Report - downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva

Report Overview

Visited public
2024-09-06 19:14:19
Tags
Submit Tags
URL
downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Finishing URL
downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
IP / ASN
172.67.145.22
#13335 CLOUDFLARENET
Title
(1) New Message!

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-09-06 18:12:04	1.1 kB	39 kB	142.250.74.131
downloadtorrentfile.com	192529	2018-11-25	2019-05-31 13:34:50	2024-04-17 16:46:14	3.7 kB	74 kB	172.67.145.22
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2024-09-06 18:19:04	905 B	172 kB	142.250.74.168
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2024-09-06 18:12:09	971 B	454 B	216.239.34.36
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-09-06 18:12:11	416 B	1.8 kB	142.250.74.106
whiskeydepositopinion.com	unknown	2024-08-09	2024-08-12 12:10:07	2024-09-06 12:05:04	8.3 kB	30 kB	192.243.59.20
d24ak3f2b.top	105412	2020-05-28	2020-05-28 15:46:58	2024-09-06 00:17:40	410 B	157 B	172.240.127.240
cdn.show-creative1.com	unknown	2024-08-20	2024-08-27 20:37:00	2024-08-29 09:32:55	529 B	2.2 kB	172.67.208.42
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-09-06 18:15:10	2.6 kB	5.6 kB	142.250.74.131
screenshots.downloadtorrentfile.com	unknown	2018-11-25	2023-07-29 22:58:07	2024-03-23 17:03:54	549 B	851 B	172.67.145.22
esteemcountryside.com	unknown	unknown	No data	No data	448 B	18 kB	172.240.108.84
swiggermahwa.com	unknown	2024-04-11	2024-04-11 05:59:47	2024-04-14 00:19:23	418 B	1.5 kB	23.109.170.187
cdn.creative-stat1.com	unknown	2024-08-20	2024-08-27 20:37:01	2024-09-04 20:02:43	2.1 kB	48 kB	188.114.96.1
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-09-06 18:12:06	1.6 kB	4.4 kB	23.36.76.226
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2024-09-06 18:19:55	338 B	942 B	54.230.218.11
unseenreport.com	unknown	2022-03-30	2022-03-30 16:33:17	2024-09-06 15:51:31	1.5 kB	942 B	192.243.59.13
recordedthereby.com	unknown	2024-05-08	2024-05-14 07:24:53	2024-09-06 15:51:28	408 B	38 kB	188.114.96.1
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2024-09-06 18:12:11	1.9 kB	114 kB	104.17.25.14
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-09-06 18:12:12	2.6 kB	7.1 kB	23.36.77.32
www.google.no	25607	2001-02-26	2016-04-05 21:50:59	2024-09-06 18:15:26	623 B	578 B	142.250.74.163
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2024-09-06 10:44:02	447 B	430 B	18.158.173.128

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-09-06	medium	swiggermahwa.com	Sinkholed
2024-09-06	medium	whiskeydepositopinion.com	Sinkholed
2024-09-06	medium	d24ak3f2b.top	Sinkholed
2024-09-06	medium	unseenreport.com	Sinkholed
2024-09-06	medium	unseenreport.com	Sinkholed
2024-09-06	medium	whiskeydepositopinion.com	Sinkholed
2024-09-06	medium	whiskeydepositopinion.com	Sinkholed
2024-09-06	medium	whiskeydepositopinion.com	Sinkholed
2024-09-06	medium	whiskeydepositopinion.com	Sinkholed
2024-09-06	medium	whiskeydepositopinion.com	Sinkholed
2024-09-06	medium	whiskeydepositopinion.com	Sinkholed
2024-09-06	medium	whiskeydepositopinion.com	Sinkholed
2024-09-06	medium	whiskeydepositopinion.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (16)

	URL	From	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=UA-137531655-1&l=dataLayer	ScriptElement	216 kB	2024-09-19	2024-09-19
Pretty URL www.googletagmanager.com/gtag/js?id=UA-137531655-1&l=dataLayer IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-19 22:12 Last Seen2024-09-19 22:12 Times Seen1 Hash 2ddf6a03f0b21d1441816a95c1b27fd1 1f3bf94f26d19508437cff9535589eb91780396f c81fd4eff5db7502f1157de15941678ec29f32069e2a956800eb7ccf5c5d16ff Loading...

	swiggermahwa.com/tYppHGsTxJbNR/71649	ScriptElement	5 B	2023-03-07	2025-07-07
Pretty URL swiggermahwa.com/tYppHGsTxJbNR/71649 IP 23.109.170.187 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14 Last Seen2025-07-07 06:25 Times Seen6637 Hash f7a2939527fd9e68723da600e96d76bd a9e717b6364d2895ee0a716050db32ca0ef1bb42 d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a Loading...

	whiskeydepositopinion.com/e4/5c/a0/e45ca05da468385a15fff1f63aa1e3df.js	ScriptElement	44 kB	2024-09-19	2024-09-19
Pretty URL whiskeydepositopinion.com/e4/5c/a0/e45ca05da468385a15fff1f63aa1e3df.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-19 22:12 Last Seen2024-09-19 22:12 Times Seen1 Hash 872875292db1265fd3586b4e392df141 bd0a8156f15c568974de91e0571156f6cfcb1cef a0b998bf1b9edbfa1b424822b810b3210f4d4788df112aac312ad2ae36a430ed Loading...

	cdnjs.cloudflare.com/ajax/libs/vue-clipboard2/0.3.1/vue-clipboard.min.js	ScriptElement	14 kB	2023-03-07	2025-07-06
Pretty URL cdnjs.cloudflare.com/ajax/libs/vue-clipboard2/0.3.1/vue-clipboard.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04 Last Seen2025-07-06 05:48 Times Seen55 Hash 7ed42cdcf96b7af11366d227331880c4 975b93f1b5c8fbbdc9bace4be124936248b0e1af 5ef1cbd6686f0d4c1f60bf548186841b44c129983727db927235031baa024ba9 Loading...

	unknown	ScriptElement	601 B	2024-02-24	2024-09-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-24 19:59 Last Seen2024-09-19 22:12 Times Seen7 Hash 9d44f40b003b7593a50c1a66eed215dd 24ca6e3fdaaa67e44b89680198f61bb62bf3df06 7e09e9d2b5065c5f0838ae86dbe81ea3890f47604e161c70655042ca4f975ac0 Loading...

	downloadtorrentfile.com/js/chunk-vendors.7eb1e6ea.js	ScriptElement	26 kB	2023-07-29	2025-06-25
Pretty URL downloadtorrentfile.com/js/chunk-vendors.7eb1e6ea.js IP 172.67.145.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-29 22:58 Last Seen2025-06-25 02:41 Times Seen34 Hash f61373392c9f60de7d8463e3c62d27d7 ffdccf4a2ef9a3cf856165a76a8363dfbdcacb06 779dca7f0f197fa60064dca564898c7751eb5ff1fd82b14fa7d9adb23b02203f Loading...

	downloadtorrentfile.com/hash/sandbox%20eval%20code		147 B	2023-04-11	2025-07-07
Pretty URL downloadtorrentfile.com/hash/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-07-07 06:30 Times Seen395560 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	esteemcountryside.com/a2/ce/64/a2ce64afd3c1c10fe7fdbb6234980cc8.js	ScriptElement	54 kB	2024-09-19	2024-09-19
Pretty URL esteemcountryside.com/a2/ce/64/a2ce64afd3c1c10fe7fdbb6234980cc8.js IP 172.240.108.84 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-19 22:12 Last Seen2024-09-19 22:12 Times Seen1 Hash 11979dc9cc13c2b4bcf52b16ce14f197 cc149dca3e42bba51ae68342b23063c1b6ee8dcc c28ce11d032b3dbd2a980d31600949d91227f530bdf3d84dbe6141e81c08c276 Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2024-05-17	2025-01-21
Pretty URL recordedthereby.com/sfp.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-17 16:43 Last Seen2025-01-21 11:22 Times Seen13574 Hash 7e3e44049654b6e244c1777e68ffb8e7 8f2a8298666d607afd92a0baa362ef4dc9ccd039 4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b Loading...

	d24ak3f2b.top/advertisers.js	ScriptElement	0 B	0001-01-01	2025-07-07
Pretty URL d24ak3f2b.top/advertisers.js IP 172.240.127.240 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-07-07 06:30 Times Seen5318997 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdnjs.cloudflare.com/ajax/libs/vue/2.6.11/vue.min.js	ScriptElement	94 kB	2023-03-07	2025-07-07
Pretty URL cdnjs.cloudflare.com/ajax/libs/vue/2.6.11/vue.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2025-07-07 05:18 Times Seen2385 Hash 6c81f02ad0bf8e12a66c18cab188d029 abd239f02966b2d324b0512c203bdbaf82a4ed7a 9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf Loading...

	downloadtorrentfile.com/js/app.af2d15e9.js	ScriptElement	21 kB	2024-05-25	2025-03-19
Pretty URL downloadtorrentfile.com/js/app.af2d15e9.js IP 172.67.145.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-25 20:23 Last Seen2025-03-19 04:23 Times Seen22 Hash 783370bb8dfb653d3186482ec01a9f4a 0c52249b31302b575980190ce53e73a7b4a7099a 252d09da44189d3ff55f3818bd539f4f2b7266325923ef5896dab2b82cecc0e4 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-07-07
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-07-07 06:30 Times Seen395076 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.googletagmanager.com/gtag/js?id=G-XDSPBT0502&l=dataLayer&cx=c	ScriptElement	266 kB	2024-09-19	2024-09-19
Pretty URL www.googletagmanager.com/gtag/js?id=G-XDSPBT0502&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-19 22:12 Last Seen2024-09-19 22:12 Times Seen1 Hash 1319c74ca69b11bd1bba14f450e270cb c813d0b8ce2dc32bd9bdfc8bd6fb9539f9d5717b 6b2f2777b72c690db2a112069395e94ad316b80e5c2e6d688c0021ffc47a6d30 Loading...

	cdnjs.cloudflare.com/ajax/libs/vue-router/3.2.0/vue-router.min.js	ScriptElement	27 kB	2023-03-07	2025-06-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/vue-router/3.2.0/vue-router.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04 Last Seen2025-06-25 02:41 Times Seen81 Hash 5d559e0f2e7c65ce91105d7e3eaf053d 2d253d5883a389bc56fbe92c018be46c6da45410 bf2f76348f9c1b62ddfaa7424da2a59eb6b7ed869b5b309f5144d86979cab17b Loading...

	cdnjs.cloudflare.com/ajax/libs/axios/0.19.2/axios.min.js	ScriptElement	14 kB	2023-03-07	2025-07-05
Pretty URL cdnjs.cloudflare.com/ajax/libs/axios/0.19.2/axios.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:26 Last Seen2025-07-05 15:38 Times Seen555 Hash e63531350b726384f625ead641f5ad66 eedcea771a678c29c5939aaad88dc0f2288f36fc 4ff7fb4a3bb565f34d7c187bb245a7d22765081708dd1c1d2d24b8fc8ecd40a4 Loading...

HTTP Transactions (61)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
dedd67c0946c5577f4afe8ce915d496e
13c7575ca041681cc467ada3cbcc8ac16d02a005
52d626e12edd115d218ff4e43f4fb3e9690effc7caaa9cfb673cd52a8c33728c

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "52D626E12EDD115D218FF4E43F4FB3E9690EFFC7CAAA9CFB673CD52A8C33728C"
Last-Modified: Thu, 05 Sep 2024 21:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14117
Expires: Fri, 06 Sep 2024 23:09:09 GMT
Date: Fri, 06 Sep 2024 19:13:52 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
60ab18bb1e8dadb29ada046753dbc185
3d30d0b2ba9061fbd90500510f6f514476a1413f
50ed93ddadd4c6c89fbf4bfa5bc29814434ab19ed98c11f4b558b68b570d49f2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "50ED93DDADD4C6C89FBF4BFA5BC29814434AB19ED98C11F4B558B68B570D49F2"
Last-Modified: Thu, 05 Sep 2024 00:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6462
Expires: Fri, 06 Sep 2024 21:01:34 GMT
Date: Fri, 06 Sep 2024 19:13:52 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
12568f27d5a44a225ac0a166b4204675
bf4709d2e68c17dcb226bbfc215394c512e25ee0
cd7f51adecb731d788a61392da99a9e8c228fbf490599b7e415adb501ce42745

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "CD7F51ADECB731D788A61392DA99A9E8C228FBF490599B7E415ADB501CE42745"
Last-Modified: Thu, 05 Sep 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10022
Expires: Fri, 06 Sep 2024 22:00:54 GMT
Date: Fri, 06 Sep 2024 19:13:52 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
12ebe14d7f8dbb712eca26d0d794b7ac
ec6540f9ba81fd6d7ef07275f3ccf11255703d91
ea0ce6747c07afac781fc50b52f7e3e38e06e330cc4612e33ee93813c7130942

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "EA0CE6747C07AFAC781FC50B52F7E3E38E06E330CC4612E33EE93813C7130942"
Last-Modified: Thu, 05 Sep 2024 02:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3743
Expires: Fri, 06 Sep 2024 20:16:16 GMT
Date: Fri, 06 Sep 2024 19:13:53 GMT
Connection: keep-alive

GET downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva

172.67.145.22

200 OK

32 kB

URL User Request GET HTTP/3
downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
IP
172.67.145.22:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectdownloadtorrentfile.com
FingerprintB5:BB:9C:06:D8:43:34:84:BE:B5:E9:63:0E:65:C7:DB:BE:8F:1A:AF
ValidityWed, 07 Aug 2024 00:07:45 GMT - Tue, 05 Nov 2024 00:07:44 GMT

File type
HTML document, ASCII text, with very long lines (1692)
Size
32 kB (31488 bytes)
Hash
797420a2c022f597a223afd7c9686f32
6af883e7bc600a6a319d71f4e0cc5195e23571c9
856f56a98b7418fa844518332042c98ab4c4d96184f714890aa50150df7eb6fa

HTTP Headers

GET /hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva HTTP/1.1
Host: downloadtorrentfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ge_js_validator_27=1725649972@27@91768bda7d20c693a19575ed096c4a95
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 06 Sep 2024 19:13:54 GMT
content-type: text/html; charset=utf-8
last-modified: Mon, 15 Jul 2024 02:48:28 GMT
vary: Accept-Encoding
x-cache: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1RSHh4b7Z5DQMUefyvEF%2BWsFibBaRrnn65bYvwlz7hrO%2F8WYgMed4JL%2BVK5GuIMeNHfen6U8rdVcozIFKOI3UHhoKEC0i0oqKuGWzpcZTzsQYUTqraCTLWtuaAGzH2zwPNckHup81VuMqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bf0c7693d9156c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET cdnjs.cloudflare.com/ajax/libs/axios/0.19.2/axios.min.js

104.17.25.14

200 OK

4.3 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/axios/0.19.2/axios.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint00:EC:C6:E9:D9:C1:6D:05:88:6E:33:AF:3B:E7:7B:86:81:20:66:CA
ValidityWed, 31 Jul 2024 04:16:10 GMT - Tue, 29 Oct 2024 04:16:09 GMT

File type
JavaScript source, ASCII text, with very long lines (13909)
Size
4.3 kB (4253 bytes)
Hash
e63531350b726384f625ead641f5ad66
eedcea771a678c29c5939aaad88dc0f2288f36fc
4ff7fb4a3bb565f34d7c187bb245a7d22765081708dd1c1d2d24b8fc8ecd40a4

HTTP Headers

GET /ajax/libs/axios/0.19.2/axios.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://downloadtorrentfile.com
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 06 Sep 2024 19:13:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 4253
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d6a-36a9"
last-modified: Mon, 04 May 2020 16:06:02 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 861753
expires: Wed, 27 Aug 2025 19:13:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sXRM9E3xxHUq12YDL6fa36qoANteX77QNyOxS3XePxS5slDuhNakXv8l8lkxVoQACLkxipnw8c3BM2JAcAnundSFN0N93vu6gQN8LoSUhrFesxL7TfWixUPfQL1zwi%2Fgx30qU48r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8bf0c76e3cab5695-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/vue-clipboard2/0.3.1/vue-clipboard.min.js

104.17.25.14

200 OK

3.6 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/vue-clipboard2/0.3.1/vue-clipboard.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint00:EC:C6:E9:D9:C1:6D:05:88:6E:33:AF:3B:E7:7B:86:81:20:66:CA
ValidityWed, 31 Jul 2024 04:16:10 GMT - Tue, 29 Oct 2024 04:16:09 GMT

File type
JavaScript source, ASCII text, with very long lines (13646), with no line terminators
Size
3.6 kB (3619 bytes)
Hash
7ed42cdcf96b7af11366d227331880c4
975b93f1b5c8fbbdc9bace4be124936248b0e1af
5ef1cbd6686f0d4c1f60bf548186841b44c129983727db927235031baa024ba9

HTTP Headers

GET /ajax/libs/vue-clipboard2/0.3.1/vue-clipboard.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://downloadtorrentfile.com
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 06 Sep 2024 19:13:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 3619
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb0402a-354e"
last-modified: Mon, 04 May 2020 16:17:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 7349469
expires: Wed, 27 Aug 2025 19:13:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ugccfYx5BC4JgjQyy3uAc20EhUOuuRikbsTlJ3RihBVeM%2B7iMYeTNDGkhx2wN7U4DZlYgdx2EehCePJ%2BO3lCN0g8jdmtYztZxD2okAOEdMTexglsOakAh2VkTuyBV3GpFDUrmZ9T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8bf0c76e4cb05695-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/vue-router/3.2.0/vue-router.min.js

104.17.25.14

200 OK

8.5 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/vue-router/3.2.0/vue-router.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint00:EC:C6:E9:D9:C1:6D:05:88:6E:33:AF:3B:E7:7B:86:81:20:66:CA
ValidityWed, 31 Jul 2024 04:16:10 GMT - Tue, 29 Oct 2024 04:16:09 GMT

File type
JavaScript source, ASCII text, with very long lines (26607)
Size
8.5 kB (8517 bytes)
Hash
5d559e0f2e7c65ce91105d7e3eaf053d
2d253d5883a389bc56fbe92c018be46c6da45410
bf2f76348f9c1b62ddfaa7424da2a59eb6b7ed869b5b309f5144d86979cab17b

HTTP Headers

GET /ajax/libs/vue-router/3.2.0/vue-router.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://downloadtorrentfile.com
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 06 Sep 2024 19:13:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 8517
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eccab17-6835"
last-modified: Tue, 26 May 2020 05:37:27 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 852123
expires: Wed, 27 Aug 2025 19:13:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=McHE1KPmfGuNl%2BLgXlIzIHbf1EJ9gn%2FuLh3%2FQe8pR11YZ9W6sUo8S0eNmyt3%2BrWBMZSCZyBH698fzPcRzFMOUS2QC%2FjH8jqqsA%2BxUCYiRxXUbE%2BZXIDi1cPAt2YTry9vrYs0QPAF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8bf0c76e4cb35695-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
03257dcd988094f87162134f356e81f3
7226a5881fa93b258cf76bb704bfa91814be243f
4d3cf7ff9c66c4ca93970a1d94aa8374f78dc4a9d468697b252d16c349770762

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4D3CF7FF9C66C4CA93970A1D94AA8374F78DC4A9D468697B252D16C349770762"
Last-Modified: Thu, 05 Sep 2024 06:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6069
Expires: Fri, 06 Sep 2024 20:55:04 GMT
Date: Fri, 06 Sep 2024 19:13:55 GMT
Connection: keep-alive

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4d0233868404974ea22f779c3a42573f
aa9aaa76b5f78d76f856f5c5ad4ea87ec383315f
87000c2d1cf791ebc596520c19b41b1a54031b0c6e31974a2f2ddf6c0c46c73f

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Sep 2024 19:13:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET downloadtorrentfile.com/trackerlist

172.67.145.22

200 OK

297 B

URL GET HTTP/3
downloadtorrentfile.com/trackerlist
IP
172.67.145.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerGoogle Trust Services
Subjectdownloadtorrentfile.com
FingerprintB5:BB:9C:06:D8:43:34:84:BE:B5:E9:63:0E:65:C7:DB:BE:8F:1A:AF
ValidityWed, 07 Aug 2024 00:07:45 GMT - Tue, 05 Nov 2024 00:07:44 GMT

File type
JSON text data
Size
297 B (297 bytes)
Hash
fda9b0edfc4d5cfc09f5657931523daa
3b4edb4883f20c87c12e841d414a83241a151b32
316e627e4590d5baf9d1fc0785c4727642b4d773bba0021c590577c094ca1fb0

HTTP Headers

GET /trackerlist HTTP/1.1
Host: downloadtorrentfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Cookie: ge_js_validator_27=1725649972@27@91768bda7d20c693a19575ed096c4a95
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 06 Sep 2024 19:13:55 GMT
content-type: application/json; charset=UTF-8
content-length: 297
content-encoding: gzip
vary: Accept-Encoding
x-cache: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QLVOCsaJYIv%2B8BjGxiHUjRhR2c8WSNC2BND5MFl3GlyFdosYS29asD1gihTINWYyrRDlzaULReRgRSAiVZYa%2BnbwzyzQa3ND8TqqQ647MHzR7LnGe1lq3XyXRnRA%2BwDaHnsSSVsa4aaVwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bf0c76fdd9956c4-OSL
alt-svc: h3=":443"; ma=86400

GET screenshots.downloadtorrentfile.com/?url=magnet:?xt=urn:btih:d5ca3c2507902969c8bb8cfd497175066b916a23

172.67.145.22

200 OK

139 B

URL GET HTTP/2
screenshots.downloadtorrentfile.com/?url=magnet:?xt=urn:btih:d5ca3c2507902969c8bb8cfd497175066b916a23
IP
172.67.145.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerGoogle Trust Services
Subjectdownloadtorrentfile.com
FingerprintB5:BB:9C:06:D8:43:34:84:BE:B5:E9:63:0E:65:C7:DB:BE:8F:1A:AF
ValidityWed, 07 Aug 2024 00:07:45 GMT - Tue, 05 Nov 2024 00:07:44 GMT

File type
JSON text data
Size
139 B (139 bytes)
Hash
59a5ef2004be20dab43e2f85843d27fa
b5efd9de62fe8ea44f9f4185b286dad15e2c6969
ca28def4fb45e29b5dbeeb5a5c938bedd7b3cfa365f6e4427624ca3f9c8a6b49

HTTP Headers

GET /?url=magnet:?xt=urn:btih:d5ca3c2507902969c8bb8cfd497175066b916a23 HTTP/1.1
Host: screenshots.downloadtorrentfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://downloadtorrentfile.com
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 06 Sep 2024 19:13:55 GMT
content-type: application/json; charset=utf-8
content-length: 139
access-control-allow-origin: https://downloadtorrentfile.com
alt-svc: h3=":443"; ma=86400
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fs2Ki9qhBxYPM43nRmuwB0sNg3CTBz1GT9T0h13%2FQlGPHKJ13zC9OVR0qjMAed3fW7bpNFEcqFck%2Fwh7bUyqiAh4MMtv8h874khUwDS%2Br5bKi5QFFzDmyh0ViGyUTLLQmeZkLa7crlDU2cN3CXd%2FKTENr2LiGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bf0c7705b6756bb-OSL
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=UA-137531655-1&l=dataLayer

142.250.74.168

200 OK

78 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-137531655-1&l=dataLayer
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE1:54:98:CD:9D:7A:BD:80:E1:F7:F7:9E:4A:C0:BA:A2:F1:F0:5D:C0
ValidityMon, 12 Aug 2024 06:33:44 GMT - Mon, 04 Nov 2024 06:33:43 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
78 kB (77678 bytes)
Hash
2ddf6a03f0b21d1441816a95c1b27fd1
1f3bf94f26d19508437cff9535589eb91780396f
c81fd4eff5db7502f1157de15941678ec29f32069e2a956800eb7ccf5c5d16ff

HTTP Headers

GET /gtag/js?id=UA-137531655-1&l=dataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 06 Sep 2024 19:13:55 GMT
expires: Fri, 06 Sep 2024 19:13:55 GMT
cache-control: private, max-age=900
last-modified: Fri, 06 Sep 2024 18:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77678
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET esteemcountryside.com/a2/ce/64/a2ce64afd3c1c10fe7fdbb6234980cc8.js

172.240.108.84

200 OK

17 kB

URL GET HTTP/1.1
esteemcountryside.com/a2/ce/64/a2ce64afd3c1c10fe7fdbb6234980cc8.js
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerLet's Encrypt
Subjectesteemcountryside.com
Fingerprint59:5E:BA:A8:7F:F5:C9:03:F2:54:E3:15:4E:F3:8D:EB:AA:D8:F9:D7
ValidityFri, 23 Aug 2024 04:00:53 GMT - Thu, 21 Nov 2024 04:00:52 GMT

File type
JavaScript source, ASCII text, with very long lines (53747), with no line terminators
Size
17 kB (17168 bytes)
Hash
11979dc9cc13c2b4bcf52b16ce14f197
cc149dca3e42bba51ae68342b23063c1b6ee8dcc
c28ce11d032b3dbd2a980d31600949d91227f530bdf3d84dbe6141e81c08c276

HTTP Headers

GET /a2/ce/64/a2ce64afd3c1c10fe7fdbb6234980cc8.js HTTP/1.1
Host: esteemcountryside.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 06 Sep 2024 19:13:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: esteemcountryside.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 1ceeeb945ceb39257f020619c95cb8af
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
6132d19a58f0fd8cbaee37eb7fb8e266
13c8478086ae0264d072b04abb5b9d7019e6f1c2
e1b58bab2f563257b668c13199ce96ef61ffda126bbeedcb419d5462ec4af869

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "E1B58BAB2F563257B668C13199CE96EF61FFDA126BBEEDCB419D5462EC4AF869"
Last-Modified: Wed, 04 Sep 2024 12:28:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6112
Expires: Fri, 06 Sep 2024 20:55:47 GMT
Date: Fri, 06 Sep 2024 19:13:55 GMT
Connection: keep-alive

GET swiggermahwa.com/tYppHGsTxJbNR/71649

23.109.170.187

200 OK

25 B

URL GET HTTP/1.1
swiggermahwa.com/tYppHGsTxJbNR/71649
IP
23.109.170.187:443
ASN
#7979 SERVERS-COM

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerLet's Encrypt
Subjectswiggermahwa.com
Fingerprint2A:A1:FF:B7:5E:2F:71:4E:A1:2F:0A:AE:8D:F7:53:7D:05:96:68:C7
ValidityTue, 27 Aug 2024 22:51:23 GMT - Mon, 25 Nov 2024 22:51:22 GMT

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
f7a2939527fd9e68723da600e96d76bd
a9e717b6364d2895ee0a716050db32ca0ef1bb42
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tYppHGsTxJbNR/71649 HTTP/1.1
Host: swiggermahwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Sep 2024 19:13:55 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://downloadtorrentfile.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sat, 07-Sep-2024 19:13:55 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwNwz0OgjAYBuB%2B39BoJCZv5ACcAIHgwOjP4GBw4ASARBualrSAejN3L6ZP8gghOAzAakBQpHGRxHkWp7scdAeXV3BrIEvrnvUb5MBJBnYGi33fOf%2BYPKjF6vz9zKqP5s71IIX1QatXVFk9jcoaD%2F5fHutGd9tTdQENksCjlQz2t1CAZrn5ASyhICQ%3D; expires=Sat, 07-Sep-2024 19:13:55 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
08e5bce0bacebe8fb72d50d26a11c7bd
79fa03f55d76a53b5b969e991368b310802c431f
186c05411a5124e3b4b69e54573a698c35768de153b6d3b702abf2875b460db2

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Sep 2024 19:13:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c3a113eae66e496e579294e612088a0e
6fcb69472a3079365e84897cb649f1fd07d100bc
4da10a7cccf3dec0fc3b37fd97e0b5c7ee1eba3362f75c558c11a6bdb159a4e8

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4DA10A7CCCF3DEC0FC3B37FD97E0B5C7EE1EBA3362F75C558C11A6BDB159A4E8"
Last-Modified: Thu, 05 Sep 2024 02:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14379
Expires: Fri, 06 Sep 2024 23:13:34 GMT
Date: Fri, 06 Sep 2024 19:13:55 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c3a113eae66e496e579294e612088a0e
6fcb69472a3079365e84897cb649f1fd07d100bc
4da10a7cccf3dec0fc3b37fd97e0b5c7ee1eba3362f75c558c11a6bdb159a4e8

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4DA10A7CCCF3DEC0FC3B37FD97E0B5C7EE1EBA3362F75C558C11A6BDB159A4E8"
Last-Modified: Thu, 05 Sep 2024 02:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14379
Expires: Fri, 06 Sep 2024 23:13:34 GMT
Date: Fri, 06 Sep 2024 19:13:55 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c3a113eae66e496e579294e612088a0e
6fcb69472a3079365e84897cb649f1fd07d100bc
4da10a7cccf3dec0fc3b37fd97e0b5c7ee1eba3362f75c558c11a6bdb159a4e8

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4DA10A7CCCF3DEC0FC3B37FD97E0B5C7EE1EBA3362F75C558C11A6BDB159A4E8"
Last-Modified: Thu, 05 Sep 2024 02:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14379
Expires: Fri, 06 Sep 2024 23:13:34 GMT
Date: Fri, 06 Sep 2024 19:13:55 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c3a113eae66e496e579294e612088a0e
6fcb69472a3079365e84897cb649f1fd07d100bc
4da10a7cccf3dec0fc3b37fd97e0b5c7ee1eba3362f75c558c11a6bdb159a4e8

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4DA10A7CCCF3DEC0FC3B37FD97E0B5C7EE1EBA3362F75C558C11A6BDB159A4E8"
Last-Modified: Thu, 05 Sep 2024 02:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14379
Expires: Fri, 06 Sep 2024 23:13:34 GMT
Date: Fri, 06 Sep 2024 19:13:55 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c3a113eae66e496e579294e612088a0e
6fcb69472a3079365e84897cb649f1fd07d100bc
4da10a7cccf3dec0fc3b37fd97e0b5c7ee1eba3362f75c558c11a6bdb159a4e8

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4DA10A7CCCF3DEC0FC3B37FD97E0B5C7EE1EBA3362F75C558C11A6BDB159A4E8"
Last-Modified: Thu, 05 Sep 2024 02:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14379
Expires: Fri, 06 Sep 2024 23:13:34 GMT
Date: Fri, 06 Sep 2024 19:13:55 GMT
Connection: keep-alive

GET www.googletagmanager.com/gtag/js?id=G-XDSPBT0502&l=dataLayer&cx=c

142.250.74.168

200 OK

93 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-XDSPBT0502&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE1:54:98:CD:9D:7A:BD:80:E1:F7:F7:9E:4A:C0:BA:A2:F1:F0:5D:C0
ValidityMon, 12 Aug 2024 06:33:44 GMT - Mon, 04 Nov 2024 06:33:43 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
93 kB (93152 bytes)
Hash
1319c74ca69b11bd1bba14f450e270cb
c813d0b8ce2dc32bd9bdfc8bd6fb9539f9d5717b
6b2f2777b72c690db2a112069395e94ad316b80e5c2e6d688c0021ffc47a6d30

HTTP Headers

GET /gtag/js?id=G-XDSPBT0502&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 06 Sep 2024 19:13:55 GMT
expires: Fri, 06 Sep 2024 19:13:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93152
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
2e32406a03f6fad7de8341e4867ffd9e
09fc83e348b2406a84b759fd574a4f7e791a2900
4dcaed13b95957e124a358ce8d3f9bd518525c7328e5e5bba92f44e8b9eb4f2d

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4DCAED13B95957E124A358CE8D3F9BD518525C7328E5E5BBA92F44E8B9EB4F2D"
Last-Modified: Fri, 06 Sep 2024 12:47:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5682
Expires: Fri, 06 Sep 2024 20:48:37 GMT
Date: Fri, 06 Sep 2024 19:13:55 GMT
Connection: keep-alive

GET downloadtorrentfile.com/favicon.ico

172.67.145.22

200 OK

3.8 kB

URL GET HTTP/3
downloadtorrentfile.com/favicon.ico
IP
172.67.145.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerGoogle Trust Services
Subjectdownloadtorrentfile.com
FingerprintB5:BB:9C:06:D8:43:34:84:BE:B5:E9:63:0E:65:C7:DB:BE:8F:1A:AF
ValidityWed, 07 Aug 2024 00:07:45 GMT - Tue, 05 Nov 2024 00:07:44 GMT

File type
gzip compressed data, from Unix
Size
3.8 kB (3791 bytes)
Hash
f74d35fadd90aadb14b35ecab8c2b9b3
f265733dc0a989b952f1a249321350f74dbcfa59
44085f9af9cc1ccbc4a4bcc6d32c82270a2834b71d00bf66432c06c72809455c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: downloadtorrentfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Cookie: ge_js_validator_27=1725649972@27@91768bda7d20c693a19575ed096c4a95; _ga_XDSPBT0502=GS1.1.1725650035.1.0.1725650035.60.0.0; _ga=GA1.1.198881589.1725650036; ppu_main_a2ce64afd3c1c10fe7fdbb6234980cc8=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 06 Sep 2024 19:13:56 GMT
content-type: image/x-icon
content-encoding: gzip
etag: W/"6541a2ee-423e"
last-modified: Mon, 02 Sep 2024 23:17:14 GMT
vary: Accept-Encoding
x-cache: HIT, policy, disk
cache-control: max-age=14400
cf-cache-status: HIT
age: 6061
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HREG4kx%2BvDtUNnhP9imlPpoIppiwz0vizWKPNvcsJ2SB%2FexBB6LiL26ASyboN%2FEwiW7viMMrlCpUhmwh4SoneESzCm6X7fxxxDEyxKU2sypPy9Ek3qv8tXwABqzPGVa4cEUUS%2FeKDsWmgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bf0c7754c4156c4-OSL
alt-svc: h3=":443"; ma=86400

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
89841877dc4ddbe038884eb25d89fc53
6529b6d35e9c100059728da0719dfb878b2ce9c9
83041f474cd8f19a0fe15b9b61b2662bb4a54a4ddb7644bfa0c22ce263d16e56

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Sep 2024 19:13:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

POST region1.analytics.google.com/g/collect?v=2&tid=G-XDSPBT0502&gtm=45je4940v9124160260za200&_p=1725650035144&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=198881589.1725650036&ul=en-us&sr=1280x1024&_ng=1&ir=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&dp=%2Fhash%2Fd5ca3c2507902969c8bb8cfd497175066b916a23&dl=https%3A%2F%2Fdownloadtorrentfile.com%2Fhash%2Fd5ca3c2507902969c8bb8cfd497175066b916a23%3Fname%3DTerapia%2520Intensiva&sid=1725650035&sct=1&seg=0&dt=Download%20Torrent&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1731

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-XDSPBT0502&gtm=45je4940v9124160260za200&_p=1725650035144&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=198881589.1725650036&ul=en-us&sr=1280x1024&_ng=1&ir=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&dp=%2Fhash%2Fd5ca3c2507902969c8bb8cfd497175066b916a23&dl=https%3A%2F%2Fdownloadtorrentfile.com%2Fhash%2Fd5ca3c2507902969c8bb8cfd497175066b916a23%3Fname%3DTerapia%2520Intensiva&sid=1725650035&sct=1&seg=0&dt=Download%20Torrent&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1731
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE1:54:98:CD:9D:7A:BD:80:E1:F7:F7:9E:4A:C0:BA:A2:F1:F0:5D:C0
ValidityMon, 12 Aug 2024 06:33:44 GMT - Mon, 04 Nov 2024 06:33:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-XDSPBT0502&gtm=45je4940v9124160260za200&_p=1725650035144&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=198881589.1725650036&ul=en-us&sr=1280x1024&_ng=1&ir=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&dp=%2Fhash%2Fd5ca3c2507902969c8bb8cfd497175066b916a23&dl=https%3A%2F%2Fdownloadtorrentfile.com%2Fhash%2Fd5ca3c2507902969c8bb8cfd497175066b916a23%3Fname%3DTerapia%2520Intensiva&sid=1725650035&sct=1&seg=0&dt=Download%20Torrent&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1731 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downloadtorrentfile.com/
Origin: https://downloadtorrentfile.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://downloadtorrentfile.com
date: Fri, 06 Sep 2024 19:13:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET whiskeydepositopinion.com/e4/5c/a0/e45ca05da468385a15fff1f63aa1e3df.js

192.243.59.20

200 OK

16 kB

URL GET HTTP/1.1
whiskeydepositopinion.com/e4/5c/a0/e45ca05da468385a15fff1f63aa1e3df.js
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerLet's Encrypt
Subjectwhiskeydepositopinion.com
Fingerprint21:AE:B3:74:27:F4:4F:83:0E:B6:C8:2D:44:55:BB:11:1D:94:F3:3B
ValidityFri, 09 Aug 2024 05:35:08 GMT - Thu, 07 Nov 2024 05:35:07 GMT

File type
JavaScript source, ASCII text, with very long lines (44098), with no line terminators
Size
16 kB (15926 bytes)
Hash
872875292db1265fd3586b4e392df141
bd0a8156f15c568974de91e0571156f6cfcb1cef
a0b998bf1b9edbfa1b424822b810b3210f4d4788df112aac312ad2ae36a430ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /e4/5c/a0/e45ca05da468385a15fff1f63aa1e3df.js HTTP/1.1
Host: whiskeydepositopinion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 06 Sep 2024 19:13:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: d3867621faa08a38e3752862c0c7cd2a
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-XDSPBT0502&cid=198881589.1725650036&gtm=45je4940v9124160260za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1741906633

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-XDSPBT0502&cid=198881589.1725650036&gtm=45je4940v9124160260za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1741906633
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerGoogle Trust Services
Subject*.google.no
Fingerprint2A:DA:C1:0D:49:17:7D:23:73:D3:B7:3B:D1:E5:34:CC:6A:CD:A3:8E
ValidityMon, 12 Aug 2024 07:27:26 GMT - Mon, 04 Nov 2024 07:27:25 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-XDSPBT0502&cid=198881589.1725650036&gtm=45je4940v9124160260za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1741906633 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 06 Sep 2024 19:13:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET d24ak3f2b.top/advertisers.js

172.240.127.240

200 OK

0 B

URL GET HTTP/1.1
d24ak3f2b.top/advertisers.js
IP
172.240.127.240:443
ASN
#7979 SERVERS-COM

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerLet's Encrypt
Subjectd24ak3f2b.top
Fingerprint17:DF:AA:83:E5:F4:26:16:B9:91:AD:9A:75:71:FC:1F:DB:D1:B4:BF
ValidityTue, 09 Jul 2024 08:14:52 GMT - Mon, 07 Oct 2024 08:14:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: d24ak3f2b.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 06 Sep 2024 19:13:56 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
89841877dc4ddbe038884eb25d89fc53
6529b6d35e9c100059728da0719dfb878b2ce9c9
83041f474cd8f19a0fe15b9b61b2662bb4a54a4ddb7644bfa0c22ce263d16e56

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Sep 2024 19:13:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
8ec1900bdf34d91c17b95d1df9a45502
eb7c01ea76157656b5d0d771b256fcfb3181ffb9
32aad19386555a024ecd0900e43248f402782bfdb3d6868b362642be1e588902

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 06 Sep 2024 19:13:56 GMT
Last-Modified: Fri, 06 Sep 2024 18:01:05 GMT
Server: ECAcc (ska/F757)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2iUB_M59h4uBq9RUZWdJXfA5c_qsIdBPR0j2Rq6zKcqw9LXgXVaV1g==
Age: 4371

GET proftrafficcounter.com/stats

18.158.173.128

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.158.173.128:443
ASN
#16509 AMAZON-02

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
1335d794c505256fc8cf54e11bc64131
796e823e7abedee86ad17a51252d1557ba249eb6
45cdd9ecf48ba4d683cd31510029db9026f5aff810b40f51239f57036ee29eea

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://downloadtorrentfile.com
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 06 Sep 2024 19:13:56 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://downloadtorrentfile.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=3fcf74da-c2be-4d26-9785-07a6b4fb25ad:3:1; expires=Mon, 04 Sep 2034 19:13:56 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET downloadtorrentfile.com/js/chunk-vendors.7eb1e6ea.js

172.67.145.22

200 OK

9.4 kB

URL GET HTTP/3
downloadtorrentfile.com/js/chunk-vendors.7eb1e6ea.js
IP
172.67.145.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerGoogle Trust Services
Subjectdownloadtorrentfile.com
FingerprintB5:BB:9C:06:D8:43:34:84:BE:B5:E9:63:0E:65:C7:DB:BE:8F:1A:AF
ValidityWed, 07 Aug 2024 00:07:45 GMT - Tue, 05 Nov 2024 00:07:44 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (25505), with no line terminators
Size
9.4 kB (9379 bytes)
Hash
f61373392c9f60de7d8463e3c62d27d7
ffdccf4a2ef9a3cf856165a76a8363dfbdcacb06
779dca7f0f197fa60064dca564898c7751eb5ff1fd82b14fa7d9adb23b02203f

HTTP Headers

GET /js/chunk-vendors.7eb1e6ea.js HTTP/1.1
Host: downloadtorrentfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Cookie: ge_js_validator_27=1725649972@27@91768bda7d20c693a19575ed096c4a95
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 06 Sep 2024 19:13:54 GMT
content-type: application/javascript; charset=utf-8
cf-bgj: minify
etag: W/"64d04f4e-63a2"
last-modified: Wed, 10 Jul 2024 12:06:10 GMT
vary: Accept-Encoding
x-cache: HIT, policy, disk
cache-control: max-age=14400
cf-cache-status: HIT
age: 1423
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GdmdthNmYbZJgJh7aHxKzFCHxLIF3FYZe6jyCaCPFgUcz94HnoXDoToiQ3V5zSQOTVTriSdvBsM3wjtk5K4ZxakhgC0zYqHfAXnpWptw%2FxnCX3tsMUNYgM%2FMYTyr5ntSt29xZE40f5rrIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bf0c76ddb6f56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
3e1e107f9530afb657ad426d0a21b388
07006f1c3ec8e071a1f1fa56fbe5569edce67f74
38c0123802167bc4365d7349670a2c0f2a62445cb85bb3528d3202a4bf5a4232

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "38C0123802167BC4365D7349670A2C0F2A62445CB85BB3528D3202A4BF5A4232"
Last-Modified: Thu, 05 Sep 2024 02:45:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19330
Expires: Sat, 07 Sep 2024 00:36:07 GMT
Date: Fri, 06 Sep 2024 19:13:57 GMT
Connection: keep-alive

GET unseenreport.com/pxf.gif?uuid=3fcf74da-c2be-4d26-9785-07a6b4fb25ad&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=a2ce64afd3c1c10fe7fdbb6234980cc8&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19

192.243.59.13

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=3fcf74da-c2be-4d26-9785-07a6b4fb25ad&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=a2ce64afd3c1c10fe7fdbb6234980cc8&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintD9:3D:28:C1:14:1B:2B:53:0E:E4:3E:FC:88:7A:FF:9C:45:4B:63:C7
ValiditySat, 20 Jul 2024 14:59:20 GMT - Fri, 18 Oct 2024 14:59:19 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=3fcf74da-c2be-4d26-9785-07a6b4fb25ad&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=a2ce64afd3c1c10fe7fdbb6234980cc8&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 06 Sep 2024 19:13:57 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 0be08f8c9f0ea93fbea220937997be2e
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET unseenreport.com/pxf.gif?uuid=3fcf74da-c2be-4d26-9785-07a6b4fb25ad&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=e45ca05da468385a15fff1f63aa1e3df&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19

192.243.59.13

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=3fcf74da-c2be-4d26-9785-07a6b4fb25ad&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=e45ca05da468385a15fff1f63aa1e3df&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintD9:3D:28:C1:14:1B:2B:53:0E:E4:3E:FC:88:7A:FF:9C:45:4B:63:C7
ValiditySat, 20 Jul 2024 14:59:20 GMT - Fri, 18 Oct 2024 14:59:19 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=3fcf74da-c2be-4d26-9785-07a6b4fb25ad&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=e45ca05da468385a15fff1f63aa1e3df&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 06 Sep 2024 19:13:57 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: ee272ead2004843acfb50774c1835347
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET recordedthereby.com/sfp.js

188.114.96.1

200 OK

37 kB

URL GET HTTP/3
recordedthereby.com/sfp.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerGoogle Trust Services
Subjectrecordedthereby.com
Fingerprint76:BA:7B:D2:DF:8D:D1:44:66:52:F9:0D:A1:78:12:89:6C:3F:0F:03
ValidityTue, 03 Sep 2024 16:10:32 GMT - Mon, 02 Dec 2024 16:10:31 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
37 kB (36602 bytes)
Hash
7e3e44049654b6e244c1777e68ffb8e7
8f2a8298666d607afd92a0baa362ef4dc9ccd039
4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 06 Sep 2024 19:13:55 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache, max-age=0, private, no-cache
x-request-id: 1acd32654ed3b53683d79522224801f5
pragma: no-cache
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lDAQUr6b%2FffdhvX%2FNO1U6SA5wJNNzZIlY9mAz4OCVMY5WIwM%2BSdnsgDM8ztYFMQTvr1f6ueBrhCnDMsipES0YnPBPEK4mbTYx2waSTVaqBbeSSHFcTzprIUg58U0xSzSELmjrOP9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bf0c772a91956a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET whiskeydepositopinion.com/sbar.json?key=e45ca05da468385a15fff1f63aa1e3df&uuid=3fcf74da-c2be-4d26-9785-07a6b4fb25ad%3A3%3A1

192.243.59.20

200 OK

8.2 kB

URL GET HTTP/1.1
whiskeydepositopinion.com/sbar.json?key=e45ca05da468385a15fff1f63aa1e3df&uuid=3fcf74da-c2be-4d26-9785-07a6b4fb25ad%3A3%3A1
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerLet's Encrypt
Subjectwhiskeydepositopinion.com
Fingerprint21:AE:B3:74:27:F4:4F:83:0E:B6:C8:2D:44:55:BB:11:1D:94:F3:3B
ValidityFri, 09 Aug 2024 05:35:08 GMT - Thu, 07 Nov 2024 05:35:07 GMT

File type
JSON text data
Size
8.2 kB (8212 bytes)
Hash
e62dbdc1b05d6d2d0407f0c9c88f0516
07f7d16cc3b78203045e97a15ba92cb0d95bbd4d
a83cdef312a9f2d398e39507ac3ad8882b19bcdb673ee5d3665793e85dfb85f4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=e45ca05da468385a15fff1f63aa1e3df&uuid=3fcf74da-c2be-4d26-9785-07a6b4fb25ad%3A3%3A1 HTTP/1.1
Host: whiskeydepositopinion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://downloadtorrentfile.com
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 06 Sep 2024 19:14:11 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://downloadtorrentfile.com
Access-Control-Allow-Origin: https://downloadtorrentfile.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16064005; expires=Sat, 07 Sep 2024 19:14:11 GMT; path=/; secure; SameSite=None
uid_id2=3fcf74da-c2be-4d26-9785-07a6b4fb25ad:3:1; expires=Fri, 13 Sep 2024 19:14:11 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Sat, 07 Sep 2024 19:14:11 GMT; path=/; secure; SameSite=None
uncs=1; expires=Sat, 07 Sep 2024 19:14:11 GMT; path=/; secure; SameSite=None
pdhtkv29=true; expires=Sat, 07 Sep 2024 19:14:11 GMT; path=/; secure; SameSite=None
uncs29=1; expires=Sat, 07 Sep 2024 19:14:11 GMT; path=/; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 6a9b592440e47c956ca2a7c6aad81ac8
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET whiskeydepositopinion.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitnmy8BARDwIMoffCg4k66e2Z6ZsxBXOPqkjUJSUQFQaq7qmfLqe5qqvrH7J4WVyTHYS9ee9%2FsZjEJohf1YpDegIeAsKOXRdx%2FQvQsMy6Ofof%2B3vve1%2FDqVX2%2Bl58SDzk9ufqu2hJS0sudpmO%2F9IHrXrHXRZKP7FHP%2F9hvX7F18Vrfbzov22%2FzcKgue47rOK7j2qtC80iNLs9EiPRh3232nWbba7qdNkb6%2F9zkFgy1wIpTchGCTZceW5cgwhpJ%2FPVVboaZSl99K84lzZRGwQ7fS4aJKhPECxhpC1FyeLYNZY5XH0ElB3O7UMW%2Fi4GYEuunRwiSwzOTCIr9uc9AgicI2AWURQ0uawhaI1Q7EOyYACHD9RtI4nvXlS7p5j8qnalTsvTXHxDllCz9fglJ%2FNWKFCP7tpJ5JlRiMIoqiFENMaiR5kfIthoQ5RHC7FMI9jNxnr2AJH7wztH3hRjaBddDCHbyYisKo26b0eXQC%2Fhym3n%2Bcr%2Fb6yw7XeoH7SjwOpTNcxKihohqSD4GNeeQGwu5sJBHFvLUQsxO7NB13a7DQur0%2BmHYYl0e%2BMxxaTdyqev4PeTh7ChjZOkYoRwj1NtI9TaGYgyd%2FwizUcEwCyYjKFiFkhOUhqCkBKUgKDOCsqgOmDSeqe4xafLAPeveWW9VE5UN9uiBygY8IaB6DM2qvfSUPDPP8c8XzmPIT2ze7oTU6TDa9nutXoe6nSiK3MhvUeryFotgRAVhGqDGwpaYkvOfrSAVU9L4qEZAj2DkEUJxETR%2FHrSsQDcqbCXfMVUmUlGWKa15kkVC8maoYjBVIc2WkG1ae%2FKUPDc3c%2B2LXfDwCTkrhLpCqit8Ih4TDOTdyS1Vkv1bqjTkmxtpJmKxRWcXfjujGX%2Fq%2FjW%2BWSrN1q6a8ZdvhDNhBh%2Fe4SZbpwkTycCQByuCMa5XlQ45%2BWHNvM%2BDm7nZWMl1kqfrN99cXYtTzY0RKqlBxfGHuwjFlDz97fr8Jb9i%2Fwqha%2Bi8QpwvnApVI0y3YdLFzCgCLRc8SC2UeTXRXrAYSkEg%2BYLToIL5Dw8WeKLp7G8qqj1zFwPdAM12kMQVCl2hkBWoHMPk5yZZqp%2B8%2FktrXghkYxJI3dgPpJa785Bnn%2Fsw4sTutloO9fsdt9ulvBu0vV7ku4xSr%2B17vk9byMw0%2Bu3Ozt8BAAD%2F%2F3x30UajBAAA

192.243.59.20

200 OK

7 B

URL GET HTTP/1.1
whiskeydepositopinion.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitnmy8BARDwIMoffCg4k66e2Z6ZsxBXOPqkjUJSUQFQaq7qmfLqe5qqvrH7J4WVyTHYS9ee9%2FsZjEJohf1YpDegIeAsKOXRdx%2FQvQsMy6Ofof%2B3vve1%2FDqVX2%2Bl58SDzk9ufqu2hJS0sudpmO%2F9IHrXrHXRZKP7FHP%2F9hvX7F18Vrfbzov22%2FzcKgue47rOK7j2qtC80iNLs9EiPRh3232nWbba7qdNkb6%2F9zkFgy1wIpTchGCTZceW5cgwhpJ%2FPVVboaZSl99K84lzZRGwQ7fS4aJKhPECxhpC1FyeLYNZY5XH0ElB3O7UMW%2Fi4GYEuunRwiSwzOTCIr9uc9AgicI2AWURQ0uawhaI1Q7EOyYACHD9RtI4nvXlS7p5j8qnalTsvTXHxDllCz9fglJ%2FNWKFCP7tpJ5JlRiMIoqiFENMaiR5kfIthoQ5RHC7FMI9jNxnr2AJH7wztH3hRjaBddDCHbyYisKo26b0eXQC%2Fhym3n%2Bcr%2Fb6yw7XeoH7SjwOpTNcxKihohqSD4GNeeQGwu5sJBHFvLUQsxO7NB13a7DQur0%2BmHYYl0e%2BMxxaTdyqev4PeTh7ChjZOkYoRwj1NtI9TaGYgyd%2FwizUcEwCyYjKFiFkhOUhqCkBKUgKDOCsqgOmDSeqe4xafLAPeveWW9VE5UN9uiBygY8IaB6DM2qvfSUPDPP8c8XzmPIT2ze7oTU6TDa9nutXoe6nSiK3MhvUeryFotgRAVhGqDGwpaYkvOfrSAVU9L4qEZAj2DkEUJxETR%2FHrSsQDcqbCXfMVUmUlGWKa15kkVC8maoYjBVIc2WkG1ae%2FKUPDc3c%2B2LXfDwCTkrhLpCqit8Ih4TDOTdyS1Vkv1bqjTkmxtpJmKxRWcXfjujGX%2Fq%2FjW%2BWSrN1q6a8ZdvhDNhBh%2Fe4SZbpwkTycCQByuCMa5XlQ45%2BWHNvM%2BDm7nZWMl1kqfrN99cXYtTzY0RKqlBxfGHuwjFlDz97fr8Jb9i%2Fwqha%2Bi8QpwvnApVI0y3YdLFzCgCLRc8SC2UeTXRXrAYSkEg%2BYLToIL5Dw8WeKLp7G8qqj1zFwPdAM12kMQVCl2hkBWoHMPk5yZZqp%2B8%2FktrXghkYxJI3dgPpJa785Bnn%2Fsw4sTutloO9fsdt9ulvBu0vV7ku4xSr%2B17vk9byMw0%2Bu3Ozt8BAAD%2F%2F3x30UajBAAA
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerLet's Encrypt
Subjectwhiskeydepositopinion.com
Fingerprint21:AE:B3:74:27:F4:4F:83:0E:B6:C8:2D:44:55:BB:11:1D:94:F3:3B
ValidityFri, 09 Aug 2024 05:35:08 GMT - Thu, 07 Nov 2024 05:35:07 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitnmy8BARDwIMoffCg4k66e2Z6ZsxBXOPqkjUJSUQFQaq7qmfLqe5qqvrH7J4WVyTHYS9ee9%2FsZjEJohf1YpDegIeAsKOXRdx%2FQvQsMy6Ofof%2B3vve1%2FDqVX2%2Bl58SDzk9ufqu2hJS0sudpmO%2F9IHrXrHXRZKP7FHP%2F9hvX7F18Vrfbzov22%2FzcKgue47rOK7j2qtC80iNLs9EiPRh3232nWbba7qdNkb6%2F9zkFgy1wIpTchGCTZceW5cgwhpJ%2FPVVboaZSl99K84lzZRGwQ7fS4aJKhPECxhpC1FyeLYNZY5XH0ElB3O7UMW%2Fi4GYEuunRwiSwzOTCIr9uc9AgicI2AWURQ0uawhaI1Q7EOyYACHD9RtI4nvXlS7p5j8qnalTsvTXHxDllCz9fglJ%2FNWKFCP7tpJ5JlRiMIoqiFENMaiR5kfIthoQ5RHC7FMI9jNxnr2AJH7wztH3hRjaBddDCHbyYisKo26b0eXQC%2Fhym3n%2Bcr%2Fb6yw7XeoH7SjwOpTNcxKihohqSD4GNeeQGwu5sJBHFvLUQsxO7NB13a7DQur0%2BmHYYl0e%2BMxxaTdyqev4PeTh7ChjZOkYoRwj1NtI9TaGYgyd%2FwizUcEwCyYjKFiFkhOUhqCkBKUgKDOCsqgOmDSeqe4xafLAPeveWW9VE5UN9uiBygY8IaB6DM2qvfSUPDPP8c8XzmPIT2ze7oTU6TDa9nutXoe6nSiK3MhvUeryFotgRAVhGqDGwpaYkvOfrSAVU9L4qEZAj2DkEUJxETR%2FHrSsQDcqbCXfMVUmUlGWKa15kkVC8maoYjBVIc2WkG1ae%2FKUPDc3c%2B2LXfDwCTkrhLpCqit8Ih4TDOTdyS1Vkv1bqjTkmxtpJmKxRWcXfjujGX%2Fq%2FjW%2BWSrN1q6a8ZdvhDNhBh%2Fe4SZbpwkTycCQByuCMa5XlQ45%2BWHNvM%2BDm7nZWMl1kqfrN99cXYtTzY0RKqlBxfGHuwjFlDz97fr8Jb9i%2Fwqha%2Bi8QpwvnApVI0y3YdLFzCgCLRc8SC2UeTXRXrAYSkEg%2BYLToIL5Dw8WeKLp7G8qqj1zFwPdAM12kMQVCl2hkBWoHMPk5yZZqp%2B8%2FktrXghkYxJI3dgPpJa785Bnn%2Fsw4sTutloO9fsdt9ulvBu0vV7ku4xSr%2B17vk9byMw0%2Bu3Ozt8BAAD%2F%2F3x30UajBAAA HTTP/1.1
Host: whiskeydepositopinion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Cookie: u_pl=16064005; uid_id2=3fcf74da-c2be-4d26-9785-07a6b4fb25ad:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 06 Sep 2024 19:14:11 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 66e11cc889b35a3f5f8810310b7cbf5e
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET whiskeydepositopinion.com/pixel/sbls?bv=24.36.3797&tmpl=482&u=https%3A%2F%2Fcdn.show-creative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Findex.html&l=1553&fd=545

192.243.59.20

200 OK

0 B

URL GET HTTP/1.1
whiskeydepositopinion.com/pixel/sbls?bv=24.36.3797&tmpl=482&u=https%3A%2F%2Fcdn.show-creative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Findex.html&l=1553&fd=545
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerLet's Encrypt
Subjectwhiskeydepositopinion.com
Fingerprint21:AE:B3:74:27:F4:4F:83:0E:B6:C8:2D:44:55:BB:11:1D:94:F3:3B
ValidityFri, 09 Aug 2024 05:35:08 GMT - Thu, 07 Nov 2024 05:35:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.36.3797&tmpl=482&u=https%3A%2F%2Fcdn.show-creative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Findex.html&l=1553&fd=545 HTTP/1.1
Host: whiskeydepositopinion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Cookie: u_pl=16064005; uid_id2=3fcf74da-c2be-4d26-9785-07a6b4fb25ad:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 06 Sep 2024 19:14:12 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET cdn.creative-stat1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/img/1.jpg

188.114.96.1

200 OK

36 kB

URL GET HTTP/2
cdn.creative-stat1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/img/1.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintF8:81:29:04:51:9E:EB:84:A7:36:0A:98:7D:E7:09:9D:A2:5D:A7:79
ValidityTue, 20 Aug 2024 16:31:08 GMT - Mon, 18 Nov 2024 16:31:07 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x320, components 3
Size
36 kB (36061 bytes)
Hash
fc90b66d3831faf345c0a6173f02746f
4f5310e4fb903bdd4dceaa5d4095e48a83673a69
a2b1cc40143d3a9c13f5ffb5040a72ad972bc7d285c7eceef8708efe369fdeb4

HTTP Headers

GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/img/1.jpg HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Sep 2024 19:14:12 GMT
content-type: image/jpeg
content-length: 36061
last-modified: Thu, 01 Feb 2024 14:48:15 GMT
etag: "65bbaf2f-8cdd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 889528
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NQccDyIWzWe7BktApB3QscXuZl2c3TmiWmGEfxxUbHwMcaUCCIJ30Pvq0oI3hsCXHwJZiXKs8I3ug3E6C%2BC123lyfKLxSF5b96Rh1P0gf%2FuWJZfbwKcI1w2vWM4yJVX%2BQhPUwn7ivQzu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bf0c7dc7beb56a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f80e0dfd2f0d8e08c104a34ea870920a
b422627dbd59c1d086ccc1a962a5fd11058155de
c2edda42d99a45b7fc455d66ee9480d9742d85ac75ba31b53db9747843a98546

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Sep 2024 19:14:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

200 OK

1.2 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint9F:01:79:20:AD:58:33:6E:BF:F2:BF:DA:69:ED:BD:8D:19:F9:2D:D9
ValidityMon, 12 Aug 2024 07:18:03 GMT - Mon, 04 Nov 2024 07:18:02 GMT

File type
gzip compressed data, max compression
Size
1.2 kB (1188 bytes)
Hash
58b460176d683466d1d7df6a639523b0
107762802fa4e8840eddc6efe7078892a9cbc7fb
6ae97c0cf681cba313d31a7afcb48fc18f3f5b11c4461b38ff236465e436fb54

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 06 Sep 2024 19:14:12 GMT
date: Fri, 06 Sep 2024 19:14:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET cdn.show-creative1.com/sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/index.html

172.67.208.42

200 OK

1.4 kB

URL GET HTTP/2
cdn.show-creative1.com/sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/index.html
IP
172.67.208.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerGoogle Trust Services
Subjectshow-creative1.com
Fingerprint2C:84:C0:DA:8F:5C:A7:50:3A:76:B0:36:FB:1E:3C:92:78:B8:5B:03
ValidityTue, 20 Aug 2024 17:20:56 GMT - Mon, 18 Nov 2024 17:20:55 GMT

File type
HTML document, ASCII text
Size
1.4 kB (1444 bytes)
Hash
ce4be93e7b99025fb8589f1f77328164
cdf30c3570f7c7ed0840ba7fe72abeeae9c29988
892770f87203561e88170098d4d7bf67c604abc086e165cbe07782aab5514a38

HTTP Headers

GET /sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/index.html HTTP/1.1
Host: cdn.show-creative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://downloadtorrentfile.com
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 06 Sep 2024 19:14:12 GMT
content-type: text/html
last-modified: Thu, 01 Feb 2024 14:48:10 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HPf%2BcmU8lXTy2GH7%2BqM6bcsu8dy36shpT%2FBquj9AvNQpTxe6RGOl50H75MVCTvQbWaQHjQKqhOr72uugITwVqXG9RnsmmuOb1ueY9%2BxiSUGB24lIdVN9pWfPF3D9eEqnGYm%2BVNJO46%2Fq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bf0c7d7ffcab4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET whiskeydepositopinion.com/pixel/sbls?bv=24.36.3797&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Fjs%2Fscript.js&l=386&fd=591

192.243.59.20

200 OK

0 B

URL GET HTTP/1.1
whiskeydepositopinion.com/pixel/sbls?bv=24.36.3797&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Fjs%2Fscript.js&l=386&fd=591
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerLet's Encrypt
Subjectwhiskeydepositopinion.com
Fingerprint21:AE:B3:74:27:F4:4F:83:0E:B6:C8:2D:44:55:BB:11:1D:94:F3:3B
ValidityFri, 09 Aug 2024 05:35:08 GMT - Thu, 07 Nov 2024 05:35:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.36.3797&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Fjs%2Fscript.js&l=386&fd=591 HTTP/1.1
Host: whiskeydepositopinion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Cookie: u_pl=16064005; uid_id2=3fcf74da-c2be-4d26-9785-07a6b4fb25ad:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 06 Sep 2024 19:14:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET cdn.creative-stat1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/css/animate.css

188.114.96.1

200 OK

4.9 kB

URL GET HTTP/2
cdn.creative-stat1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/css/animate.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintF8:81:29:04:51:9E:EB:84:A7:36:0A:98:7D:E7:09:9D:A2:5D:A7:79
ValidityTue, 20 Aug 2024 16:31:08 GMT - Mon, 18 Nov 2024 16:31:07 GMT

File type
ASCII text
Size
4.9 kB (4869 bytes)
Hash
80047eaa13ebd50c50e8a9753621e430
9c503e07d130572a0eaf51f7c02cbd4cf6213fe3
3f831a59615f8d5d40b4340b2836f91438c876f8dbce75f78e38360d6fe0f429

HTTP Headers

GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/css/animate.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://downloadtorrentfile.com
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 06 Sep 2024 19:14:13 GMT
content-type: text/css
last-modified: Thu, 01 Feb 2024 14:48:12 GMT
etag: W/"65bbaf2c-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VpJiAVh4r%2BupXQFJ6s%2BD2iUy2774LcxgSZBTZJrmNT%2BSvCyYq7pKWGJ6wy9aKE35ITSDBsmV9b0FBTaALOuku5Ujc4o6%2FHQwQ2bnXf7tEXPLdRF2239rVhaZ%2BFY1rQiCOpZBGT78FO23"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bf0c7dc6be456a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2f32f31431b0e85fc4dff6612c673113
e53cfa801c7d4e1b3dba5704d0ff96b447ffb1fe
128351609b5b8e9b6ba9d6f2d6af86b189fe4d72f99f0b05663766d9abbf2886

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Sep 2024 19:14:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.131

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintA8:8E:91:B3:04:E9:C9:F3:CD:3D:27:83:B0:53:22:C0:21:23:9A:92
ValidityMon, 12 Aug 2024 07:17:58 GMT - Mon, 04 Nov 2024 07:17:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18596, version 1.0
Size
19 kB (18596 bytes)
Hash
c83e4437a53d7f849f9d32df3d6b68f3
fabea5ad92ed3e2431659b02e7624df30d0c6bbc
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

HTTP Headers

GET /s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://downloadtorrentfile.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18596
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Sep 2024 21:32:14 GMT
expires: Thu, 04 Sep 2025 21:32:14 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
age: 164519
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET whiskeydepositopinion.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitnmy8BARDwIMoffCg4k665%2Feag7jG1ZA1CUlEBUHqV0%2FKqe5qqvrHZE%2FBiOQ45OK1981uFpMgelEvBukNeAgIO3pZxP0nRM8y4%2BLod%2Bjvve99Da9e1efb%2BRFpIaeH5981W0prerbbDPyXPgjDc%2F6mSvKxPx70Pu51zvm2eG2t1wxe9t%2BWfGTOtoIwCMIg9DeUlZEZn52LUOnDtbC5FjQ7rWbY7WBs%2F89d7sFRD6I4IqehxGzlsXcGitdI4q%2FPSzfKTPrqW3GuaWYsCrH3XjJKTJkgXsLIeoiSveNtGHew8Qgm2V3YhSn%2BXWRqRryfHoEle8cmwYqdhU%2BmIRMwcQplUUPqGorW4OY2lDggABe4dBlJfO%2BSsSW9%2BY9K5%2BqMrPz1B1Q5Iyu%2Fn0ESf7Wu1di%2FZnSeKZM4jKMKalxDDWuk%2BT6yrQZUuQ%2BefQolfibBs6eQxA%2Fe2f%2B%2BUCO%2FkHYEJQ5fbEc86ncEXeUtJlc7otVbXesPuqtBn%2FZYJ2KtLhWLnJSqoaIaWk5A3QnkzkOuPOSRhzz1EItDn4dh2A8Ep8FgjfO26EvWE0FI%2B1FIw6A3QM7nR5kgSyfgegJubyG1tzBSE9j8R7gbFZzw4DKCQlQoJUHpCEpKUCqCMiMoi2pXaNdy1T2hXc7C49467u1qarLhNt012VAmBNROYEW1nR6RZxY5%2FvnCSYzkoS87XU6DrqCd3qA96NKwG0VRGPXalIayLSI4VUG5BqjzsKVm5ORn60jVjDQ%2BqsHoPpzeB1enQfPnQcsK9EaFreQ7YcpEGyoyY61Mskhp2eQmhjAV0mwF2U1vWx%2BR5xZmLn5xF5I%2FIccFbiuktsIn6jHBUN%2BZXjUl2blqSke%2BuZxmKlZbdH7h1zKayafuX5Q3S2PFhfNu8uUbfC7M4cPr0mWbNBEqGTryYF0JIe2GsVySHy649yW7krsb67lN8nTzypsbF%2BLUSueUSWpQdfDhXXA1I09%2Fu7l4ya%2F4v0LZGjavEOdLp8rU4OktuHQ5c4bA6iVnqYcyr6a2xZZDrQi0XHLKKrj%2FcLbEU0vnf1NVbbs7GNoGaHYbSVyhsBUKXYHqCVx%2BYpql9snrv7QXBaYbU6ZtY4dpq%2B8uQp5%2F7sOpQ78diD6Tkewz2el2IskF63ZZwCPO2mIw4MjcLPrt%2Bu2%2FAwAA%2F%2F%2F8owSuowQAAA%3D%3D

192.243.59.20

200 OK

7 B

URL GET HTTP/1.1
whiskeydepositopinion.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitnmy8BARDwIMoffCg4k665%2Feag7jG1ZA1CUlEBUHqV0%2FKqe5qqvrHZE%2FBiOQ45OK1981uFpMgelEvBukNeAgIO3pZxP0nRM8y4%2BLod%2Bjvve99Da9e1efb%2BRFpIaeH5981W0prerbbDPyXPgjDc%2F6mSvKxPx70Pu51zvm2eG2t1wxe9t%2BWfGTOtoIwCMIg9DeUlZEZn52LUOnDtbC5FjQ7rWbY7WBs%2F89d7sFRD6I4IqehxGzlsXcGitdI4q%2FPSzfKTPrqW3GuaWYsCrH3XjJKTJkgXsLIeoiSveNtGHew8Qgm2V3YhSn%2BXWRqRryfHoEle8cmwYqdhU%2BmIRMwcQplUUPqGorW4OY2lDggABe4dBlJfO%2BSsSW9%2BY9K5%2BqMrPz1B1Q5Iyu%2Fn0ESf7Wu1di%2FZnSeKZM4jKMKalxDDWuk%2BT6yrQZUuQ%2BefQolfibBs6eQxA%2Fe2f%2B%2BUCO%2FkHYEJQ5fbEc86ncEXeUtJlc7otVbXesPuqtBn%2FZYJ2KtLhWLnJSqoaIaWk5A3QnkzkOuPOSRhzz1EItDn4dh2A8Ep8FgjfO26EvWE0FI%2B1FIw6A3QM7nR5kgSyfgegJubyG1tzBSE9j8R7gbFZzw4DKCQlQoJUHpCEpKUCqCMiMoi2pXaNdy1T2hXc7C49467u1qarLhNt012VAmBNROYEW1nR6RZxY5%2FvnCSYzkoS87XU6DrqCd3qA96NKwG0VRGPXalIayLSI4VUG5BqjzsKVm5ORn60jVjDQ%2BqsHoPpzeB1enQfPnQcsK9EaFreQ7YcpEGyoyY61Mskhp2eQmhjAV0mwF2U1vWx%2BR5xZmLn5xF5I%2FIccFbiuktsIn6jHBUN%2BZXjUl2blqSke%2BuZxmKlZbdH7h1zKayafuX5Q3S2PFhfNu8uUbfC7M4cPr0mWbNBEqGTryYF0JIe2GsVySHy649yW7krsb67lN8nTzypsbF%2BLUSueUSWpQdfDhXXA1I09%2Fu7l4ya%2F4v0LZGjavEOdLp8rU4OktuHQ5c4bA6iVnqYcyr6a2xZZDrQi0XHLKKrj%2FcLbEU0vnf1NVbbs7GNoGaHYbSVyhsBUKXYHqCVx%2BYpql9snrv7QXBaYbU6ZtY4dpq%2B8uQp5%2F7sOpQ78diD6Tkewz2el2IskF63ZZwCPO2mIw4MjcLPrt%2Bu2%2FAwAA%2F%2F%2F8owSuowQAAA%3D%3D
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerLet's Encrypt
Subjectwhiskeydepositopinion.com
Fingerprint21:AE:B3:74:27:F4:4F:83:0E:B6:C8:2D:44:55:BB:11:1D:94:F3:3B
ValidityFri, 09 Aug 2024 05:35:08 GMT - Thu, 07 Nov 2024 05:35:07 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitnmy8BARDwIMoffCg4k665%2Feag7jG1ZA1CUlEBUHqV0%2FKqe5qqvrHZE%2FBiOQ45OK1981uFpMgelEvBukNeAgIO3pZxP0nRM8y4%2BLod%2Bjvve99Da9e1efb%2BRFpIaeH5981W0prerbbDPyXPgjDc%2F6mSvKxPx70Pu51zvm2eG2t1wxe9t%2BWfGTOtoIwCMIg9DeUlZEZn52LUOnDtbC5FjQ7rWbY7WBs%2F89d7sFRD6I4IqehxGzlsXcGitdI4q%2FPSzfKTPrqW3GuaWYsCrH3XjJKTJkgXsLIeoiSveNtGHew8Qgm2V3YhSn%2BXWRqRryfHoEle8cmwYqdhU%2BmIRMwcQplUUPqGorW4OY2lDggABe4dBlJfO%2BSsSW9%2BY9K5%2BqMrPz1B1Q5Iyu%2Fn0ESf7Wu1di%2FZnSeKZM4jKMKalxDDWuk%2BT6yrQZUuQ%2BefQolfibBs6eQxA%2Fe2f%2B%2BUCO%2FkHYEJQ5fbEc86ncEXeUtJlc7otVbXesPuqtBn%2FZYJ2KtLhWLnJSqoaIaWk5A3QnkzkOuPOSRhzz1EItDn4dh2A8Ep8FgjfO26EvWE0FI%2B1FIw6A3QM7nR5kgSyfgegJubyG1tzBSE9j8R7gbFZzw4DKCQlQoJUHpCEpKUCqCMiMoi2pXaNdy1T2hXc7C49467u1qarLhNt012VAmBNROYEW1nR6RZxY5%2FvnCSYzkoS87XU6DrqCd3qA96NKwG0VRGPXalIayLSI4VUG5BqjzsKVm5ORn60jVjDQ%2BqsHoPpzeB1enQfPnQcsK9EaFreQ7YcpEGyoyY61Mskhp2eQmhjAV0mwF2U1vWx%2BR5xZmLn5xF5I%2FIccFbiuktsIn6jHBUN%2BZXjUl2blqSke%2BuZxmKlZbdH7h1zKayafuX5Q3S2PFhfNu8uUbfC7M4cPr0mWbNBEqGTryYF0JIe2GsVySHy649yW7krsb67lN8nTzypsbF%2BLUSueUSWpQdfDhXXA1I09%2Fu7l4ya%2F4v0LZGjavEOdLp8rU4OktuHQ5c4bA6iVnqYcyr6a2xZZDrQi0XHLKKrj%2FcLbEU0vnf1NVbbs7GNoGaHYbSVyhsBUKXYHqCVx%2BYpql9snrv7QXBaYbU6ZtY4dpq%2B8uQp5%2F7sOpQ78diD6Tkewz2el2IskF63ZZwCPO2mIw4MjcLPrt%2Bu2%2FAwAA%2F%2F%2F8owSuowQAAA%3D%3D HTTP/1.1
Host: whiskeydepositopinion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Cookie: u_pl=16064005; uid_id2=3fcf74da-c2be-4d26-9785-07a6b4fb25ad:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 06 Sep 2024 19:14:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: f84c87343ff5ef644f5975ee438b4534
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET whiskeydepositopinion.com/pixel/sbs?c=1

192.243.59.20

200 OK

0 B

URL GET HTTP/1.1
whiskeydepositopinion.com/pixel/sbs?c=1
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerLet's Encrypt
Subjectwhiskeydepositopinion.com
Fingerprint21:AE:B3:74:27:F4:4F:83:0E:B6:C8:2D:44:55:BB:11:1D:94:F3:3B
ValidityFri, 09 Aug 2024 05:35:08 GMT - Thu, 07 Nov 2024 05:35:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: whiskeydepositopinion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Cookie: u_pl=16064005; uid_id2=3fcf74da-c2be-4d26-9785-07a6b4fb25ad:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 06 Sep 2024 19:14:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2cc8561a282906b0dec1aca4e79647c7
21349f80bb8c3380b08511aa56bec076d95f8a07
b7259766dc0c41bd4f2c7f3cdbe3aa6481ee43fed4c515d33356decda2deb9ff

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Sep 2024 19:14:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.131

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintA8:8E:91:B3:04:E9:C9:F3:CD:3D:27:83:B0:53:22:C0:21:23:9A:92
ValidityMon, 12 Aug 2024 07:17:58 GMT - Mon, 04 Nov 2024 07:17:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18536, version 1.0
Size
18 kB (18536 bytes)
Hash
8eff0b8045fd1959e117f85654ae7770
227fee13ceb7c410b5c0bb8000258b6643cb6255
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

HTTP Headers

GET /s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://downloadtorrentfile.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18536
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Sep 2024 06:51:37 GMT
expires: Thu, 04 Sep 2025 06:51:37 GMT
cache-control: public, max-age=31536000
age: 217356
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2cc8561a282906b0dec1aca4e79647c7
21349f80bb8c3380b08511aa56bec076d95f8a07
b7259766dc0c41bd4f2c7f3cdbe3aa6481ee43fed4c515d33356decda2deb9ff

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Sep 2024 19:14:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET downloadtorrentfile.com/js/app.af2d15e9.js

172.67.145.22

200 OK

21 kB

URL GET HTTP/3
downloadtorrentfile.com/js/app.af2d15e9.js
IP
172.67.145.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerGoogle Trust Services
Subjectdownloadtorrentfile.com
FingerprintB5:BB:9C:06:D8:43:34:84:BE:B5:E9:63:0E:65:C7:DB:BE:8F:1A:AF
ValidityWed, 07 Aug 2024 00:07:45 GMT - Tue, 05 Nov 2024 00:07:44 GMT

File type

Size
21 kB (20716 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/app.af2d15e9.js HTTP/1.1
Host: downloadtorrentfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Cookie: ge_js_validator_27=1725649972@27@91768bda7d20c693a19575ed096c4a95
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 06 Sep 2024 19:13:54 GMT
content-type: application/javascript; charset=utf-8
cf-bgj: minify
etag: W/"6651dc23-50ec"
last-modified: Thu, 05 Sep 2024 22:59:51 GMT
vary: Accept-Encoding
x-cache: HIT, policy, disk
cache-control: max-age=14400
cf-cache-status: HIT
age: 1423
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1jpEHqjDn5lfjzOzKbvs3o7CL6v5njbo%2Bll4TQ0nL5TVjbRuHLURNTMc5EkW8xkUYdUGZeCZY%2BKs%2FCDJgZ7I8OeZFQNF0TF4EIigJcrWvttlMyuzmluBUOyGwNZxUi4eP0DiB1WzXeH%2Fhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bf0c76ddb6d56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET downloadtorrentfile.com/css/app.eefa4c09.css

172.67.145.22

200 OK

4.0 kB

URL GET HTTP/3
downloadtorrentfile.com/css/app.eefa4c09.css
IP
172.67.145.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerGoogle Trust Services
Subjectdownloadtorrentfile.com
FingerprintB5:BB:9C:06:D8:43:34:84:BE:B5:E9:63:0E:65:C7:DB:BE:8F:1A:AF
ValidityWed, 07 Aug 2024 00:07:45 GMT - Tue, 05 Nov 2024 00:07:44 GMT

File type
ASCII text, with very long lines (3968), with no line terminators
Size
4.0 kB (3966 bytes)
Hash
5b63a88288bd704bceb78e0d0665320a
74d5704322138fa362d1a05ca4f4e9aa134c5013
d20ff2ac3347f1185d48d981bfc3ac8c44db6a4548029e7a9d6b797abe3953a9

HTTP Headers

GET /css/app.eefa4c09.css HTTP/1.1
Host: downloadtorrentfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Cookie: ge_js_validator_27=1725649972@27@91768bda7d20c693a19575ed096c4a95
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 06 Sep 2024 19:13:54 GMT
content-type: text/css; charset=UTF-8
cf-bgj: minify
cf-polished: origSize=4009
etag: W/"6541a2ee-fa9"
last-modified: Wed, 07 Aug 2024 02:31:24 GMT
vary: Accept-Encoding
x-cache: HIT, policy, disk
cache-control: max-age=14400
cf-cache-status: HIT
age: 3752
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=as9Z1OwwPKavW%2FdrYiBfSSx7oOKmV6giTLLZ1Z7v3d%2BzYTDMB1O%2Bx3%2BxIbWysXoBnDALwbZBXJqDhblxkKJ20KbOhaxrmuLiq0yvt0id449DfN7zG1a3Ggi6WUjuKMUK8Plus3tE6pg%2Bqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bf0c76ddb6b56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET cdn.creative-stat1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/css/style.css

188.114.96.1

200 OK

3.6 kB

URL GET HTTP/2
cdn.creative-stat1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/css/style.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintF8:81:29:04:51:9E:EB:84:A7:36:0A:98:7D:E7:09:9D:A2:5D:A7:79
ValidityTue, 20 Aug 2024 16:31:08 GMT - Mon, 18 Nov 2024 16:31:07 GMT

File type
ASCII text, with very long lines (3854), with no line terminators
Size
3.6 kB (3630 bytes)
Hash
1ef6c40dc9237f64e46f930e4b26d112
7e94a725845a7101b17bfc0ff488e27c12060c1d
e23167c1f14d771e6eb40f86085c2f04f52010a5e934cff3f9e214aab984f4b4

HTTP Headers

GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/css/style.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://downloadtorrentfile.com
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 06 Sep 2024 19:14:12 GMT
content-type: text/css
last-modified: Thu, 01 Feb 2024 14:48:12 GMT
etag: W/"65bbaf2c-e2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SITaoknOUbLJw%2F0gLNXo1omz84IQKAJCmKxGbHC%2FZxvTwv7B0UVxBgQNVLq8aQJVFdEZdDll%2Bg7koYshNxL7A%2Bu5DsXTSIs9903ovtnoZvS7lxc87vDYr%2BPjJYrS%2B%2FMI0UKiVNie1nnG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bf0c7dc7bf556a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

192.243.59.20

200 OK

0 B

URL GET HTTP/1.1
whiskeydepositopinion.com/pixel/sbls?bv=24.36.3797&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Fcss%2Fstyle.css&l=3630&fd=590
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerLet's Encrypt
Subjectwhiskeydepositopinion.com
Fingerprint21:AE:B3:74:27:F4:4F:83:0E:B6:C8:2D:44:55:BB:11:1D:94:F3:3B
ValidityFri, 09 Aug 2024 05:35:08 GMT - Thu, 07 Nov 2024 05:35:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.36.3797&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Fcss%2Fstyle.css&l=3630&fd=590 HTTP/1.1
Host: whiskeydepositopinion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Cookie: u_pl=16064005; uid_id2=3fcf74da-c2be-4d26-9785-07a6b4fb25ad:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 06 Sep 2024 19:14:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

192.243.59.20

200 OK

0 B

URL GET HTTP/1.1
whiskeydepositopinion.com/pixel/sbls?bv=24.36.3797&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Fcss%2Fanimate.css&l=79245&fd=624
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerLet's Encrypt
Subjectwhiskeydepositopinion.com
Fingerprint21:AE:B3:74:27:F4:4F:83:0E:B6:C8:2D:44:55:BB:11:1D:94:F3:3B
ValidityFri, 09 Aug 2024 05:35:08 GMT - Thu, 07 Nov 2024 05:35:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.36.3797&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Fcss%2Fanimate.css&l=79245&fd=624 HTTP/1.1
Host: whiskeydepositopinion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Cookie: u_pl=16064005; uid_id2=3fcf74da-c2be-4d26-9785-07a6b4fb25ad:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 06 Sep 2024 19:14:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET cdn.creative-stat1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/js/script.js

188.114.96.1

200 OK

386 B

URL GET HTTP/2
cdn.creative-stat1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/js/script.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintF8:81:29:04:51:9E:EB:84:A7:36:0A:98:7D:E7:09:9D:A2:5D:A7:79
ValidityTue, 20 Aug 2024 16:31:08 GMT - Mon, 18 Nov 2024 16:31:07 GMT

File type
ASCII text, with very long lines (399), with no line terminators
Size
386 B (386 bytes)
Hash
022602a468da44628060800173771da2
9be813fbfebbcb2aa46d8c6b8abec68b3d16c89c
6742c376e658c34d09b2dc5772bd798e3cd52bb265758bac5bce184f8ee7b5cc

HTTP Headers

GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/js/script.js HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://downloadtorrentfile.com
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 06 Sep 2024 19:14:13 GMT
content-type: application/javascript
last-modified: Thu, 01 Feb 2024 14:48:15 GMT
etag: W/"65bbaf2f-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iwQoZfseyORfM0pGKyEy%2F%2FGKnzJlHlyxinYaUqjlN1MelL5iSpIv5zgdK1zbshxJUzD93Dzb8fohiPiMMoAuzUIZNhfwJ%2FCdiPh1CSJSPaMbkPcIIMfvT7lzmP8HZGgsNm09SSzF4jFK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bf0c7dc5bd056a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/vue/2.6.11/vue.min.js

104.17.25.14

200 OK

94 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/vue/2.6.11/vue.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downloadtorrentfile.com/hash/d5ca3c2507902969c8bb8cfd497175066b916a23?name=Terapia%20Intensiva
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint00:EC:C6:E9:D9:C1:6D:05:88:6E:33:AF:3B:E7:7B:86:81:20:66:CA
ValidityWed, 31 Jul 2024 04:16:10 GMT - Tue, 29 Oct 2024 04:16:09 GMT

File type
JavaScript source, ASCII text, with very long lines (65449)
Size
94 kB (93670 bytes)
Hash
6c81f02ad0bf8e12a66c18cab188d029
abd239f02966b2d324b0512c203bdbaf82a4ed7a
9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf

HTTP Headers

GET /ajax/libs/vue/2.6.11/vue.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://downloadtorrentfile.com
DNT: 1
Connection: keep-alive
Referer: https://downloadtorrentfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 06 Sep 2024 19:13:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 30730
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb0402c-16de6"
last-modified: Mon, 04 May 2020 16:17:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1304680
expires: Wed, 27 Aug 2025 19:13:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Th2D2l7R6XRMzrss3nxpPvweuixb7Zx7aStVd867fi0%2FbgkVdS754joFORzgNW5bTxdu%2BGtpE2RMh8vXp9t0%2BsYaF7vgDOftwO7r3QazGLytd%2B8U8dS2xBFrKtU7aHKtiCbBV2cl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8bf0c76e1c805695-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash