| www.1377x.to/torrent/5337709/Sapiens/ | 172.67.194.20 | 301 Moved Permanently | 0 B |
URL HTTP/1.1www.1377x.to/torrent/5337709/Sapiens/ IP172.67.194.20:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /torrent/5337709/Sapiens/ HTTP/1.1
Host: www.1377x.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 01 Sep 2022 20:23:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 01 Sep 2022 21:23:05 GMT
Location: https://www.1377x.to/torrent/5337709/Sapiens/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpjCkdfmUVUCG6nkpdQxoTgH9KaSlNAoh5%2FZaBoKTP79MbnOLFB%2FnVrBC2x8C%2B3zfvErAKs4OjXejf2mAax%2F9Bou0M9MXvHhLUov14FsjP5Gino0nU9leEVa8RXz%2Fp0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7440b8c41a47b51b-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashbcdebf7a2bad5db595e8a0c1abb2ddcb 249dda2fa5e37b8a8f3a8c797193bf0874b6eedc 9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7252
Expires: Thu, 01 Sep 2022 22:23:57 GMT
Date: Thu, 01 Sep 2022 20:23:05 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 143.204.55.35 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.35:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash91dd975a7b17b2922dd23c0e49314e40 57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 01 Sep 2022 19:41:20 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MGqTsriktDB8GYsqZONJmQ8VVxmdprmyI44K1XbGhXKVMhfWAiXiIQ==
Age: 2505
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain | 143.204.55.35 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain IP143.204.55.35:0
File typePEM certificate\012- , ASCII text Hash742edb4038f38bc533514982f3d2e861 cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1 b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Thu, 01 Sep 2022 01:15:17 GMT
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EHz2x3OpTPGY4lQ4Qun31qS6YWzY-D0CKVadMpRRw1xFt9H-jBC21A==
age: 68869
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 20:23:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| cdn.akamai.steamstatic.com/steam/apps/1060230/header.jpg | 23.36.77.50 | 200 OK | 45 kB |
URL HTTP/1.1cdn.akamai.steamstatic.com/steam/apps/1060230/header.jpg IP23.36.77.50:0 ASN#20940 Akamai International B.V.
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 118x118, segment length 16, baseline, precision 8, 460x215, components 3\012- data Hashacc35babd6201e0b3284d5faa74383ff 97d98bf1566236fc39ac9e3b375de9f96432c5e8 fbfcc18f56d7e9544182060f7a3a79de215de4fc77992f80ed44d39fb616916f
GET /steam/apps/1060230/header.jpg HTTP/1.1
Host: cdn.akamai.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sun, 26 Jun 2022 22:59:31 GMT
ETag: "62b8e4d3-afea"
Server: nginx/1.10.3 (Ubuntu)
Access-Control-Allow-Origin: *
Content-Type: image/jpeg
Content-Length: 45034
Accept-Ranges: bytes
Cache-Control: public, max-age=498317
Expires: Wed, 07 Sep 2022 14:48:23 GMT
Date: Thu, 01 Sep 2022 20:23:06 GMT
Connection: keep-alive
|
|
| cdn.akamai.steamstatic.com/steam/apps/1060230/ss_30e46d8509f3d5a72e78442ab064fab65fe680d4.600x338.jpg | 23.36.77.50 | 200 OK | 62 kB |
URL HTTP/1.1cdn.akamai.steamstatic.com/steam/apps/1060230/ss_30e46d8509f3d5a72e78442ab064fab65fe680d4.600x338.jpg IP23.36.77.50:0 ASN#20940 Akamai International B.V.
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 600x337, components 3\012- data Hash8b881df59395e02e912ae8a7bb8a36e9 e858a894ab8591cebe32dbb4d5a18daff1dc07f8 28411483d3d5357ffab957c7ae5890fa64adc9f70b1a55a80cf79f14910cd938
GET /steam/apps/1060230/ss_30e46d8509f3d5a72e78442ab064fab65fe680d4.600x338.jpg HTTP/1.1
Host: cdn.akamai.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 14 Jun 2022 23:20:43 GMT
ETag: "62a917cb-f275"
Server: nginx/1.10.3 (Ubuntu)
Content-Type: image/jpeg
Content-Length: 62069
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=405680
Expires: Tue, 06 Sep 2022 13:04:26 GMT
Date: Thu, 01 Sep 2022 20:23:06 GMT
Connection: keep-alive
|
|
| cdn.akamai.steamstatic.com/steam/apps/1060230/ss_b602555bc283935906abf8781ca818c68fb2a64c.600x338.jpg | 23.36.77.50 | 200 OK | 84 kB |
URL HTTP/1.1cdn.akamai.steamstatic.com/steam/apps/1060230/ss_b602555bc283935906abf8781ca818c68fb2a64c.600x338.jpg IP23.36.77.50:0 ASN#20940 Akamai International B.V.
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 600x337, components 3\012- data Hashefbfab6c321a2562ee554738ff44ce3b b9d2b354e033edee318b9db0d3ce8b3d79b92199 a66d91f08c864ac06e713a0f09bdfbd2c913de9d3e8723cfa899d40ef81da80d
GET /steam/apps/1060230/ss_b602555bc283935906abf8781ca818c68fb2a64c.600x338.jpg HTTP/1.1
Host: cdn.akamai.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 14 Jun 2022 23:20:43 GMT
ETag: "62a917cb-14a0e"
Server: nginx/1.10.3 (Ubuntu)
Content-Type: image/jpeg
Content-Length: 84494
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=133303
Expires: Sat, 03 Sep 2022 09:24:49 GMT
Date: Thu, 01 Sep 2022 20:23:06 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.35 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.35:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 01 Sep 2022 19:57:05 GMT
Expires: Thu, 01 Sep 2022 19:59:33 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: S7uZi7Q9G7QXGip_SH8TKYJc04w89v57tp46j_8eDzWM-CxOJ4injQ==
Age: 1561
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd5a8abda2ffbe02e1d23ed6bc7886d51 5ae3f17ff02ff5e003f979b5edba60ad7c1b038e 6380891ba329ba3fbe06f89b4a520d48afcf0ff7fbd85b983b83e851af895b85
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6380891BA329BA3FBE06F89B4A520D48AFCF0FF7FBD85B983B83E851AF895B85"
Last-Modified: Tue, 30 Aug 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5787
Expires: Thu, 01 Sep 2022 21:59:33 GMT
Date: Thu, 01 Sep 2022 20:23:06 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd5a8abda2ffbe02e1d23ed6bc7886d51 5ae3f17ff02ff5e003f979b5edba60ad7c1b038e 6380891ba329ba3fbe06f89b4a520d48afcf0ff7fbd85b983b83e851af895b85
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6380891BA329BA3FBE06F89B4A520D48AFCF0FF7FBD85B983B83E851AF895B85"
Last-Modified: Tue, 30 Aug 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5787
Expires: Thu, 01 Sep 2022 21:59:33 GMT
Date: Thu, 01 Sep 2022 20:23:06 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash2eb022bbcb69557dc09477b624814e87 6030f2c630a01fbc027c887d31e696f84cc60c97 d7a508e276f0ca1b58b6af39720fb7ebb26fb38df50a159eb82d1d2542610b85
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 462
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:23:06 GMT
Last-Modified: Thu, 01 Sep 2022 20:15:24 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
|
|
| snailbodieshomesick.com/e3/93/f8/e393f80da8aac0cc70f9dbc6e1ea5bde.js | 192.243.61.227 | 200 OK | 13 kB |
URL HTTP/1.1snailbodieshomesick.com/e3/93/f8/e393f80da8aac0cc70f9dbc6e1ea5bde.js IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with very long lines (37115), with no line terminators Hash07844d3f8fa8cbfe45176e329e7a2fd6 0c7f15c0691207b5be6fbd892eb8516012cd6387 c015ade6d5a9e0a39b758393113eea64dec8f3bbf024805a46abec0ce28bd9ce
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /e3/93/f8/e393f80da8aac0cc70f9dbc6e1ea5bde.js HTTP/1.1
Host: snailbodieshomesick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 01 Sep 2022 20:23:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 01903c8efe86ab2da932b6c47383da2c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| snailbodieshomesick.com/20/c1/05/20c1050f6509bda85a2632d1ec65d60e.js | 192.243.61.227 | 200 OK | 20 kB |
URL HTTP/1.1snailbodieshomesick.com/20/c1/05/20c1050f6509bda85a2632d1ec65d60e.js IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with very long lines (59396), with no line terminators Hash19aaa4a262448a6bd8f84528fde28488 1522a5cce53fd9a4283bc62d929934a5612b4cd0 ae16fa4fe267adb2ef29bd3d08870cff6c6cbf8e976eee7e0df755157fd5bb41
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /20/c1/05/20c1050f6509bda85a2632d1ec65d60e.js HTTP/1.1
Host: snailbodieshomesick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 01 Sep 2022 20:23:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a656619878a92d8f8598a1ab72045334
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| push.services.mozilla.com/ | 54.148.77.40 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.148.77.40:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hetgHYygpAsg0MWVVN0XNg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Ck6Cmw9rqRrOTaYgtfUk2oKVSqI=
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 344 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash797848c645dcc323aa01a1cc28a1376c df8dfbb74c047699a37ac0d12d307ede104bbf72 6943eb9fbf099441d20214c206365026c24380abb84c633eca2a78fd8a9f3d25
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6943EB9FBF099441D20214C206365026C24380ABB84C633ECA2A78FD8A9F3D25"
Last-Modified: Wed, 31 Aug 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15973
Expires: Fri, 02 Sep 2022 00:49:20 GMT
Date: Thu, 01 Sep 2022 20:23:07 GMT
Connection: keep-alive
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.110 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.110:0
Hashb019ba472c2b1d5491e5e72c150878a2 e7e764d18764fcbf7a6d6440d740d3cbd916468e 4076ef6e1b3d631468ed0e3a567dfa4c1c4de437852eada1cc658b3640cdad69
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 01 Sep 2022 20:23:07 GMT
Last-Modified: Thu, 01 Sep 2022 18:59:31 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: RXjVYbnEQaAEEAYCC_bjjVdXeDLB_meI2erIN_XPiAU-mKRHy_TpVw==
Age: 5016
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.110 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.110:0
Hashb019ba472c2b1d5491e5e72c150878a2 e7e764d18764fcbf7a6d6440d740d3cbd916468e 4076ef6e1b3d631468ed0e3a567dfa4c1c4de437852eada1cc658b3640cdad69
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 01 Sep 2022 20:23:07 GMT
Last-Modified: Thu, 01 Sep 2022 19:01:08 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: P-JzdvCgKwTWrjSpMlUD1zI7pdjVVIbt9R_vW9_FxU1vk04UZNpcNg==
Age: 4919
|
|
| simplewebanalysis.com/stats | 18.192.162.188 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP18.192.162.188:0
File typeASCII text, with no line terminators Hash9dcbe36b31210749f4f9ea044582289b 058e1d9dc28d65016cc854ad47cf0d76a7de5c00 9e686c2c22e53dfcd720d8fc5d102ba4d03d1618e98f9d3b3a69345bab569f6c
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1377x.to
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 20:23:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.1377x.to
access-control-allow-credentials: true
set-cookie: uid_id2=0dbf920f-6f2c-47fa-af4b-c4d0388b1bcb:1:1; expires=Sun, 29 Aug 2032 20:23:07 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| simplewebanalysis.com/stats | 18.192.162.188 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP18.192.162.188:0
File typeASCII text, with no line terminators Hashe8d4488426a0dbbe60e4c133f6ecbcb1 680ab6e57d73814e71fc6d82b79f00ff8a85f0c5 5c9caee4f2beac433eeb39bb5b3ecfb1786270a97ef57777e4158da81a04e923
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1377x.to
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 20:23:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.1377x.to
access-control-allow-credentials: true
set-cookie: uid_id2=6608c494-6305-4afb-9faa-3d780abef17c:3:1; expires=Sun, 29 Aug 2032 20:23:07 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 344 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash797848c645dcc323aa01a1cc28a1376c df8dfbb74c047699a37ac0d12d307ede104bbf72 6943eb9fbf099441d20214c206365026c24380abb84c633eca2a78fd8a9f3d25
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6943EB9FBF099441D20214C206365026C24380ABB84C633ECA2A78FD8A9F3D25"
Last-Modified: Wed, 31 Aug 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15973
Expires: Fri, 02 Sep 2022 00:49:20 GMT
Date: Thu, 01 Sep 2022 20:23:07 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash997b8d5c5a7abba6f910b618c0ce8d72 add30237796798ac9f3d3fc8c55ecfebdbd3becc 1a89876432a88ab9a1768ed58c4e1e2c1a4820612d6ae439bd2056f318786d58
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1A89876432A88AB9A1768ED58C4E1E2C1A4820612D6AE439BD2056F318786D58"
Last-Modified: Wed, 31 Aug 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2024
Expires: Thu, 01 Sep 2022 20:56:51 GMT
Date: Thu, 01 Sep 2022 20:23:07 GMT
Connection: keep-alive
|
|
| virginyoungestrust.com/pixel/purst?dl=0&th=0&sc=0&rs=1534&rd=1534&fd=924&bv=22.8.v.1&tmpl=70 | 192.243.61.225 | 200 OK | 0 B |
URL HTTP/1.1virginyoungestrust.com/pixel/purst?dl=0&th=0&sc=0&rs=1534&rd=1534&fd=924&bv=22.8.v.1&tmpl=70 IP192.243.61.225:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pixel/purst?dl=0&th=0&sc=0&rs=1534&rd=1534&fd=924&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: virginyoungestrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 01 Sep 2022 20:23:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash611a1440d2789d85045d288c3b355761 c8d29e8375e23ff8e5adc9db276ad1324edb4e7d 818267551f891f0eb37f331b5c30527b773db320671b21569c8384e71b957edd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "818267551F891F0EB37F331B5C30527B773DB320671B21569C8384E71B957EDD"
Last-Modified: Thu, 01 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2223
Expires: Thu, 01 Sep 2022 21:00:10 GMT
Date: Thu, 01 Sep 2022 20:23:07 GMT
Connection: keep-alive
|
|
| banquetunarmedgrater.com/advertisers.js | 192.243.59.12 | 200 OK | 0 B |
URL HTTP/1.1banquetunarmedgrater.com/advertisers.js IP192.243.59.12:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 01 Sep 2022 20:23:07 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ed99cef2a6d4a4dd0ba0923c9490c24c
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 1.1 kB |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash545627a297a1b45cf7ffe141671e4a7a c91698d3fb55921f0ba1274f41edbc20bdda892c c7977f1c90385835142d6a74c2b6db06a04d572cbc222e766319fba486c00bc6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B63BEC93DAD6289679D127980B86225BD8CC8CE1912081A852684B43113C4CED"
Last-Modified: Tue, 30 Aug 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19344
Expires: Fri, 02 Sep 2022 01:45:31 GMT
Date: Thu, 01 Sep 2022 20:23:07 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashb947c5b892eb371150ccc5d5c4f059bc 1d2c66ab1d8b30530376d95e7821e70e6dd34a8b 902c6d1b01e66e8bf631ba4ec748179608970fcf5368ff757294e4c2bb471211
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "902C6D1B01E66E8BF631BA4EC748179608970FCF5368FF757294E4C2BB471211"
Last-Modified: Tue, 30 Aug 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1620
Expires: Thu, 01 Sep 2022 20:50:08 GMT
Date: Thu, 01 Sep 2022 20:23:08 GMT
Connection: keep-alive
|
|
| s10.histats.com/js15_as.js | 46.105.201.240 | 200 OK | 4.4 kB |
URL HTTP/2s10.histats.com/js15_as.js IP46.105.201.240:0
File typeHTML document, ASCII text, with very long lines (11440), with no line terminators Hashed192092c129db6123a3397855f42619 067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e 998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 20:13:54 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 500009082
content-type: text/javascript
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
|
|
| s10.histats.com/counters/cc_511.js | 46.105.201.240 | 200 OK | 6.0 kB |
URL HTTP/2s10.histats.com/counters/cc_511.js IP46.105.201.240:0
File typeHTML document, ASCII text, with very long lines (14926), with no line terminators Hashe0963faf9f8d4dd4683c649033bfe3e6 8b8365dac8c2d50836e19456f025370ee782598f 80ac8877a54d16e397e9518ce7221d0abad87a39ffd0221a99227540eeb8b2a8
GET /counters/cc_511.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 20:22:02 GMT
etag: "1364484781"
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-request-id: 744882464
content-type: text/javascript
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 5984
X-Firefox-Spdy: h2
|
|
| vilereasoning.com/sbar.json?key=e393f80da8aac0cc70f9dbc6e1ea5bde&uuid=6608c494-6305-4afb-9faa-3d780abef17c%3A3%3A1 | 192.243.59.20 | 200 OK | 4.1 kB |
URL HTTP/1.1vilereasoning.com/sbar.json?key=e393f80da8aac0cc70f9dbc6e1ea5bde&uuid=6608c494-6305-4afb-9faa-3d780abef17c%3A3%3A1 IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
File typeJSON data\012- , ASCII text, with very long lines (5753), with no line terminators Hashfd6ef187cb8621cc51b00f8b74e86358 1cdb18326d4284a17a34f7f780cdce649b070d44 96be1dbe120792be3b29579163bd7b5a18e8250feec50921546c5cc78c66b52b
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /sbar.json?key=e393f80da8aac0cc70f9dbc6e1ea5bde&uuid=6608c494-6305-4afb-9faa-3d780abef17c%3A3%3A1 HTTP/1.1
Host: vilereasoning.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1377x.to
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Sep 2022 20:23:08 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.1377x.to
Access-Control-Allow-Origin: https://www.1377x.to
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16578187; expires=Fri, 02 Sep 2022 20:23:08 GMT; secure; SameSite=None
uid_id2=6608c494-6305-4afb-9faa-3d780abef17c:3:1; expires=Thu, 08 Sep 2022 20:23:08 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 02 Sep 2022 20:23:08 GMT; secure; SameSite=None
uncs=1; expires=Fri, 02 Sep 2022 20:23:08 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 02 Sep 2022 20:23:08 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 02 Sep 2022 20:23:08 GMT; secure; SameSite=None
slece393f80da8aac0cc70f9dbc6e1ea5bde=[3364848]; expires=Thu, 01 Sep 2022 20:23:13 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3abf011a901ad030fc7b6e26d0e6d86d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash12f00eac4bda78b5d4c4bc00e96be439 5d6d88dbf72f208bc33c9af693440aec02e5f11c 4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18447
Expires: Fri, 02 Sep 2022 01:30:35 GMT
Date: Thu, 01 Sep 2022 20:23:08 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash12f00eac4bda78b5d4c4bc00e96be439 5d6d88dbf72f208bc33c9af693440aec02e5f11c 4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18447
Expires: Fri, 02 Sep 2022 01:30:35 GMT
Date: Thu, 01 Sep 2022 20:23:08 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash12f00eac4bda78b5d4c4bc00e96be439 5d6d88dbf72f208bc33c9af693440aec02e5f11c 4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18447
Expires: Fri, 02 Sep 2022 01:30:35 GMT
Date: Thu, 01 Sep 2022 20:23:08 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash12f00eac4bda78b5d4c4bc00e96be439 5d6d88dbf72f208bc33c9af693440aec02e5f11c 4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18447
Expires: Fri, 02 Sep 2022 01:30:35 GMT
Date: Thu, 01 Sep 2022 20:23:08 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg | 34.120.237.76 | 200 OK | 8.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6b2c036e67f8c39c136f6c69b0922eb1 98e27f0dafd7b1b49e159ee038b41a811096a2d0 9dc9e00e6f63a22dd85f54ba26326a9733f6c1d7a19c7b1636f14fca2722e6eb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8009
x-amzn-requestid: 6d716dae-efa3-449a-a505-fb5f3d99c2df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XsvlaFEaoAMFwDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e92ef-708228ce7e1fb3cb770cb490;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 22:45:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OPvJ_5gjUyE05ZFPDdCvsGdr7JRtcILdFJVYkavZI90yzDdnyjBpUg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 01:21:30 GMT
age: 68498
etag: "98e27f0dafd7b1b49e159ee038b41a811096a2d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| creepingbrings.com/sfp.js | 104.21.234.232 | 200 OK | 33 kB |
URL HTTP/2creepingbrings.com/sfp.js IP104.21.234.232:0
File typeUnicode text, UTF-8 text, with very long lines (65529), with no line terminators Hash961ea42f4dde0e496dd0e2203fdc0c9b 6cd1ba9bce99e6781def9aa9ab2ee87a81805689 97a114bff79cb9ff43f544c4b1ef9e199a017b87cc0fb5adcaff9b2abc7ef9d2
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 20:23:07 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 19cbca775a1b84ebc18f0966f62213e6
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 01 Sep 2022 20:23:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TYBqbg4FIseT4qku5G0jEDAcNnXB3SlJe38SX6T3VKn0CI3G%2Bk%2FVAt7Qfd14%2Bo3mtEBSahcIf6aZc%2BsFwlPTjL87xP7BCxZKk%2F%2BcBI%2Ft6uM6l7hv0uZ7LimHZqveT1%2FEZvjH0VA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7440b8cde9947741-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg | 34.120.237.76 | 200 OK | 17 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash12756903aaa74164feb5f8525398ca36 9fef9b071daea6793cbbdfe391254ac4326b1aa2 6d474a6d96aebfed43a4f6812f18a1be8d100c590f75eb0fbf4ec7277dd0c442
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16818
x-amzn-requestid: fa921878-2054-453b-b313-681cdd9c9068
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj-Z_HUNIAMFltg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b110c-053ce81943fea70c2de7daa0;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 06:54:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 69fDjN-ZeYA8RVO_WGTY1KQHZ1t3PNdWIwq3ax1e1wKmuPODyGCMcQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 14:46:29 GMT
age: 20199
etag: "9fef9b071daea6793cbbdfe391254ac4326b1aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashba98f63d9bef7deebb9a8d1b3126d396 d97a8b0e4b4dbc60dfc9eb15ba28f68e8e3731ef b8f6c1c6b34ec452a6aa3090c30ebf3a68cb3b4d45a7b134ed32e1959f4f0682
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10777
x-amzn-requestid: 2e9a081f-2ae4-49b9-b9d4-79cae2b7eae9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv3kRFiJIAMFgNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd2e7-2f9eec0b239ceb6d617431b6;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:30:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: w9ACDg_Mxbl2GSEDeDAqdMlKjkCiMyWExvCUa2jHquaQy6U-4EJtbQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:37:20 GMT
age: 81948
etag: "d97a8b0e4b4dbc60dfc9eb15ba28f68e8e3731ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg | 34.120.237.76 | 200 OK | 9.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb0f6c541f6335bb709d2270147bd5aed b691ef5e7a302e2678302818130a9637c3efbe3a e63922331a4463519e6df77ae7a1ad3316a36e54dd03c00ff6b119ee3fa684c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 79dc68ea-ea2e-4eab-bab9-1c89b0a955a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjMSvHJ-oAMF6Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ac0de-2370cf5363d5f308121f0ca4;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 01:11:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qAEve6mBQ9a1hr2fBR8xq42pxeG9Kjn4yWaMr4z4On46QC9R1K91pw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 14:44:23 GMT
age: 20325
etag: "b691ef5e7a302e2678302818130a9637c3efbe3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg | 34.120.237.76 | 200 OK | 5.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash5c3b7580a37e6eb7e5bd18491f1d4dd6 288b82ad8f924eb9570ae1c55da84d041f862366 046d1ef76448c53446068ef5f8315b7299484996cdebfd9d1e749b4ded9c7d3c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5079
x-amzn-requestid: 3b19c77a-2e9b-499f-890b-36fc4ee72ba7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XslOVEtZIAMFv1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e825b-01b7b71617b59f7414a0e5e5;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 21:34:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: et3ZsWRVoBNMpArUk9CohTyMpS5F0eKiR6cZJRfwAEiiFJUaeay58g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:48:04 GMT
age: 81304
etag: "288b82ad8f924eb9570ae1c55da84d041f862366"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| vilereasoning.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRit3kQQPG3IZQVlDh4UzKR7eqZ7xhUWY4wEs5tlV1lvWl1VPSlT09VUdU9PcpDgoix4mT157bxJNq4GUfDqIpOFPQSUjKcczG9QhJwWkZkNjn6X77167%2FDqVX2xm58RFzk9Xb6ut6VSdLFRdSuvfuh5VytrMsl7lV4z%2BCioX62Y7hutoOq%2BVnlXsE29WHM91%2FVcr7IijYh1b3EsQqaHLa%2Facqv1WtVr1NEz%2F%2Bc2d2CpA949I3OQfDT72JmHZEMkne%2BXhd3MdPr6O51c0UwbdPnBB8lmoosEnSmMjYM4ObhwQ9uTlUfQyf4kLnT3X2MkR8R58ghRcnARElF3b5IzUhAJIv4Ciu4QQg0h6RBM34XkJwRgHDfWkXQe3NCmoFvPVDpWR2T2%2FC%2FIYkRmf59H0vluScle5bZWeSZ1YtGLS8jeELI9RJofIdu%2BBFkcgWWfQfJfyOL5GpLO3rpVGpKfvhIEbpPVW%2FWFwHcbC3UaRwutmNIFn4dNl0Yi9kI2KUjKIWQ8hBJ9UDuD3DrIpYM8dpCnDjr8tMI8zwtdzqjbbDHm81BEAXc9GsYe9dygiZyN79BHlvbBVB%2FM7CA1O9iU908aczD5z7AbJSx3YDOCLi9RCILCEhSUoJAERUZQdMt9rmzNlg%2B4snnkXezaxfbLgc7au3RfZ22RkN30jFyedPf0%2FEtsitOK8Ft%2B3HQ5bVLKXMZCN27xiAXCE7QRcQErS0h7CdQ62JYjcuXNX5HKEXnuq78R0SNYdQQm50Dzl0CLQVhzQTcG9aaL7eRrz%2FfDXjUrwHWJNJtFtuXsqjNyZZLBv%2FMHBDu%2B9nF0ffTnw6dgpkRqSnwiHxO01b3BLV2QvVu6sOSH9TSTHblNx297O6OZmPnmPbFVaMNXl23%2F4VtsLIzh4fvCZms04TJpW%2FLtkuRcmBVtmCA%2Frdo7IrqZ242l3CR5unbz7ZXVTmqEtVInQ1A5IuTJMZgcked%2F3J982xc%2F%2FxTSDGHyEp38mFwMpD4CS3dg02l%2Bq2dg1NQTpQ6KvByYWjQ9VJJAiSmnUQn7Hx5N8a69h7Z5GTS7i6RTomtKdFUJqvqw%2BcwgS83xtd%2F8ySBSziBSxtmLlFH3n5Vr5Wkl9H2XBq2GF4ZUhFG91owDj1Naqwe1IKA%2BMjtil%2BcP%2FwEAAP%2F%2FAQAA%2F%2F%2FqE7grgQQAAA%3D%3D | 192.243.59.20 | 200 OK | 7 B |
URL HTTP/1.1vilereasoning.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRit3kQQPG3IZQVlDh4UzKR7eqZ7xhUWY4wEs5tlV1lvWl1VPSlT09VUdU9PcpDgoix4mT157bxJNq4GUfDqIpOFPQSUjKcczG9QhJwWkZkNjn6X77167%2FDqVX2xm58RFzk9Xb6ut6VSdLFRdSuvfuh5VytrMsl7lV4z%2BCioX62Y7hutoOq%2BVnlXsE29WHM91%2FVcr7IijYh1b3EsQqaHLa%2Facqv1WtVr1NEz%2F%2Bc2d2CpA949I3OQfDT72JmHZEMkne%2BXhd3MdPr6O51c0UwbdPnBB8lmoosEnSmMjYM4ObhwQ9uTlUfQyf4kLnT3X2MkR8R58ghRcnARElF3b5IzUhAJIv4Ciu4QQg0h6RBM34XkJwRgHDfWkXQe3NCmoFvPVDpWR2T2%2FC%2FIYkRmf59H0vluScle5bZWeSZ1YtGLS8jeELI9RJofIdu%2BBFkcgWWfQfJfyOL5GpLO3rpVGpKfvhIEbpPVW%2FWFwHcbC3UaRwutmNIFn4dNl0Yi9kI2KUjKIWQ8hBJ9UDuD3DrIpYM8dpCnDjr8tMI8zwtdzqjbbDHm81BEAXc9GsYe9dygiZyN79BHlvbBVB%2FM7CA1O9iU908aczD5z7AbJSx3YDOCLi9RCILCEhSUoJAERUZQdMt9rmzNlg%2B4snnkXezaxfbLgc7au3RfZ22RkN30jFyedPf0%2FEtsitOK8Ft%2B3HQ5bVLKXMZCN27xiAXCE7QRcQErS0h7CdQ62JYjcuXNX5HKEXnuq78R0SNYdQQm50Dzl0CLQVhzQTcG9aaL7eRrz%2FfDXjUrwHWJNJtFtuXsqjNyZZLBv%2FMHBDu%2B9nF0ffTnw6dgpkRqSnwiHxO01b3BLV2QvVu6sOSH9TSTHblNx297O6OZmPnmPbFVaMNXl23%2F4VtsLIzh4fvCZms04TJpW%2FLtkuRcmBVtmCA%2Frdo7IrqZ242l3CR5unbz7ZXVTmqEtVInQ1A5IuTJMZgcked%2F3J982xc%2F%2FxTSDGHyEp38mFwMpD4CS3dg02l%2Bq2dg1NQTpQ6KvByYWjQ9VJJAiSmnUQn7Hx5N8a69h7Z5GTS7i6RTomtKdFUJqvqw%2BcwgS83xtd%2F8ySBSziBSxtmLlFH3n5Vr5Wkl9H2XBq2GF4ZUhFG91owDj1Naqwe1IKA%2BMjtil%2BcP%2FwEAAP%2F%2FAQAA%2F%2F%2FqE7grgQQAAA%3D%3D IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRit3kQQPG3IZQVlDh4UzKR7eqZ7xhUWY4wEs5tlV1lvWl1VPSlT09VUdU9PcpDgoix4mT157bxJNq4GUfDqIpOFPQSUjKcczG9QhJwWkZkNjn6X77167%2FDqVX2xm58RFzk9Xb6ut6VSdLFRdSuvfuh5VytrMsl7lV4z%2BCioX62Y7hutoOq%2BVnlXsE29WHM91%2FVcr7IijYh1b3EsQqaHLa%2Facqv1WtVr1NEz%2F%2Bc2d2CpA949I3OQfDT72JmHZEMkne%2BXhd3MdPr6O51c0UwbdPnBB8lmoosEnSmMjYM4ObhwQ9uTlUfQyf4kLnT3X2MkR8R58ghRcnARElF3b5IzUhAJIv4Ciu4QQg0h6RBM34XkJwRgHDfWkXQe3NCmoFvPVDpWR2T2%2FC%2FIYkRmf59H0vluScle5bZWeSZ1YtGLS8jeELI9RJofIdu%2BBFkcgWWfQfJfyOL5GpLO3rpVGpKfvhIEbpPVW%2FWFwHcbC3UaRwutmNIFn4dNl0Yi9kI2KUjKIWQ8hBJ9UDuD3DrIpYM8dpCnDjr8tMI8zwtdzqjbbDHm81BEAXc9GsYe9dygiZyN79BHlvbBVB%2FM7CA1O9iU908aczD5z7AbJSx3YDOCLi9RCILCEhSUoJAERUZQdMt9rmzNlg%2B4snnkXezaxfbLgc7au3RfZ22RkN30jFyedPf0%2FEtsitOK8Ft%2B3HQ5bVLKXMZCN27xiAXCE7QRcQErS0h7CdQ62JYjcuXNX5HKEXnuq78R0SNYdQQm50Dzl0CLQVhzQTcG9aaL7eRrz%2FfDXjUrwHWJNJtFtuXsqjNyZZLBv%2FMHBDu%2B9nF0ffTnw6dgpkRqSnwiHxO01b3BLV2QvVu6sOSH9TSTHblNx297O6OZmPnmPbFVaMNXl23%2F4VtsLIzh4fvCZms04TJpW%2FLtkuRcmBVtmCA%2Frdo7IrqZ242l3CR5unbz7ZXVTmqEtVInQ1A5IuTJMZgcked%2F3J982xc%2F%2FxTSDGHyEp38mFwMpD4CS3dg02l%2Bq2dg1NQTpQ6KvByYWjQ9VJJAiSmnUQn7Hx5N8a69h7Z5GTS7i6RTomtKdFUJqvqw%2BcwgS83xtd%2F8ySBSziBSxtmLlFH3n5Vr5Wkl9H2XBq2GF4ZUhFG91owDj1Naqwe1IKA%2BMjtil%2BcP%2FwEAAP%2F%2FAQAA%2F%2F%2FqE7grgQQAAA%3D%3D HTTP/1.1
Host: vilereasoning.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Cookie: u_pl=16578187; uid_id2=6608c494-6305-4afb-9faa-3d780abef17c:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece393f80da8aac0cc70f9dbc6e1ea5bde=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Sep 2022 20:23:08 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 13a087448fc3c22a5d694c34cc3b0619
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| s4.histats.com/stats/0.php?3352401&@f16&@g1&@h1&@i1&@j1662063787479&@k0&@l1&@mDownload%20Sapiens%20Torrent%20%7C%201337x&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:4363429&@b3:1662063787&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.1377x.to%2Ftorrent%2F5337709%2FSapiens%2F&@w | 158.69.248.123 | 200 OK | 47 B |
URL HTTP/1.1s4.histats.com/stats/0.php?3352401&@f16&@g1&@h1&@i1&@j1662063787479&@k0&@l1&@mDownload%20Sapiens%20Torrent%20%7C%201337x&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:4363429&@b3:1662063787&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.1377x.to%2Ftorrent%2F5337709%2FSapiens%2F&@w IP158.69.248.123:0
File typeASCII text, with no line terminators Hash06b05ae9614bafae9b0b09cfbeed559e 9b087683529b7b89a117b2d5cbb35a93e7dcbaca a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2
GET /stats/0.php?3352401&@f16&@g1&@h1&@i1&@j1662063787479&@k0&@l1&@mDownload%20Sapiens%20Torrent%20%7C%201337x&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:4363429&@b3:1662063787&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.1377x.to%2Ftorrent%2F5337709%2FSapiens%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:08 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 47
Connection: close
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4c0c3b533df38be7bdfbd8b8246b48c2 8fa1977230e302c4d0df2482eb22d9202a7cf961 2f505285bbf066d84efdc1df659265354728ecf67077f7544bd586b19d9b38ad
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2F505285BBF066D84EFDC1DF659265354728ECF67077F7544BD586B19D9B38AD"
Last-Modified: Wed, 31 Aug 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8111
Expires: Thu, 01 Sep 2022 22:38:19 GMT
Date: Thu, 01 Sep 2022 20:23:08 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4c0c3b533df38be7bdfbd8b8246b48c2 8fa1977230e302c4d0df2482eb22d9202a7cf961 2f505285bbf066d84efdc1df659265354728ecf67077f7544bd586b19d9b38ad
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2F505285BBF066D84EFDC1DF659265354728ECF67077F7544BD586B19D9B38AD"
Last-Modified: Wed, 31 Aug 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8111
Expires: Thu, 01 Sep 2022 22:38:19 GMT
Date: Thu, 01 Sep 2022 20:23:08 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4c0c3b533df38be7bdfbd8b8246b48c2 8fa1977230e302c4d0df2482eb22d9202a7cf961 2f505285bbf066d84efdc1df659265354728ecf67077f7544bd586b19d9b38ad
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2F505285BBF066D84EFDC1DF659265354728ECF67077F7544BD586B19D9B38AD"
Last-Modified: Wed, 31 Aug 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8111
Expires: Thu, 01 Sep 2022 22:38:19 GMT
Date: Thu, 01 Sep 2022 20:23:08 GMT
Connection: keep-alive
|
|
| vilereasoning.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Findex.html&l=2230&fd=31 | 192.243.59.20 | 200 OK | 0 B |
URL HTTP/1.1vilereasoning.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Findex.html&l=2230&fd=31 IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Findex.html&l=2230&fd=31 HTTP/1.1
Host: vilereasoning.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Cookie: u_pl=16578187; uid_id2=6608c494-6305-4afb-9faa-3d780abef17c:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece393f80da8aac0cc70f9dbc6e1ea5bde=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Sep 2022 20:23:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash888b942029507a51149d121a3240e9d6 93590a3ac3a943506798dba597335cb144a5795d 7d358a347c38b06733ae7e7eae5a02f583d0d3db2a241bf427dff2588d7c6c1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:23:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css | 172.67.183.56 | 200 OK | 5.3 kB |
URL HTTP/2cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css IP172.67.183.56:0
Hashecb13c457c2988665453baab36d43de3 38132fa40381567d68c5a49c632ec3e102f9ab5a 0d9ff71a40a0b1ba2a1efc0ef06042dd2078fd81e2e588dcc938650a7827fdc1
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1377x.to
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 20:23:08 GMT
content-type: text/css
last-modified: Fri, 21 May 2021 10:10:46 GMT
etag: W/"60a78726-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1698040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8wdFwPet0f9wvsIYASlCqbGZpMfpvH56yljOP6qq0YKYaFIvOL5GcrXaxX5GZ5wkjVsAuzprkDdRZQPW0dnZj0635LED0Kg3DMhrHZd75YXpYQAwDt93HEZzSZqOmaffNU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7440b8d6ca83b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| vilereasoning.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fstyle.css&l=9494&fd=69 | 192.243.59.20 | 200 OK | 0 B |
URL HTTP/1.1vilereasoning.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fstyle.css&l=9494&fd=69 IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fstyle.css&l=9494&fd=69 HTTP/1.1
Host: vilereasoning.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Cookie: u_pl=16578187; uid_id2=6608c494-6305-4afb-9faa-3d780abef17c:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece393f80da8aac0cc70f9dbc6e1ea5bde=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Sep 2022 20:23:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| vilereasoning.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fanimate.css&l=79249&fd=73 | 192.243.59.20 | 200 OK | 0 B |
URL HTTP/1.1vilereasoning.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fanimate.css&l=79249&fd=73 IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fanimate.css&l=79249&fd=73 HTTP/1.1
Host: vilereasoning.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Cookie: u_pl=16578187; uid_id2=6608c494-6305-4afb-9faa-3d780abef17c:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece393f80da8aac0cc70f9dbc6e1ea5bde=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Sep 2022 20:23:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| vilereasoning.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fjs%2Fscript.js&l=711&fd=15 | 192.243.59.20 | 200 OK | 0 B |
URL HTTP/1.1vilereasoning.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fjs%2Fscript.js&l=711&fd=15 IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fjs%2Fscript.js&l=711&fd=15 HTTP/1.1
Host: vilereasoning.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Cookie: u_pl=16578187; uid_id2=6608c494-6305-4afb-9faa-3d780abef17c:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece393f80da8aac0cc70f9dbc6e1ea5bde=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Sep 2022 20:23:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash660657162b524658006a1856e274a946 56c933c6682c0019f6dbd040da6b929044dc216a 9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:23:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash660657162b524658006a1856e274a946 56c933c6682c0019f6dbd040da6b929044dc216a 9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:23:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.1377x.to
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 89341
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.1377x.to
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 89341
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| vilereasoning.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskRRyt3kQQPG3IZQVlDh4UzKR7ej5dYTHGSDC7WXaV9ab11ZMyNV1NVff0JAcJLsqCl9mT186bZONqEAWvLjJZ2ENAyXjKwfwNipDTIjKzwdHf5fdevXd49aq%2B2M3OiI%2BMni5fN9tKa7pYK%2FulVz8MgqulNRVnvVKvWf%2BoXr1ast03WvWy%2F1rpXck3zWLFD3w%2F8IPSirIyMr3FsQiVHLaCcssvVyvloFZFz%2F6fu8yDox5E94zMQYnR7GNvHooPEXe%2BX5ZuMzXJ6%2B90Mk1TY9EVBx%2FEm7HJY3SmMLIeovjgwg3jTlYewcT7k7gw3X%2BNTI2I9%2BQRWHxwERKsuzfJyTRkDCZeQN4dQuohFB2Cm7tQ4oQAXODGOuLOgxvG5nTrmUrH6ojMnv8FlY%2FI7O%2FziDvfLWnVK902OkuViR16UQHVG0K1h0iyI6Tbl6DyI%2FD0MyjxC1k8X0Pc2Vt32kCJ01fqdb%2FJq63qQj30awtVGrGFVkTpQigaTZ8yGQUNPilIqSFUNISWfVA3g8x5yJSHLPKQJR464rTEgyBo%2BIJTv9niPBQNyerCD2gjCmjg15vI%2BPgOfaRJH1z3we0OEruDTXX%2FpDYHm%2F0Mt1HACQ8uJeiKArkkyB1BTglyRZCnBHm32BfaVVzxQGiXseBiVy52WAxM2t6l%2ByZty5jsJmfk8qS7p%2BdfYlOelmTYCqOmL2iTUu5z3vCjlmC8LgNJa0xIOFVAuUugzsO2GpErb%2F6KRI3Ic1%2F9DUaP4PQRuJoDzV4CzQeNig%2B6Mag2fWzHXwdh2OiV0xzCFEjSWaRb3q4%2BI1cmGcI7f0Dy42sfs%2BujPx8%2BBbcFElvgE%2FWYoK3vDW6ZnOzdMrkjP6wnqeqobTp%2B29spTeXMN%2B%2FJrdxYsbrs%2Bg%2Ff4mNhDA%2Ffly5do7FQcduRb5eUENKuGMsl%2BWnV3ZHsZuY2ljIbZ8nazbdXVjuJlc4pEw9B1YiQJ8fgakSe%2F3F%2F8m1f%2FPxTKDuEzQp0smNyMVDmCDzZgUum%2BZ2ZgdVTD0s85FkxsBU2PdSKQMspp6yA%2Bw9nU7zr7qFtXwZN7yLuFOjaAl1dgOo%2BXDYzSBN7fO23cDJg2hswbb09pq2%2B%2F6xcp05LoS8aTEaywWS1Vo0kF6xWYz6POAtFs8mRuhG%2FPH%2F4DwAAAP%2F%2FAQAA%2F%2F9qx23DgQQAAA%3D%3D | 192.243.59.20 | 200 OK | 7 B |
URL HTTP/1.1vilereasoning.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskRRyt3kQQPG3IZQVlDh4UzKR7ej5dYTHGSDC7WXaV9ab11ZMyNV1NVff0JAcJLsqCl9mT186bZONqEAWvLjJZ2ENAyXjKwfwNipDTIjKzwdHf5fdevXd49aq%2B2M3OiI%2BMni5fN9tKa7pYK%2FulVz8MgqulNRVnvVKvWf%2BoXr1ast03WvWy%2F1rpXck3zWLFD3w%2F8IPSirIyMr3FsQiVHLaCcssvVyvloFZFz%2F6fu8yDox5E94zMQYnR7GNvHooPEXe%2BX5ZuMzXJ6%2B90Mk1TY9EVBx%2FEm7HJY3SmMLIeovjgwg3jTlYewcT7k7gw3X%2BNTI2I9%2BQRWHxwERKsuzfJyTRkDCZeQN4dQuohFB2Cm7tQ4oQAXODGOuLOgxvG5nTrmUrH6ojMnv8FlY%2FI7O%2FziDvfLWnVK902OkuViR16UQHVG0K1h0iyI6Tbl6DyI%2FD0MyjxC1k8X0Pc2Vt32kCJ01fqdb%2FJq63qQj30awtVGrGFVkTpQigaTZ8yGQUNPilIqSFUNISWfVA3g8x5yJSHLPKQJR464rTEgyBo%2BIJTv9niPBQNyerCD2gjCmjg15vI%2BPgOfaRJH1z3we0OEruDTXX%2FpDYHm%2F0Mt1HACQ8uJeiKArkkyB1BTglyRZCnBHm32BfaVVzxQGiXseBiVy52WAxM2t6l%2ByZty5jsJmfk8qS7p%2BdfYlOelmTYCqOmL2iTUu5z3vCjlmC8LgNJa0xIOFVAuUugzsO2GpErb%2F6KRI3Ic1%2F9DUaP4PQRuJoDzV4CzQeNig%2B6Mag2fWzHXwdh2OiV0xzCFEjSWaRb3q4%2BI1cmGcI7f0Dy42sfs%2BujPx8%2BBbcFElvgE%2FWYoK3vDW6ZnOzdMrkjP6wnqeqobTp%2B29spTeXMN%2B%2FJrdxYsbrs%2Bg%2Ff4mNhDA%2Ffly5do7FQcduRb5eUENKuGMsl%2BWnV3ZHsZuY2ljIbZ8nazbdXVjuJlc4pEw9B1YiQJ8fgakSe%2F3F%2F8m1f%2FPxTKDuEzQp0smNyMVDmCDzZgUum%2BZ2ZgdVTD0s85FkxsBU2PdSKQMspp6yA%2Bw9nU7zr7qFtXwZN7yLuFOjaAl1dgOo%2BXDYzSBN7fO23cDJg2hswbb09pq2%2B%2F6xcp05LoS8aTEaywWS1Vo0kF6xWYz6POAtFs8mRuhG%2FPH%2F4DwAAAP%2F%2FAQAA%2F%2F9qx23DgQQAAA%3D%3D IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskRRyt3kQQPG3IZQVlDh4UzKR7ej5dYTHGSDC7WXaV9ab11ZMyNV1NVff0JAcJLsqCl9mT186bZONqEAWvLjJZ2ENAyXjKwfwNipDTIjKzwdHf5fdevXd49aq%2B2M3OiI%2BMni5fN9tKa7pYK%2FulVz8MgqulNRVnvVKvWf%2BoXr1ast03WvWy%2F1rpXck3zWLFD3w%2F8IPSirIyMr3FsQiVHLaCcssvVyvloFZFz%2F6fu8yDox5E94zMQYnR7GNvHooPEXe%2BX5ZuMzXJ6%2B90Mk1TY9EVBx%2FEm7HJY3SmMLIeovjgwg3jTlYewcT7k7gw3X%2BNTI2I9%2BQRWHxwERKsuzfJyTRkDCZeQN4dQuohFB2Cm7tQ4oQAXODGOuLOgxvG5nTrmUrH6ojMnv8FlY%2FI7O%2FziDvfLWnVK902OkuViR16UQHVG0K1h0iyI6Tbl6DyI%2FD0MyjxC1k8X0Pc2Vt32kCJ01fqdb%2FJq63qQj30awtVGrGFVkTpQigaTZ8yGQUNPilIqSFUNISWfVA3g8x5yJSHLPKQJR464rTEgyBo%2BIJTv9niPBQNyerCD2gjCmjg15vI%2BPgOfaRJH1z3we0OEruDTXX%2FpDYHm%2F0Mt1HACQ8uJeiKArkkyB1BTglyRZCnBHm32BfaVVzxQGiXseBiVy52WAxM2t6l%2ByZty5jsJmfk8qS7p%2BdfYlOelmTYCqOmL2iTUu5z3vCjlmC8LgNJa0xIOFVAuUugzsO2GpErb%2F6KRI3Ic1%2F9DUaP4PQRuJoDzV4CzQeNig%2B6Mag2fWzHXwdh2OiV0xzCFEjSWaRb3q4%2BI1cmGcI7f0Dy42sfs%2BujPx8%2BBbcFElvgE%2FWYoK3vDW6ZnOzdMrkjP6wnqeqobTp%2B29spTeXMN%2B%2FJrdxYsbrs%2Bg%2Ff4mNhDA%2Ffly5do7FQcduRb5eUENKuGMsl%2BWnV3ZHsZuY2ljIbZ8nazbdXVjuJlc4pEw9B1YiQJ8fgakSe%2F3F%2F8m1f%2FPxTKDuEzQp0smNyMVDmCDzZgUum%2BZ2ZgdVTD0s85FkxsBU2PdSKQMspp6yA%2Bw9nU7zr7qFtXwZN7yLuFOjaAl1dgOo%2BXDYzSBN7fO23cDJg2hswbb09pq2%2B%2F6xcp05LoS8aTEaywWS1Vo0kF6xWYz6POAtFs8mRuhG%2FPH%2F4DwAAAP%2F%2FAQAA%2F%2F9qx23DgQQAAA%3D%3D HTTP/1.1
Host: vilereasoning.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Cookie: u_pl=16578187; uid_id2=6608c494-6305-4afb-9faa-3d780abef17c:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece393f80da8aac0cc70f9dbc6e1ea5bde=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Sep 2022 20:23:09 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f4307f8cc2baadb20543dd236379fab9
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha8301b9221d40e96963ee39828cebcf0 e5822caa4549b551baf97b504a53bfa4a8baf3d3 ad1dfa54fd1f7633f8ade0ca283f072f5705d51111971b6a23132c6fea75d33e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD1DFA54FD1F7633F8ADE0CA283F072F5705D51111971B6A23132C6FEA75D33E"
Last-Modified: Wed, 31 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17922
Expires: Fri, 02 Sep 2022 01:21:51 GMT
Date: Thu, 01 Sep 2022 20:23:09 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash660657162b524658006a1856e274a946 56c933c6682c0019f6dbd040da6b929044dc216a 9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:23:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| unseenreport.com/pxf.gif?uuid=6608c494-6305-4afb-9faa-3d780abef17c&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=e393f80da8aac0cc70f9dbc6e1ea5bde&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20 | 192.243.61.225 | 200 OK | 32 kB |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=6608c494-6305-4afb-9faa-3d780abef17c&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=e393f80da8aac0cc70f9dbc6e1ea5bde&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20 IP192.243.61.225:0 ASN#39572 DataWeb Global Group B.V.
Hashb032f5687998249a089efed6ff781d57 ff67dd3594a56d880abbde61dcb5cb1de34d785b f2852485f62b11920cf4fe3eb62bfd5b7023e3201c27026fc42d26a23e7ba847
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pxf.gif?uuid=6608c494-6305-4afb-9faa-3d780abef17c&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=e393f80da8aac0cc70f9dbc6e1ea5bde&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 01 Sep 2022 20:23:09 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0c4f3dd7878607ca1d703cef00ef2210
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=6608c494-6305-4afb-9faa-3d780abef17c&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=20c1050f6509bda85a2632d1ec65d60e&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20 | 192.243.61.225 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=6608c494-6305-4afb-9faa-3d780abef17c&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=20c1050f6509bda85a2632d1ec65d60e&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20 IP192.243.61.225:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pxf.gif?uuid=6608c494-6305-4afb-9faa-3d780abef17c&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=20c1050f6509bda85a2632d1ec65d60e&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 01 Sep 2022 20:23:09 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3833b29b745eefc978a225164097e847
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| addresseepaper.com/sfp.js | 104.21.234.254 | 200 OK | 0 B |
URL HTTP/2addresseepaper.com/sfp.js IP104.21.234.254:0
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 20:23:07 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: f1b9d935d27a87a216d4254892f6e994
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 01 Sep 2022 20:23:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yyHaXojrxwRZ1Nd9r7U6CXhUgw8UGEUzBxkXIPh1nHYOZT3yIS3ICDVZniLr0LiFbzuJxNWqgzI0k1RUx4qiZ%2B9XyZu1w7yvgHoPNiaLqws89u5tAQI1a2GUBSA%2F%2Bu5Y3XZUZF0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7440b8cdfc9b753d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html | 104.26.7.19 | 200 OK | 0 B |
URL HTTP/2cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html IP104.26.7.19:0
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1377x.to
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 20:23:08 GMT
content-type: text/html
last-modified: Wed, 09 Feb 2022 14:12:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 191601
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pylI3vZIG9YFZXKMJmERwaTvhqb9m1xwUk04Ck8cXycTNPVtGE6bSONQxlMiHr02KRA0Tdfo8ZOEwQfqZeo6L5PMn%2Bl7j4C8LyzkKeOW4ZdVw%2BTTA%2FVxRZF2dbFzZcnCuOZ5LoY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7440b8d5db8bb527-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css | 172.67.183.56 | 200 OK | 0 B |
URL HTTP/2cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css IP172.67.183.56:0
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1377x.to
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 20:23:08 GMT
content-type: text/css
last-modified: Mon, 31 Jan 2022 14:46:40 GMT
etag: W/"61f7f650-2516"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1698040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAaied8v6t4TZtWlnmcVAFifFCMLUnhPTeWJH3CMaZcXXjFkimzyhztyqsTB5tYveFAzU8lk1kMX14ZOhi402YxQ6u%2B0ei742sLYiXuyJuoSzOWOtfa6%2B1K5FHyRvfJ8aBw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7440b8d6ca7fb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.10:0
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Sep 2022 20:23:08 GMT
date: Thu, 01 Sep 2022 20:23:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.1377x.to/torrent/5337709/Sapiens/ | 172.67.194.20 | 200 OK | 0 B |
URL HTTP/2www.1377x.to/torrent/5337709/Sapiens/ IP172.67.194.20:0
GET /torrent/5337709/Sapiens/ HTTP/1.1
Host: www.1377x.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 20:23:06 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/5.4.45
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3c1jhqnusgraXo4yQ38MQrERK2sne2y38n8KnmBweoEss8WS0aWE30s7SICRR6dkCq3JM5BXatXHMLCjPfqTVDwuOkqt5ub%2FJzLFx6pLAa5R%2BuWyBjpF5oYlBmbMahg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7440b8c62dd5b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|