| reorganizeglaze.com/jyn1p6va?adb=y&adb=y&dev=r&key=149b635a6de17f1e483fc1571db55dc5&kw=[%22download%22,%22she-hulk%22,%22s01%22,%222160p%22,%22torrents%22,%22-%22,%22rarbg%22]&psid=CF-2967-layer_0&refer=https://www2.rarbggo.to/search/?search=she-hulk%20s01%202160p&res=14.31&scrHeight=1080&scrWidth=1920&ship=&sub3=invoke_layer&tz=-5&v=24.4.2204&zmq=81 | 192.243.61.227 | | 1.5 kB |
URL reorganizeglaze.com/jyn1p6va?adb=y&adb=y&dev=r&key=149b635a6de17f1e483fc1571db55dc5&kw=[%22download%22,%22she-hulk%22,%22s01%22,%222160p%22,%22torrents%22,%22-%22,%22rarbg%22]&psid=CF-2967-layer_0&refer=https://www2.rarbggo.to/search/?search=she-hulk%20s01%202160p&res=14.31&scrHeight=1080&scrWidth=1920&ship=&sub3=invoke_layer&tz=-5&v=24.4.2204&zmq=81 IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
File typeHTML document, ASCII text, with very long lines (816) Hashecb2950773942adba88c0c1a2d9475a0 137f640cd4e4b247f7aff6633ccb594b1c1fcce4 8745fef994cfb6afa317c035f102c6ff1850156bd2db48b4a775ca85ee8e5084
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /jyn1p6va?adb=y&adb=y&dev=r&key=149b635a6de17f1e483fc1571db55dc5&kw=[%22download%22,%22she-hulk%22,%22s01%22,%222160p%22,%22torrents%22,%22-%22,%22rarbg%22]&psid=CF-2967-layer_0&refer=https://www2.rarbggo.to/search/?search=she-hulk%20s01%202160p&res=14.31&scrHeight=1080&scrWidth=1920&ship=&sub3=invoke_layer&tz=-5&v=24.4.2204&zmq=81 HTTP/1.1
Host: reorganizeglaze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 06:57:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17903880; expires=Fri, 19 Apr 2024 06:57:50 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzkwMzg4MCwiayI6IjE0OWI2MzVhNmRlMTdmMWU0ODNmYzE1NzFkYjU1ZGM1Iiwic2lkIjoiQ0YtMjk2Ny1sYXllcl8wIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODgyNzg0LCJwaWQiOjM2NjU5MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOCwiYWlkIjoyOCwicHQiOjQsInBrIjoianluMXA2dmEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6dHJ1ZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cyLnJhcmJnZ28udG8vc2VhcmNoLz9zZWFyY2g9c2hlLWh1bGsgczAxIDIxNjBwIiwiYXIiOltdfX0.VJGF9qmUuwLFHMHMGm2s34mHxAXmAbxFWdWToNknlZ4; expires=Thu, 18 Apr 2024 06:58:50 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c4f2c7b5240d50cc367135cfb1eefac7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| reorganizeglaze.com/api/users?token=L2p5bjFwNnZhP2FkYj15JmRldj1yJmtleT0xNDliNjM1YTZkZTE3ZjFlNDgzZmMxNTcxZGI1NWRjNSZrdz0lNUIlMjJkb3dubG9hZCUyMiUyQyUyMnNoZS1odWxrJTIyJTJDJTIyczAxJTIyJTJDJTIyMjE2MHAlMjIlMkMlMjJ0b3JyZW50cyUyMiUyQyUyMi0lMjIlMkMlMjJyYXJiZyUyMiU1RCZwc2lkPUNGLTI5NjctbGF5ZXJfMCZwc3Q9MTcxMzQyMzUzMCZyZWZlcj1odHRwcyUzQSUyRiUyRnd3dzIucmFyYmdnby50byUyRnNlYXJjaCUyRiUzRnNlYXJjaCUzRHNoZS1odWxrK3MwMSsyMTYwcCZyZXM9MTQuMzEmcm10Yz10JnNjckhlaWdodD0xMDgwJnNjcldpZHRoPTE5MjAmc2hpcD0mc2h1PTEzY2M0NjFmNjFhN2ZiMjY5MWVhMjMxODU4Nzc4MmYyNmFiM2JiMWY5YWNhNTZhZjM2ODMyNTBmOGJlYWFiNzVhN2E2ZTYzYTAyYjA3NGRlM2NjMDY0MzA2YzRmNTVmNWI0ZTM0MTdkMDQ1NzNkNTY3MDA0NzNjYmI4ZjVlNGFjNWU5OTk4YmFlZGUyZjhhZDA2MmFlNTNjNmZhNWQ0ZDRlOTU4MDk0ZDg2YjI5N2YzNjMzMWVkMmU0MTkwOWMmc3ViMz1pbnZva2VfbGF5ZXImdHo9LTUmdj0yNC40LjIyMDQmem1xPTgx&uuid=&pii=&in=false | 172.240.108.84 | 302 Found | 0 B |
URL User Request GET HTTP/1.1reorganizeglaze.com/api/users?token=L2p5bjFwNnZhP2FkYj15JmRldj1yJmtleT0xNDliNjM1YTZkZTE3ZjFlNDgzZmMxNTcxZGI1NWRjNSZrdz0lNUIlMjJkb3dubG9hZCUyMiUyQyUyMnNoZS1odWxrJTIyJTJDJTIyczAxJTIyJTJDJTIyMjE2MHAlMjIlMkMlMjJ0b3JyZW50cyUyMiUyQyUyMi0lMjIlMkMlMjJyYXJiZyUyMiU1RCZwc2lkPUNGLTI5NjctbGF5ZXJfMCZwc3Q9MTcxMzQyMzUzMCZyZWZlcj1odHRwcyUzQSUyRiUyRnd3dzIucmFyYmdnby50byUyRnNlYXJjaCUyRiUzRnNlYXJjaCUzRHNoZS1odWxrK3MwMSsyMTYwcCZyZXM9MTQuMzEmcm10Yz10JnNjckhlaWdodD0xMDgwJnNjcldpZHRoPTE5MjAmc2hpcD0mc2h1PTEzY2M0NjFmNjFhN2ZiMjY5MWVhMjMxODU4Nzc4MmYyNmFiM2JiMWY5YWNhNTZhZjM2ODMyNTBmOGJlYWFiNzVhN2E2ZTYzYTAyYjA3NGRlM2NjMDY0MzA2YzRmNTVmNWI0ZTM0MTdkMDQ1NzNkNTY3MDA0NzNjYmI4ZjVlNGFjNWU5OTk4YmFlZGUyZjhhZDA2MmFlNTNjNmZhNWQ0ZDRlOTU4MDk0ZDg2YjI5N2YzNjMzMWVkMmU0MTkwOWMmc3ViMz1pbnZva2VfbGF5ZXImdHo9LTUmdj0yNC40LjIyMDQmem1xPTgx&uuid=&pii=&in=false IP172.240.108.84:443
CertificateIssuerLet's Encrypt Subjectreorganizeglaze.com Fingerprint22:89:D6:25:50:57:C4:4F:35:6E:C6:A9:B9:2F:7B:09:20:BF:27:27 ValidityTue, 16 Apr 2024 10:27:09 GMT - Mon, 15 Jul 2024 10:27:08 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/users?token=L2p5bjFwNnZhP2FkYj15JmRldj1yJmtleT0xNDliNjM1YTZkZTE3ZjFlNDgzZmMxNTcxZGI1NWRjNSZrdz0lNUIlMjJkb3dubG9hZCUyMiUyQyUyMnNoZS1odWxrJTIyJTJDJTIyczAxJTIyJTJDJTIyMjE2MHAlMjIlMkMlMjJ0b3JyZW50cyUyMiUyQyUyMi0lMjIlMkMlMjJyYXJiZyUyMiU1RCZwc2lkPUNGLTI5NjctbGF5ZXJfMCZwc3Q9MTcxMzQyMzUzMCZyZWZlcj1odHRwcyUzQSUyRiUyRnd3dzIucmFyYmdnby50byUyRnNlYXJjaCUyRiUzRnNlYXJjaCUzRHNoZS1odWxrK3MwMSsyMTYwcCZyZXM9MTQuMzEmcm10Yz10JnNjckhlaWdodD0xMDgwJnNjcldpZHRoPTE5MjAmc2hpcD0mc2h1PTEzY2M0NjFmNjFhN2ZiMjY5MWVhMjMxODU4Nzc4MmYyNmFiM2JiMWY5YWNhNTZhZjM2ODMyNTBmOGJlYWFiNzVhN2E2ZTYzYTAyYjA3NGRlM2NjMDY0MzA2YzRmNTVmNWI0ZTM0MTdkMDQ1NzNkNTY3MDA0NzNjYmI4ZjVlNGFjNWU5OTk4YmFlZGUyZjhhZDA2MmFlNTNjNmZhNWQ0ZDRlOTU4MDk0ZDg2YjI5N2YzNjMzMWVkMmU0MTkwOWMmc3ViMz1pbnZva2VfbGF5ZXImdHo9LTUmdj0yNC40LjIyMDQmem1xPTgx&uuid=&pii=&in=false HTTP/1.1
Host: reorganizeglaze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://reorganizeglaze.com/jyn1p6va?adb=y&adb=y&dev=r&key=149b635a6de17f1e483fc1571db55dc5&kw=[%22download%22,%22she-hulk%22,%22s01%22,%222160p%22,%22torrents%22,%22-%22,%22rarbg%22]&psid=CF-2967-layer_0&refer=https://www2.rarbggo.to/search/?search=she-hulk%20s01%202160p&res=14.31&scrHeight=1080&scrWidth=1920&ship=&sub3=invoke_layer&tz=-5&v=24.4.2204&zmq=81
Cookie: u_pl=17903880; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzkwMzg4MCwiayI6IjE0OWI2MzVhNmRlMTdmMWU0ODNmYzE1NzFkYjU1ZGM1Iiwic2lkIjoiQ0YtMjk2Ny1sYXllcl8wIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODgyNzg0LCJwaWQiOjM2NjU5MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOCwiYWlkIjoyOCwicHQiOjQsInBrIjoianluMXA2dmEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6dHJ1ZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cyLnJhcmJnZ28udG8vc2VhcmNoLz9zZWFyY2g9c2hlLWh1bGsgczAxIDIxNjBwIiwiYXIiOltdfX0.VJGF9qmUuwLFHMHMGm2s34mHxAXmAbxFWdWToNknlZ4; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 06:57:51 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17903880
Set-Cookie: pdhtkv=true; expires=Fri, 19 Apr 2024 06:57:51 GMT
uncs=1; expires=Fri, 19 Apr 2024 06:57:51 GMT
pdhtkv28=true; expires=Fri, 19 Apr 2024 06:57:51 GMT
uncs28=1; expires=Fri, 19 Apr 2024 06:57:51 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a4a729ba11e7af37d008c2a73f890097
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17903880 | 13.107.246.53 | 403 Forbidden | 409 B |
URL User Request GET HTTP/2adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17903880 IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerTrustwave Holdings, Inc. Subjectaffiliates.kindredplc.com Fingerprint9C:1F:91:86:77:41:76:62:71:CD:11:FD:80:70:B7:83:58:47:BF:4F ValidityThu, 17 Aug 2023 06:39:43 GMT - Fri, 16 Aug 2024 06:38:43 GMT
File typeASCII text, with CRLF line terminators Hashc42d7e4a6647fea51302d11c6e29b709 1338b226a83ad174b0cc6aee4c1c7bef9cd1b42b 987b158776bc83550b353639c67123d34cc1506c0f9e482ca1f4931f2d171798
GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17903880 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://reorganizeglaze.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Thu, 18 Apr 2024 06:57:51 GMT
content-type: text/html
content-length: 409
x-azure-ref: 20240418T065751Z-17f9dd4c48bx6bhdff1ha5qv9s00000001vg0000000059gm
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|
| adserving.unibet.com/favicon.ico | 13.107.213.53 | 403 Forbidden | 409 B |
URL GET HTTP/2adserving.unibet.com/favicon.ico IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17903880 CertificateIssuerTrustwave Holdings, Inc. Subjectaffiliates.kindredplc.com Fingerprint9C:1F:91:86:77:41:76:62:71:CD:11:FD:80:70:B7:83:58:47:BF:4F ValidityThu, 17 Aug 2023 06:39:43 GMT - Fri, 16 Aug 2024 06:38:43 GMT
File typeASCII text, with CRLF line terminators Hashad3c2eec5fcc44b237d72dcdaef1b9ad 61ba7e217adbc0d4fdeab29248fabbe3e28c4d3a ea235426d3bbe607baa43ac423d7b1236eb65a4d287cdbe88aaf547d7df80db8
GET /favicon.ico HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17903880
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Thu, 18 Apr 2024 06:57:51 GMT
content-type: text/html
content-length: 409
x-azure-ref: 20240418T065751Z-17f9dd4c48bd57sl1ck94su90c00000001k0000000008nzp
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|