close.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 591\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"65aa84fe-24f\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 2612903\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k%2FVwaY%2Bfe6IuPrR2HBQ0YllpP9wsgKFccVjXP2Z3wSbuR1yq%2FOF06g%2FseBpbgKl5Me3xM8PEKaS%2Fb6RtX8DWgoxR6o9Yth09MI4DOnJq\"}]}\r\ncf-ray: 986292146f16712a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":591,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced","md5":"9fd5bcb6103d86e317bd1eb019bcbe71","sha1":"6b5a52ea669dcb74946f2bed4bdd7ec985026113","sha256":"0ddd3be104ac7945fb062096df62034a6a24ecc76ba92493c35c62c3c25982ae","sha512":"e244a8842c009fa83e8d9d1088ec5b76ca2a42660568b7886e01724977b9ebd4e43690e0c651e25287c64dcc4826391b34cae6a106e2148139450dd05fc5a562","ssdeep":"","tlshash":"b0f0414e7c5903a1874caf3b18dd00119c27898077c82e0db689eed20e008e215471da","first_seen":"2023-04-11T11:09:41Z","last_seen":"2026-04-04T10:53:20.237669Z","times_seen":4674,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/big1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/big1/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:21 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gDQ%2BkbOAg2cA9erDntSHTRRI2ipqLRYWCX2BemYFkDjM9HB3iJO%2Bh9qAVuLCp%2BJIn%2FkK12ID2cl3ResAEGpybvkM35QjrANWiSXn0z43\"}]}\r\nage: 112139\r\ncf-cache-status: HIT\r\netag: W/\"65aa84fe-1499c\"\r\ncontent-encoding: br\r\ncf-ray: 986292147f21712a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":84380,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32025)","md5":"4a356126b9573eb7bd1e9a7494737410","sha1":"8258d046f17dd3c15a5d3984e1868b7b5d1db329","sha256":"22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5","sha512":"005c3102459dbf145df6a858629d6a6de4598fafe24cd989d86170731b0c3b3c304da470cf66bfd935f6db911b723df0857b5ed561906f7f1c5c4e63ed9430de","ssdeep":"1536:/P10iSi65U/dXXeyhzeBuG+HYE0mdkuJO1z6Oy4sh3J1A72BjmN7TwpDKba98HrZ:++414Jiz6fh6lTqya98HrZ","tlshash":"dc83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-04T10:53:20.244551Z","times_seen":15945,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/input_bg1.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/input_bg1.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/templates/new/css/style.css\r\nCookie: view=1; PHPSESSID=6rukjqf6oumlp8eebjgv9ub64r\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nset-cookie: view=1; Max-Age=86400; Expires=Mon, 29 Sep 2025 10:31:17 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=djouy9mqYVlJToET69MiiFONvunW4yYWmE1eTuOAMFvhaWZPq26ZFE9eLB7xX%2B8P%2BpF9p7nbQbQaXkUhZCN7tXi3dOwA9k4GlYU6wgQx%2FFIeZs0jKp0xyg%3D%3D\"}]}\r\ncf-ray: 986291fac92e568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":832,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 132x24, components 3","md5":"cc01739f91cbe03fd834eb7fdc796baa","sha1":"0cc66bac65618c69bfbc539b46c9b2c238dbd0fd","sha256":"f6086bf89570bca8881bea0f2753414cc80f6b7beb119570d1ca6d9f459dea61","sha512":"6f44a24bef5a9a1ece8288927a6b6d23bb4325c7d681bcfbf2c5818052570dee302620c08fc0ea4637b40ac94fceb7551cfb4015db6e78b462a2f18d192df6eb","ssdeep":"","tlshash":"8501b8357eab9b0bfd0a113121b6e7317b4c8283a01f062c59f1feb87dc94902b6a149","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.898872Z","times_seen":45,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:07:02 GMT","end":"Sat, 29 Nov 2025 00:07:01 GMT"},"fingerprint":{"sha1":"AD:4F:15:9E:60:62:A7:16:BA:4B:37:64:C6:01:6B:2B:99:47:89:BE","sha256":"44:74:EA:98:35:48:9C:28:63:20:61:17:18:F6:2B:0A:57:68:36:F4:EF:B0:67:1E:C0:7C:41:30:13:2C:02:F1"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:17 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a3372c2ba667bdd9819f335513ca2df6\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":0,"dns":2,"connect":25,"send":0,"wait":24,"receive":0,"ssl":53},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/cdn-cgi/rum?","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 425\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nCookie: PHPSESSID=66gpcavpdjto0ovn346m5m24fj\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 404 Not Found\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3cXJz7486hN2d1FXuWM4%2BpdVsCrOQ3YrrR7U0a0Fq1DKz2Kns95vWMtDkm6BhuuS%2B1XGmvnwPrFsPvOvduGmX3YC28LnXX4Xbg%2BBwC%2BsKYTu4ZVIPy8frg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 986291fd995e568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":151,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"45efc4779b2e6b43ed200755328af518","sha1":"badb6097a3c8fad00517f38352ba72b9f7b6637b","sha256":"d66dd0f2f24c4343661a5396e1ba76782fe651f7d422209eded956ebf90900fc","sha512":"862ceb668672d90ed3da9419ca69bf0214b5c34dec2353fea792a75fb1c0c2e5fd54e6e56cf1e9d4d60c4eaa7d98411f5cb5e128be2661d9bbd084d0dbd085e0","ssdeep":"","tlshash":"a1c02b3d35637e0c8563303522c3b190d0c6833774ba00220500c00330cb2e9cac33d7","first_seen":"2023-09-18T10:37:28Z","last_seen":"2026-04-04T11:46:36.879712Z","times_seen":12823,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/sbar.json?key=a032b4d33c8aea68a4f9b84235614bff\u0026uuid=11615baf-20c6-4fe4-a7eb-8fdaad06d740%3A3%3A1","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Aug 2025 21:31:25 GMT","end":"Sun, 02 Nov 2025 21:31:24 GMT"},"fingerprint":{"sha1":"8C:BC:E6:45:99:A6:42:A8:C3:7C:33:7D:77:C5:9E:C7:70:2A:A9:6C","sha256":"44:0D:F2:B1:46:00:9E:72:AB:F2:58:53:DB:2A:6F:97:C8:DF:54:6F:43:D4:84:F7:D4:6A:D5:F7:8B:ED:15:C2"}}},"request":{"raw":"GET /sbar.json?key=a032b4d33c8aea68a4f9b84235614bff\u0026uuid=11615baf-20c6-4fe4-a7eb-8fdaad06d740%3A3%3A1 HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:18 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 4850\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://torrentdownloads.rutor.app\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=11615baf-20c6-4fe4-a7eb-8fdaad06d740:3:1; expires=Sun, 05 Oct 2025 10:31:17 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Mon, 29 Sep 2025 10:31:18 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Mon, 29 Sep 2025 10:31:18 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Mon, 29 Sep 2025 10:31:18 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Mon, 29 Sep 2025 10:31:18 GMT; path=/; secure; SameSite=None\nu_pl22675059=1; expires=Mon, 29 Sep 2025 10:31:18 GMT; path=/; secure; SameSite=None\nsleca032b4d33c8aea68a4f9b84235614bff=[4323733]; expires=Sun, 28 Sep 2025 10:31:23 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 222\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 59e8b3f35ed8e45fb56c3fa5a24bf360\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6226,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"0071872c550e558a0e7b474040ba9219","sha1":"27a122b182e529e33d5310e6d44520d8b43b3f48","sha256":"818a88c35a45ef49a0b726db67edd8e6db8054b337c394c83cb1a748273d0d2d","sha512":"c4cb045ad75c146635a25b00bd3aaae04641107e0642445d93f838f8e6e614716c77a5648a0feedb4d858a2f11a5989b2e1d39b0ed75b176daa955c624ca1d08","ssdeep":"192:9zEDBs3zmw0W19u6CZY4W1FO0KBePvqF63+MyYHBp:9zEDBamwb9u6CZY3KUqF63+MHBp","tlshash":"0fd18e2e059135d14bc99a5cb88facc22d503e40b849b8ad4f27cb9d5c9f48c3619e39","first_seen":"2025-09-28T10:31:49.179457Z","last_seen":"2025-09-28T10:31:49.179457Z","times_seen":1,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":317,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F37%2F53%2F81%2F3753818e0c2f1ad10c29c0db8970b6aa%2F1698745392.html\u0026l=1380\u0026fd=468","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:18.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F37%2F53%2F81%2F3753818e0c2f1ad10c29c0db8970b6aa%2F1698745392.html\u0026l=1380\u0026fd=468 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:18 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":114,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":114,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/icons/menu_icon3.png","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/icons/menu_icon3.png HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:16 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\ncf-cache-status: BYPASS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YnPdqplkjamYrpSdafG3Kd5S%2F%2BOP6uCRxP3Ddf5to7Lq%2BP9pjn8EpWCORvYAIbXawouH3SIGPyQBgW3Q63UaUyOd6bOPpldh39qaCM0YEmKDRokheo%2FUKbhY\"}]}\r\nset-cookie: view=1; Max-Age=86400; Expires=Mon, 29 Sep 2025 10:31:16 GMT\nPHPSESSID=7vic577rlnrfghau355hetqcm8; Path=/\r\ncf-ray: 986291f99ebfc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":692,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 12, 8-bit/color RGB, non-interlaced","md5":"9a816e67321bc2d584faea218da0e955","sha1":"57a8f8afa693d85475f2a271526d019e373b0a91","sha256":"042cb4f6e074921b965b72746e474880ea1d67b7e91d93ba9f75e52dc8a2c3f9","sha512":"582d8ad26ffef7874917afe2c3f3ff7ad9be8bec9d1d015adc8568f0261bbf7e23f720849d8771b57ebbf5277e9faa2353c0311da16da55e44a49ac2c6f36c61","ssdeep":"","tlshash":"320188daa59334a4c4514974acf13330d5f3c04c1a49f496bfab8a5f55206050c0a2dd","first_seen":"2023-07-03T10:28:09Z","last_seen":"2026-02-19T06:00:31.863171Z","times_seen":39,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"directlycascade.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js","fqdn":"directlycascade.com","domain":"directlycascade.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.761Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"directlycascade.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Sep 2025 11:12:27 GMT","end":"Tue, 09 Dec 2025 11:12:26 GMT"},"fingerprint":{"sha1":"76:17:4A:20:73:64:94:52:3B:6A:50:E2:7C:F7:F5:73:52:38:47:A4","sha256":"66:CD:95:7F:5E:D7:56:27:7A:6F:3B:80:CB:84:DC:89:A0:F0:BB:44:49:55:B4:81:76:24:2E:38:E3:FC:78:29"}}},"request":{"raw":"GET /a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js HTTP/1.1\r\nHost: directlycascade.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:17 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 29957\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: directlycascade.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 1d69d57ec92c9130fe85724ce195c1cd\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":76340,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"515f2a5a33b2445fe9fe42c31b544e62","sha1":"18cfa468f653ae4e2c34f18e181f6ac0c760dc96","sha256":"04742ee0ee939f15d239e56a480b6b4f4d8b8382b2918157ff1eb9ef9b75dbd2","sha512":"2d0613cb6eef139d0ef0b4d98afe9b93abccc5c870b3610b1fd84efe9f656250b35c9dd52aa9e962be42c695c819605b3ec87f7e222dd236dd8e6fcc639a9c4e","ssdeep":"768:mpCxicwKzukjCm/hYE4JoYC3ouzBcX2nVrHpSFXcdDqxv1l2qo0uw7T3SPGw6PXL:mppUCQ37rVT0Rcd+9keSPjkCI","tlshash":"ab73ea4c7f95f1ac13a26073222f941bf12a1d51b06cf8c8d253e8bc6eb9769b536b14","first_seen":"2025-09-26T16:35:49.511268Z","last_seen":"2025-10-08T07:17:41.055267Z","times_seen":56,"resource_available":true,"data":null}},"time_used":498,"timings":{"blocked":-1,"dns":28,"connect":91,"send":0,"wait":98,"receive":90,"ssl":191},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.358Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:17 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3430\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 21abd1bd0b7d51dcb9ae3ab05f71420e\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":6293,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6293), with no line terminators","md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"resource_available":true,"data":null}},"time_used":372,"timings":{"blocked":-1,"dns":4,"connect":91,"send":0,"wait":93,"receive":0,"ssl":184},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"directlycascade.com/ren.gif?sid=H4sIAAAAAAAC_1RSP2wcxReevfz0ExIIBAUNIF2RIkj4vP98t0eKKCEJGILPSgIRCs3Mzux58O7OMrN7ez6aiEgoouGgSrn-zokFuIAeJHSmQRFIXhquwEKiokeRaBA6-4TDK957M9-bp-998z7aLg6Jh4LO1t9UIxnHdHmlZTfP3JApV6Vprl1vOnbLPtu8IdO2f7Y5nDs9eNnx_Jb9YvNVEW6qZdd2bNuxneZlqUWkhstHKGS2Fzit7korcFpO18dQ__dsCguGWuCDQ_IMJK-f-j26CRlOkSZfXRRmM1fZS5eSIqa50hjw3bfSzVSVKZKTNNIWonR3UQ1lakLuNqDS3cUEUIOd-QRgsiaNZ38FS3cXNMEG946ZshgiBeOPoxxMIeIpJJ0iVLch-QEBQo61HtLk_prSJd06Rukcrcn___wDsqzJY88TpMle70LvWrOXiXRN5BhGFeRwCtmfIiv2kY8akOU-wvxDSP4TWX54BWmy0zOxguSz07zbXRFe1FnyKAuWfNd2l4IgcpcY7bhdFjhh5HSPBJLRFNQ0UBgLhbRQRA0UWQMJnzVdHgqn44qARe12p20HTttp-y4PXM7dbtdHEc6Zj5FnY4TxGKG-hUzfwqb87MBfP_Dehi6-g9moYLgFkxMMeIVSEJSGoKQEpSQoc4JyUN3jsXFNdZ_HpmDOIrqL6FUTlfe36T2V90VKQPUYmlc7Mnvf3EaYW5NRZMhEzR1leTWhjFfb2SF5ei6t9c7fBpti1qS25zKfe14YUEHbAfWjLgt811tpOz6LIhhZQZoGqLEwkjXp1D8gkzUhn_wCRvdh4n2E8hRo8QJoWYFuVBile1zqTKvhVitUCbiqkOX_Q75lbceH5Lmjzz3_112I8MG5n70jQ6grZLrCe_J7gn58Z3JVlWTnqioN-bqX5TKRI5pLlV7LaS5OffGG2CqV5qsXzfjz8-EcmKd714XJr9CUy7RvyJcXJOdCX1Y6FOTbVXNDsPXCbFwodFpkV9ZfubyaZFoYI1U6BZU1sT74EaGsyROvXzpa6tOrH0PqKXRRISkekIUhzG7BZCfcjSLQ8QnOMgtlUU20y_69nGgWnVTEsiav3fwNsXhwbj__Rr175iEoq2DEI13EI4_pvB2V1ba5g762QPPbSJMKA11hEFeg8RimODXJM33Ci8XWhMXa2mGxjj891tzIWdPx3TbvOLbPo7YTrUSuF9mRsNuU-3bIeYTc1BuzJwf_BAAA__8E1QsYwwQAAA==","fqdn":"directlycascade.com","domain":"directlycascade.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:18.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"directlycascade.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Sep 2025 11:12:27 GMT","end":"Tue, 09 Dec 2025 11:12:26 GMT"},"fingerprint":{"sha1":"76:17:4A:20:73:64:94:52:3B:6A:50:E2:7C:F7:F5:73:52:38:47:A4","sha256":"66:CD:95:7F:5E:D7:56:27:7A:6F:3B:80:CB:84:DC:89:A0:F0:BB:44:49:55:B4:81:76:24:2E:38:E3:FC:78:29"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSP2wcxReevfz0ExIIBAUNIF2RIkj4vP98t0eKKCEJGILPSgIRCs3Mzux58O7OMrN7ez6aiEgoouGgSrn-zokFuIAeJHSmQRFIXhquwEKiokeRaBA6-4TDK957M9-bp-998z7aLg6Jh4LO1t9UIxnHdHmlZTfP3JApV6Vprl1vOnbLPtu8IdO2f7Y5nDs9eNnx_Jb9YvNVEW6qZdd2bNuxneZlqUWkhstHKGS2Fzit7korcFpO18dQ__dsCguGWuCDQ_IMJK-f-j26CRlOkSZfXRRmM1fZS5eSIqa50hjw3bfSzVSVKZKTNNIWonR3UQ1lakLuNqDS3cUEUIOd-QRgsiaNZ38FS3cXNMEG946ZshgiBeOPoxxMIeIpJJ0iVLch-QEBQo61HtLk_prSJd06Rukcrcn___wDsqzJY88TpMle70LvWrOXiXRN5BhGFeRwCtmfIiv2kY8akOU-wvxDSP4TWX54BWmy0zOxguSz07zbXRFe1FnyKAuWfNd2l4IgcpcY7bhdFjhh5HSPBJLRFNQ0UBgLhbRQRA0UWQMJnzVdHgqn44qARe12p20HTttp-y4PXM7dbtdHEc6Zj5FnY4TxGKG-hUzfwqb87MBfP_Dehi6-g9moYLgFkxMMeIVSEJSGoKQEpSQoc4JyUN3jsXFNdZ_HpmDOIrqL6FUTlfe36T2V90VKQPUYmlc7Mnvf3EaYW5NRZMhEzR1leTWhjFfb2SF5ei6t9c7fBpti1qS25zKfe14YUEHbAfWjLgt811tpOz6LIhhZQZoGqLEwkjXp1D8gkzUhn_wCRvdh4n2E8hRo8QJoWYFuVBile1zqTKvhVitUCbiqkOX_Q75lbceH5Lmjzz3_112I8MG5n70jQ6grZLrCe_J7gn58Z3JVlWTnqioN-bqX5TKRI5pLlV7LaS5OffGG2CqV5qsXzfjz8-EcmKd714XJr9CUy7RvyJcXJOdCX1Y6FOTbVXNDsPXCbFwodFpkV9ZfubyaZFoYI1U6BZU1sT74EaGsyROvXzpa6tOrH0PqKXRRISkekIUhzG7BZCfcjSLQ8QnOMgtlUU20y_69nGgWnVTEsiav3fwNsXhwbj__Rr175iEoq2DEI13EI4_pvB2V1ba5g762QPPbSJMKA11hEFeg8RimODXJM33Ci8XWhMXa2mGxjj891tzIWdPx3TbvOLbPo7YTrUSuF9mRsNuU-3bIeYTc1BuzJwf_BAAA__8E1QsYwwQAAA== HTTP/1.1\r\nHost: directlycascade.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nCookie: uid_id2=d995e3f7-3ab8-4202-88f2-ba729b81cf19:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl22675059=1; sleca032b4d33c8aea68a4f9b84235614bff=[4323736]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 10:31:18 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: directlycascade.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 94801f1f998ab920a52ee52b9444f0d7\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":114,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":114,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alarbus.nutmeatdruxy.shop/0/giDS1kMtzzz8kL0Yp8K4*A?ck9=eyJhIjo4MzQ5LCJzIjoiMTI4MHgxMDI0IiwiYiI6IjEyODB4MTAyNCIsInIiOiIiLCJxIjoiaHR0cHM6Ly90b3JyZW50ZG93bmxvYWRzLnJ1dG9yLmFwcC8iLCJoIjoyMjMzLCJsIjoiZW4tVVMiLCJ0IjowLCJ6Ijo4Mjc3LCJrIjo0LCJ1IjoiNjdmMzE1ZWI0NzI0YmFhMzQ2N2ZhZSIsImYiOmZhbHNlLCJ3aCI6Im5vdCBpbiBpZnJhbWUiLCJpaCI6Im5vdCBpbiBpZnJhbWUiLCJlIjoiNGNldXgwZ2Z3MzlrN2h0IiwibyI6dHJ1ZSwibSI6MTc1OTA1NTQ4MDA5MywidHMiOjAsInByIjoxLCJoYyI6MzIsImJsIjotMSwiYmMiOjMsInZ2IjoiTWVzYSIsInZyIjoibGx2bXBpcGUiLCJhYyI6MCwiY3QiOiJ1bmtub3duIiwiY2V0IjoidW5rbm93biIsImNkbG0iOi0xLCJjZGwiOi0xLCJjcnR0IjotMSwidG1zIjoxMjAsImNlIjp0cnVlLCJjZCI6MjQsIm9yIjoibGFuZHNjYXBlLXByaW1hcnkiLCJpbSI6dHJ1ZSwiaXNEYXJrVGhlbWUiOmZhbHNlfQ","fqdn":"alarbus.nutmeatdruxy.shop","domain":"nutmeatdruxy.shop","tld":"shop"},"ip":{"addr":"172.255.103.170","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:20.095Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alarbus.nutmeatdruxy.shop","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 19 Aug 2025 01:17:45 GMT","end":"Mon, 17 Nov 2025 01:17:44 GMT"},"fingerprint":{"sha1":"D6:75:F2:F8:C6:E6:B3:B7:DE:C6:A4:CA:E6:59:CC:F1:3A:31:83:8D","sha256":"08:C6:EC:8C:E3:75:33:A2:86:A5:B0:96:98:91:1C:F6:3D:F2:A4:CA:0B:06:CE:40:A9:F2:8D:25:8E:17:5C:F7"}}},"request":{"raw":"OPTIONS /0/giDS1kMtzzz8kL0Yp8K4*A?ck9=eyJhIjo4MzQ5LCJzIjoiMTI4MHgxMDI0IiwiYiI6IjEyODB4MTAyNCIsInIiOiIiLCJxIjoiaHR0cHM6Ly90b3JyZW50ZG93bmxvYWRzLnJ1dG9yLmFwcC8iLCJoIjoyMjMzLCJsIjoiZW4tVVMiLCJ0IjowLCJ6Ijo4Mjc3LCJrIjo0LCJ1IjoiNjdmMzE1ZWI0NzI0YmFhMzQ2N2ZhZSIsImYiOmZhbHNlLCJ3aCI6Im5vdCBpbiBpZnJhbWUiLCJpaCI6Im5vdCBpbiBpZnJhbWUiLCJlIjoiNGNldXgwZ2Z3MzlrN2h0IiwibyI6dHJ1ZSwibSI6MTc1OTA1NTQ4MDA5MywidHMiOjAsInByIjoxLCJoYyI6MzIsImJsIjotMSwiYmMiOjMsInZ2IjoiTWVzYSIsInZyIjoibGx2bXBpcGUiLCJhYyI6MCwiY3QiOiJ1bmtub3duIiwiY2V0IjoidW5rbm93biIsImNkbG0iOi0xLCJjZGwiOi0xLCJjcnR0IjotMSwidG1zIjoxMjAsImNlIjp0cnVlLCJjZCI6MjQsIm9yIjoibGFuZHNjYXBlLXByaW1hcnkiLCJpbSI6dHJ1ZSwiaXNEYXJrVGhlbWUiOmZhbHNlfQ HTTP/1.1\r\nHost: alarbus.nutmeatdruxy.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,credentials\r\nReferer: https://torrentdownloads.rutor.app/\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 28 Sep 2025 10:31:20 GMT\r\ncontent-length: 0\r\naccess-control-expose-headers: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://torrentdownloads.rutor.app\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Megageocheckolololo, X-Forwarded-For, X-Requested-With, Cache-Control, Pragma, Expires, Credentials\r\naccess-control-allow-methods: GET, HEAD, POST, PUT, OPTIONS\r\naccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\nvary: Origin, Origin\r\nallow: OPTIONS, POST\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":356,"timings":{"blocked":167,"dns":120,"connect":22,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"alarbus.nutmeatdruxy.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"alarbus.nutmeatdruxy.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"alarbus.nutmeatdruxy.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"alarbus.nutmeatdruxy.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brewed.grasnibrowsed.shop/mtn/123057/fa5f27a2cebac1abf4a2101373d5e03d.1351055434.000","fqdn":"brewed.grasnibrowsed.shop","domain":"grasnibrowsed.shop","tld":"shop"},"ip":{"addr":"23.109.170.198","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:20.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"brewed.grasnibrowsed.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Sep 2025 04:21:52 GMT","end":"Sat, 27 Dec 2025 04:21:51 GMT"},"fingerprint":{"sha1":"CF:43:8D:F9:8A:55:69:59:6C:6B:C7:67:5C:5D:B2:BD:8A:1E:00:3F","sha256":"2A:DF:64:DD:5D:14:25:B6:20:E4:EA:7B:9F:DD:CA:F9:78:D2:51:14:65:05:C8:83:24:31:1B:B3:1E:8E:AE:0C"}}},"request":{"raw":"OPTIONS /mtn/123057/fa5f27a2cebac1abf4a2101373d5e03d.1351055434.000 HTTP/1.1\r\nHost: brewed.grasnibrowsed.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://torrentdownloads.rutor.app/\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 28 Sep 2025 10:31:20 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://torrentdownloads.rutor.app\r\naccess-control-allow-headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires\r\naccess-control-max-age: 600\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"0d7a61a5ae2424f444691dfa38e694ae","sha1":"dfb2f770cb7740844d94d2a2517af244b34c56ae","sha256":"e3c083d0e62029a9fc90700e7effced43eb213718ad4e7517e5b05a5a0ad9e49","sha512":"dc4531ceee0347383f28990bd01470ce323b0338a83b5b51e2640e3a9d1509346e23fe490ebfaeb4d7a86fd8ef22d2d6465990e6cb6583468d47174b97d25d03","ssdeep":"","tlshash":"8a30000000000000000000c0000000000000000000000000000300000c0c000c000000","first_seen":"2025-06-10T16:02:54.181066Z","last_seen":"2026-04-02T19:45:08.476061Z","times_seen":1524,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 22 Sep 2025 23:17:32 GMT\r\nexpires: Tue, 22 Sep 2026 23:17:32 GMT\r\ncache-control: public, max-age=31536000\r\nage: 472429\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T11:46:59.437094Z","times_seen":714426,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torrentdownloads.rutor.app/templates/new/images/health/health_8.jpg","fqdn":"torrentdownloads.rutor.app","domain":"rutor.app","tld":"app"},"ip":{"addr":"172.67.158.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:16.738Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rutor.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 02:19:36 GMT","end":"Fri, 19 Dec 2025 03:09:13 GMT"},"fingerprint":{"sha1":"65:6C:B3:CD:A0:AD:28:B1:3A:23:A8:A2:1B:F0:E7:C0:18:90:91:0F","sha256":"4A:EE:EA:F0:6F:B6:A9:99:ED:A1:9D:D2:2A:5E:48:50:06:6C:52:7E:B9:1A:16:A3:26:FC:B0:7E:5B:CF:FB:07"}}},"request":{"raw":"GET /templates/new/images/health/health_8.jpg HTTP/1.1\r\nHost: torrentdownloads.rutor.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:16 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\ncf-cache-status: BYPASS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Dh%2BJFELd%2FXyWROhjClrZwXClb0duQYPZK2tWCjlrDaJ0%2BRI%2F6XNuxFqcqkxZpxGPI4W3xv2hNFF280tyBHrn4j4xyxfmj5qOFJjUIljEvxOFueSWEGEYOQag\"}]}\r\nset-cookie: view=1; Max-Age=86400; Expires=Mon, 29 Sep 2025 10:31:16 GMT\nPHPSESSID=bv1mer9ek0a415b5b3rmjq4pkb; Path=/\r\ncf-ray: 986291f99ed9c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":547,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 46x9, components 3","md5":"92bcbc0cd112eae1857e22e2cff56f9f","sha1":"58d2da1cb88f877f26f6afffec397cd5220cf059","sha256":"a65e4db5daaed15b326a1b8d45dcfc88a903dc67abc768f3cc3d86d19309bcd5","sha512":"64e48cb96e7796f55f4a14ea13ddbfe605e210992910d9f643ffca62af7a62a6584039bccb7670c133bfbfd4b4168f9f305a619e9113a5dde2081c69c85412b6","ssdeep":"","tlshash":"80f0237bb386e783ecd6503175384728863c31d3b023cb5f41f5d91a98c41620c801da","first_seen":"2023-05-29T17:58:11Z","last_seen":"2026-02-19T06:00:31.887781Z","times_seen":46,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"torrentdownloads.rutor.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"3.123.144.251","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.359Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://torrentdownloads.rutor.app\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=d99c09bd-bda0-43da-9545-444b1fc41951:1:1; expires=Wed, 26 Sep 2035 10:31:17 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"ba90643304cbcb4223816aff3bd8776e","sha1":"65fa7055c4c85330c11f8066c42d7f22d111962e","sha256":"e3c1dc5954413edb77718dfb562e93e1d7f8fcb431478ff5569fc92f5104313b","sha512":"3ee64ed92f1a420c4f8fb73e9dcddb0704cb6210e8473a2b164bf0c8ff7e244f1ab7246f774e8ef22d29e1b0a4f2d587fea0793322691fe57f66e5b9ea56b55c","ssdeep":"","tlshash":"2f9004057d57053014c7f05754301d541d1501511f4700d37c11d3545071401c3f1c43","first_seen":"2025-09-28T10:31:49.187846Z","last_seen":"2025-09-28T10:31:49.187846Z","times_seen":1,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":29,"send":0,"wait":24,"receive":0,"ssl":61},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/big1/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:21.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/big1/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 10:31:21 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZZflgihQKmc9AOUlFxFVb%2Fmi9drt2B2KxbtrI0ZhwTrOlYV0KdQBa0zqk98lXiW4%2BnPpyYCBGriYdjkjp%2BgNTDugC9Z5Rs6bQHSSn1ac\"}]}\r\ncf-cache-status: MISS\r\netag: W/\"65aa84fe-3be\"\r\ncontent-encoding: br\r\ncf-ray: 98629214ff60712a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":958,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"89918681df9f363bb293cb027c2f1113","sha1":"cf7dca97b09ed3d03e821b407286539519a9f037","sha256":"6648e7501f858c8ffaf2b35736dbd37f2d22afb2c781ee552d7c113d77413b9e","sha512":"f8e40eb5727465e78b1f20b08e6d22f07be52165043b01566c12f1022bea70e63cda516588ea504c7e927a63c9680f439b014b72d9a88b518956e2dc5474be67","ssdeep":"","tlshash":"1a117a27156883f06257f027a1572adaea32029fe81a9717721c06cd0ec47b913fa6e7","first_seen":"2023-04-05T07:51:04Z","last_seen":"2026-04-04T10:53:20.288259Z","times_seen":1137,"resource_available":false,"data":null}},"time_used":417,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":417,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"push-sdk.com/event?z=888956","fqdn":"push-sdk.com","domain":"push-sdk.com","tld":"com"},"ip":{"addr":"157.90.33.121","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://torrentdownloads.rutor.app/","date":"2025-09-28T10:31:17.107Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"push-sdk.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 11:06:22 GMT","end":"Tue, 25 Nov 2025 11:06:21 GMT"},"fingerprint":{"sha1":"BD:DD:75:88:5F:0F:2F:A6:EA:FF:1B:29:49:86:BB:EC:C1:90:4A:79","sha256":"89:8C:73:02:C1:8B:65:46:0D:EE:E7:41:24:34:AE:25:5A:28:56:20:4F:E2:7C:EB:1C:D8:91:6C:BC:2A:16:12"}}},"request":{"raw":"POST /event?z=888956 HTTP/1.1\r\nHost: push-sdk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 82\r\nOrigin: https://torrentdownloads.rutor.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torrentdownloads.rutor.app/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Angie\r\ndate: Sun, 28 Sep 2025 10:31:17 GMT\r\ncontent-length: 0\r\naccess-control-allow-origin: https://torrentdownloads.rutor.app\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\ncache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store\r\npragma: no-cache\r\nexpires: Tue, 11 Jan 1994 00:00:00 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}