Report - gktorrent.sh

Report Overview

Visited public
2024-12-14 19:54:18
Tags
URL
gktorrent.sh
Finishing URL
www.gktorrent.si/
IP / ASN
188.114.96.1
#13335 CLOUDFLARENET
Title
GkTorrent: Téléchargement de Films Torrent

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
zimage.cc	unknown	2021-07-03	2021-07-03	2024-12-07	4.8 kB	415 kB	104.21.44.40
containsreform.com	unknown	2024-12-10	2024-12-12	2024-12-12	438 B	35 kB	172.240.253.132
js.capndr.com	316718	2021-08-30	2021-08-30	2024-12-11	403 B	397 B	45.133.44.52
fp.metricswpsh.com	unknown	2021-10-29	2022-04-22	2024-12-11	508 B	331 B	157.90.84.242
js.wpushsdk.com	36947	2021-05-07	2021-05-07	2024-12-13	414 B	90 kB	45.133.44.53
ataiyalstrays.com	unknown	2024-06-13	2024-10-08	2024-12-07	404 B	1.2 kB	23.109.170.113
recordedthereby.com	unknown	2024-05-08	2024-05-08	2024-12-08	401 B	86 kB	185.196.197.71
storage.multstorage.com	unknown	2023-09-22	2023-09-22	2024-12-13	526 B	7.2 kB	104.21.30.242
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2024-12-11	2.1 kB	432 kB	104.17.25.14
www.googletagmanager.com	75	2011-11-11	2012-10-04	2024-12-11	423 B	106 kB	216.58.207.200
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-12-08	433 B	423 B	18.185.237.16
na.nawpush.com	38563	2020-12-21	2020-12-23	2024-12-13	469 B	2.0 kB	45.133.44.25
js.wpadmngr.com	25762	2021-06-02	2021-06-02	2024-12-13	824 B	124 kB	45.133.44.53
d457c69ef7.0e07fa9a08.com	unknown	2024-11-14	2024-12-14	2024-12-14	829 B	343 B	45.133.44.53
gktorrent.sh	unknown	2024-03-16	2024-03-16	2024-03-19	467 B	1.0 kB	104.21.74.164
www.gktorrent.si	unknown	2024-10-15	2024-10-15	2024-12-10	5.2 kB	158 kB	172.67.214.166
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27	2024-12-08	415 B	375 B	185.196.197.71
js.wpshsdk.com	12130	2021-06-04	2021-06-04	2024-12-08	411 B	20 kB	45.133.44.52

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-14	medium	ataiyalstrays.com	Sinkholed
2024-12-14	medium	0e07fa9a08.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (12)

	URL	From	Size	First Seen	Last Seen
	containsreform.com/8c/33/72/8c33721f6aa15cc0a61420f50575e334.js	ScriptElement	94 kB	2024-12-14	2024-12-14
Pretty URL containsreform.com/8c/33/72/8c33721f6aa15cc0a61420f50575e334.js IP 172.240.253.132 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-14 15:01 Last Seen2024-12-14 19:54 Times Seen2 Hash a95c2a5cf0e7eb5b924217543e68db20 a92c187438cc29f0bf2c824c5eb1a336b352be44 cef8365ed0131d0b99192ab30060f7b8b97b421e602e87d9a683100864868047 Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2024-05-17	2025-01-21
Pretty URL recordedthereby.com/sfp.js IP 185.196.197.71 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-17 16:43 Last Seen2025-01-21 11:22 Times Seen13574 Hash 7e3e44049654b6e244c1777e68ffb8e7 8f2a8298666d607afd92a0baa362ef4dc9ccd039 4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b Loading...

	js.wpshsdk.com/npc/sdk/push.m.js?v=1	ScriptElement	34 kB	2024-12-07	2025-03-05
Pretty URL js.wpshsdk.com/npc/sdk/push.m.js?v=1 IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-07 12:58 Last Seen2025-03-05 04:00 Times Seen469 Hash 985ea4d0139882b0e583d462544acc0b c067c6a11f3bf6d875f9b8cc948d7473c83319af 93f8cd419860ef7d55f240489773576d51e17865e7a82c286d4e6799fba661be Loading...

	js.wpushsdk.com/npc/sdk/wpu/csub.m.js	ScriptElement	90 kB	2023-03-08	2025-04-19
Pretty URL js.wpushsdk.com/npc/sdk/wpu/csub.m.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:49 Last Seen2025-04-19 07:58 Times Seen209 Hash e8cc8668a6709d2fff8f8ce714b7bcca 9495fd5fc854ac6ee32fedc0038cc67f26b7e4ff 3f881ab7cc56a0d1102cd0430c6d4b03f79a10c86d71d08a6e733fce6cc2fb32 Loading...

	js.wpadmngr.com/static/adManager.js	ScriptElement	1.7 kB	2024-04-09	2025-05-10
Pretty URL js.wpadmngr.com/static/adManager.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-09 16:57 Last Seen2025-05-10 17:03 Times Seen3303 Hash 1e936cad37e18ba5bc2f07acd57447d6 f55969248208bb6871e28b9478761ffb25207c35 e98e6a93ea15df4d4fe1e38c890f29512d739f493428436defb914775df550f8 Loading...

	www.googletagmanager.com/gtag/js?id=G-QMMND2ETSV	ScriptElement	307 kB	2024-12-14	2024-12-14
Pretty URL www.googletagmanager.com/gtag/js?id=G-QMMND2ETSV IP 216.58.207.200 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-14 19:54 Last Seen2024-12-14 19:54 Times Seen1 Hash 69eccb4d9be33972af5eb91c17e31236 ed0dc88387a4bd8f8cbf5c7ce25eba7e42664067 c17ecc0b9118dbbf96ad866f43dd66c4bc791152d1499e26b7d66cd8009e1e94 Loading...

	js.wpadmngr.com/static/adManager.m.js	ScriptElement	122 kB	2024-12-05	2025-01-22
Pretty URL js.wpadmngr.com/static/adManager.m.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-05 15:05 Last Seen2025-01-22 09:19 Times Seen1163 Hash 19c6f6233262cf16d5b6e475f3d8a44c f172778db5959e847ce5d378947c56fe75f6df56 78c30b418896961856ee26e09ac3990b9e790852ad1333a0d30e8ede9f771a6f Loading...

	js.capndr.com/advertising.js	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL js.capndr.com/advertising.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 05:01 Times Seen4650803 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	storage.multstorage.com/log/count.html	ScriptElement	718 B	2023-09-18	2025-03-01
Pretty URL storage.multstorage.com/log/count.html IP 104.21.30.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-18 17:19 Last Seen2025-03-01 23:33 Times Seen12563 Hash 1f697a0f2411e463adbc1211493fe5a6 93c154152bda427938543b8efbd8d3b594abbac7 08a5735f5232b651af89f552e8d0fb7b21d6605fba48f335318699d80d12703e Loading...

	www.gktorrent.si/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	ScriptElement	12 kB	2023-03-07	2025-05-11
Pretty URL www.gktorrent.si/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 172.67.214.166 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 02:05 Times Seen31288 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	ataiyalstrays.com/1clkn/56862	ScriptElement	6 B	2023-03-07	2025-05-11
Pretty URL ataiyalstrays.com/1clkn/56862 IP 23.109.170.113 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-11 04:27 Times Seen12575 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

	unknown	ScriptElement	153 B	2024-01-22	2025-04-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-22 14:19 Last Seen2025-04-11 20:57 Times Seen49 Hash d38c286d20807711a1a24c13c817ead7 5bda5efce7890fdbb789cffce4d2b61668d4513c dc3c1f7097caf3a846d0363ff178875193aeb9b5bcad1d7a8a1df86d79335fdf Loading...

HTTP Transactions (41)

URL IP Response Size

gktorrent.sh/

104.21.74.164

301 Moved Permanently

167 B

URL User Request GET HTTP/2
gktorrent.sh/
IP
104.21.74.164:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectgktorrent.sh
FingerprintBE:44:33:9D:B6:D2:15:82:42:EB:3A:A9:B3:27:CD:3D:C8:F2:71:70
ValidityThu, 07 Nov 2024 09:40:56 GMT - Wed, 05 Feb 2025 09:40:55 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET / HTTP/1.1
Host: gktorrent.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 14 Dec 2024 19:53:52 GMT
content-type: text/html
content-length: 167
location: https://www.gktorrent.si/
cache-control: max-age=3600
expires: Sat, 14 Dec 2024 20:53:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jV9thhCOKd1eqNlQzDzfkxmEAPYS9EmNQRYxjoUm%2F7cJUrstjNCL9aHCw0lkmxFdRReBH7fZvkNBQ6Ry%2F%2FlF5veZc%2FaEBRJqAeDeI9E8NMWMZzWPYBpMYS9TPEZqgFc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f20be14e8e9b518-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=506&min_rtt=486&rtt_var=97&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3273&recv_bytes=1240&delivery_rate=7898181&cwnd=253&unsent_bytes=0&cid=9359ad02d860b883&ts=28&x=0"
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.css

104.17.25.14

200 OK

20 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gktorrent.si/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint64:3F:50:40:E0:BD:89:CB:A9:C8:BE:E5:74:F6:9E:D6:2E:1A:32:02
ValidityTue, 26 Nov 2024 07:25:18 GMT - Mon, 24 Feb 2025 07:25:17 GMT

File type
troff or preprocessor input, ASCII text
Size
20 kB (19472 bytes)
Hash
e3d3126e93fc1303cf862d5852f56654
357908650e3a2f75f7e77c3e741e8bd0cfa07625
340d09d12141a30f53d870d647f2f4ba93047709331cd441c43db7301bd52d68

HTTP Headers

GET /ajax/libs/font-awesome/6.2.0/css/all.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Dec 2024 19:53:52 GMT
content-type: text/css; charset=utf-8
content-length: 19472
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "630e6e62-4c10"
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2232092
expires: Thu, 04 Dec 2025 19:53:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1jZ3JNcv65hqZPky7Zu9y54TkLVp3VyLRgfmiR1tNV8zGbgjcyz7AlEZZNTN7HyRGJeQpamrnq%2BVZgIUTldCuILEfDXsRwKQ3rfkGpYi6%2BgA6k7e0th1E%2BdXLy1nsdiVFvRjUP8R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8f20be172edc0b51-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.gktorrent.si/themes/default/css/style.css

172.67.214.166

200 OK

4.5 kB

URL GET HTTP/3
www.gktorrent.si/themes/default/css/style.css
IP
172.67.214.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gktorrent.si/
Certificate
IssuerGoogle Trust Services
Subjectgktorrent.si
FingerprintA9:64:6E:25:D5:E2:1E:5A:C5:3C:40:3C:29:1F:23:7E:B3:59:40:08
ValidityFri, 13 Dec 2024 19:59:03 GMT - Thu, 13 Mar 2025 20:55:20 GMT

File type
Unicode text, UTF-8 text
Size
4.5 kB (4536 bytes)
Hash
dd934072600fb24503c5cc4a2e356ed7
5aaec8327282d552c8db1d02c811f757353cdd3a
6911c126fe3dd6359e0994c5e55bd7bc9b8b6f97a6dff71c28ae4b1586e5a86d

HTTP Headers

GET /themes/default/css/style.css HTTP/1.1
Host: www.gktorrent.si
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 14 Dec 2024 19:53:52 GMT
content-type: text/css
content-length: 4536
last-modified: Thu, 21 Nov 2024 18:21:53 GMT
etag: "4df1-627705738187c-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: no-store
cf-cache-status: EXPIRED
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e6CvpV5Nk38BZtbj6UOCeSa2IU7o8VLIKSOgwsdvTkO0MmaPjcIOmvHgzoqXTrE1B5Rm9li3t8uXTPn9f4KgUm1ertLGBQANVV6Xxh3VwafonxXvImHt1OSxtTCUV38uN4C%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f20be16df2856ca-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6260&min_rtt=1160&rtt_var=4106&sent=17&recv=10&lost=0&retrans=0&sent_bytes=8632&recv_bytes=2237&delivery_rate=18319&cwnd=12000&unsent_bytes=0&cid=b3fd97114657b107&ts=289&x=1", cfExtPri, cfHdrFlush;dur=0

www.gktorrent.si/themes/default/img/logo.png

172.67.214.166

200 OK

4.8 kB

URL GET HTTP/3
www.gktorrent.si/themes/default/img/logo.png
IP
172.67.214.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gktorrent.si/
Certificate
IssuerGoogle Trust Services
Subjectgktorrent.si
FingerprintA9:64:6E:25:D5:E2:1E:5A:C5:3C:40:3C:29:1F:23:7E:B3:59:40:08
ValidityFri, 13 Dec 2024 19:59:03 GMT - Thu, 13 Mar 2025 20:55:20 GMT

File type
PNG image data, 400 x 100, 8-bit/color RGBA, non-interlaced
Size
4.8 kB (4804 bytes)
Hash
307eb9b2f6fe60c9be9b9e50f6b768b6
36e6ab3104b25e9be9c41db2956076342afd9c00
7b1b7b25ffc229d1b9a4f3f93815cd689cb4ab0d384b4a868940580225e2fe7e

HTTP Headers

GET /themes/default/img/logo.png HTTP/1.1
Host: www.gktorrent.si
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 14 Dec 2024 19:53:52 GMT
content-type: image/png
content-length: 4804
last-modified: Tue, 15 Oct 2024 18:54:00 GMT
etag: "12c4-6248879f56b06"
cache-control: no-store
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MYhSKCwSVmANmrpk4M51MMaShH%2FF%2Bg9VVVpLqZ78Ym%2FWd%2B5hRDkZqKgZw74UWw%2Blh8WJ53mikqd6wIYw0Vbugxp4f9epYebiZnHdrSU3jQkuDgINBgJW%2BrAXL%2F1I%2F1l8EN54"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f20be16ef2e56ca-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6260&min_rtt=1160&rtt_var=4106&sent=22&recv=10&lost=0&retrans=0&sent_bytes=13967&recv_bytes=2237&delivery_rate=18319&cwnd=12000&unsent_bytes=0&cid=b3fd97114657b107&ts=289&x=1", cfExtPri, cfHdrFlush;dur=0

zimage.cc/uploads/screen/d4cfaf968d3f4a33d09cf91a7efb69ef3dd2fac5.webp

104.21.44.40

200 OK

57 kB

URL GET
zimage.cc/uploads/screen/d4cfaf968d3f4a33d09cf91a7efb69ef3dd2fac5.webp
IP
104.21.44.40:0
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gktorrent.si/
Certificate
IssuerGoogle Trust Services
Subjectzimage.cc
FingerprintC6:A2:A9:26:83:71:23:60:EA:17:FE:E4:B8:BC:43:ED:D1:17:EB:95
ValiditySat, 26 Oct 2024 08:53:04 GMT - Fri, 24 Jan 2025 08:53:03 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 360x480, Scaling: [none]x[none], YUV color, decoders should clamp
Size
57 kB (57184 bytes)
Hash
398e136c6bd70d6afde9d234562a0092
c1787f3e8ccc7d16a1594ff2796a8778f70596a3
c89463120907d141deefd147782c0517da1064470284ebd19b9b7e6945bfbf83

HTTP Headers

GET /uploads/screen/d4cfaf968d3f4a33d09cf91a7efb69ef3dd2fac5.webp HTTP/1.1
Host: zimage.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 14 Dec 2024 19:53:52 GMT
content-type: image/webp
content-length: 57184
last-modified: Fri, 25 Oct 2024 05:37:39 GMT
etag: "df44-62546846691ea-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: HIT
age: 119039
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LZKH3yq5AoWqOZMEI3oQXPiwAfw62LICyTsGl3BhlNpgf6gK5UJhIe3fd1BFNEYMJR4DN6GVk0Z3Oq3gdkjPb4h1gW%2B3NlHEEMiMfxk7P1qOLRc9o%2BK27vRYJ4A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f20be175898b527-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=506&min_rtt=448&rtt_var=96&sent=8&recv=16&lost=0&retrans=0&sent_bytes=3191&recv_bytes=1653&delivery_rate=7956043&cwnd=254&unsent_bytes=0&cid=16974f8d501d724d&ts=64&x=0"
X-Firefox-Spdy: h2

zimage.cc/uploads/screen/4021025280de4a41156af7d811fbe1847dcbce12.webp

104.21.44.40

200 OK

60 kB

URL GET
zimage.cc/uploads/screen/4021025280de4a41156af7d811fbe1847dcbce12.webp
IP
104.21.44.40:0
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gktorrent.si/
Certificate
IssuerGoogle Trust Services
Subjectzimage.cc
FingerprintC6:A2:A9:26:83:71:23:60:EA:17:FE:E4:B8:BC:43:ED:D1:17:EB:95
ValiditySat, 26 Oct 2024 08:53:04 GMT - Fri, 24 Jan 2025 08:53:03 GMT

File type
RIFF (little-endian) data, Web/P image
Size
60 kB (60526 bytes)
Hash
e610bf65d56b7a6773d684c7235c1d2f
436c5ff1798a461f049fd5de92f75687b075f61d
8547ecfa730199c41ae21d6f3b19e7396186bcf5e36b75a35a0acbeb299a43ea

HTTP Headers

GET /uploads/screen/4021025280de4a41156af7d811fbe1847dcbce12.webp HTTP/1.1
Host: zimage.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 14 Dec 2024 19:53:52 GMT
content-type: image/webp
content-length: 60526
last-modified: Wed, 16 Oct 2024 18:21:37 GMT
etag: "ecde-6249c23fd95a6-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: HIT
age: 110105
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aUWPgzPE%2FXdbPQQ4JjMIhbJSGrzwZ4ADLl1loJVB2vtf8SrZzSfdsN1%2FGOxkZLTCZI9iYvS88cf0lbtAu3ifWhR7%2FIvdvz6jUTQuTIeOxIiwVdIyGimCXAjhHGw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f20be17589cb527-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=506&min_rtt=448&rtt_var=96&sent=56&recv=16&lost=0&retrans=0&sent_bytes=67319&recv_bytes=1653&delivery_rate=7956043&cwnd=254&unsent_bytes=31856&cid=16974f8d501d724d&ts=67&x=0"
X-Firefox-Spdy: h2

zimage.cc/uploads/screen/b386a5ce304b15e4ffe50073a33509de5c139a74.webp

104.21.44.40

200 OK

64 kB

URL GET
zimage.cc/uploads/screen/b386a5ce304b15e4ffe50073a33509de5c139a74.webp
IP
104.21.44.40:0
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gktorrent.si/
Certificate
IssuerGoogle Trust Services
Subjectzimage.cc
FingerprintC6:A2:A9:26:83:71:23:60:EA:17:FE:E4:B8:BC:43:ED:D1:17:EB:95
ValiditySat, 26 Oct 2024 08:53:04 GMT - Fri, 24 Jan 2025 08:53:03 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 360x540, Scaling: [none]x[none], YUV color, decoders should clamp
Size
64 kB (63830 bytes)
Hash
476dd94ec22975a6f49c02b78f55744d
7f86d8522e3962a9c74efcf9beaea03323f5ae6d
2c13cfb6a91fb7b67484b6e918791d827be35677c4feaf97bc898ebd5b366914

HTTP Headers

GET /uploads/screen/b386a5ce304b15e4ffe50073a33509de5c139a74.webp HTTP/1.1
Host: zimage.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 14 Dec 2024 19:53:52 GMT
content-type: image/webp
content-length: 63830
last-modified: Fri, 25 Oct 2024 07:24:03 GMT
etag: "f93a-6254800eafbba-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: HIT
age: 119039
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FpSiRZRkqFRi4rZrGPSucRMk1srIwrAoxGrNghQeRS6zwYSGBSJOPoT%2FQvUz3XC5LvqlJ%2FVBDRV4mpslMKHULcmmrMiWLpuqYxUHtVXamZBqbPQiUofXjRJe%2FaE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f20be1798f5b527-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=876&min_rtt=416&rtt_var=218&sent=389&recv=158&lost=0&retrans=1&sent_bytes=521505&recv_bytes=1871&delivery_rate=116036117&cwnd=254&unsent_bytes=0&cid=16974f8d501d724d&ts=108&x=0"
X-Firefox-Spdy: h2

www.gktorrent.si/themes/default/css/bootstrap.css

172.67.214.166

200 OK

22 kB

URL GET HTTP/3
www.gktorrent.si/themes/default/css/bootstrap.css
IP
172.67.214.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gktorrent.si/
Certificate
IssuerGoogle Trust Services
Subjectgktorrent.si
FingerprintA9:64:6E:25:D5:E2:1E:5A:C5:3C:40:3C:29:1F:23:7E:B3:59:40:08
ValidityFri, 13 Dec 2024 19:59:03 GMT - Thu, 13 Mar 2025 20:55:20 GMT

File type
ASCII text, with very long lines (496), with CRLF line terminators
Size
22 kB (22150 bytes)
Hash
e6200c2f007a2d224e30ee6383ace611
61ea88e082d72d21309bfc698d107766b8ad4a6b
d2f36536d1a6f50cd982397e3d2df4ad75a182bbe96bbd7c6d55c71314b08a66

HTTP Headers

GET /themes/default/css/bootstrap.css HTTP/1.1
Host: www.gktorrent.si
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 14 Dec 2024 19:53:52 GMT
content-type: text/css
content-length: 22150
last-modified: Fri, 15 Nov 2024 09:57:17 GMT
etag: "24dd0-626f0979920f2-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: no-store
cf-cache-status: EXPIRED
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r5bAmWfoy%2Fapw1H9xCACdD4U%2F1NbjV8oPjWAx0t%2BFULn2YyUBhEA73%2BXE4OtzGpRukbryQb6T3UcWZ%2By6ABiN2n7KGfENd5ka8ZxvLeTdiGCdeofDLoI35zKRpsuRJjqVkxZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f20be16df2a56ca-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6260&min_rtt=1160&rtt_var=4106&sent=28&recv=10&lost=0&retrans=0&sent_bytes=20632&recv_bytes=2237&delivery_rate=18319&cwnd=12000&unsent_bytes=0&cid=b3fd97114657b107&ts=319&x=1", cfExtPri, cfHdrFlush;dur=8

www.gktorrent.si/themes/default/img/animation1.jpg

172.67.214.166

200 OK

7.3 kB

URL GET HTTP/3
www.gktorrent.si/themes/default/img/animation1.jpg
IP
172.67.214.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gktorrent.si/
Certificate
IssuerGoogle Trust Services
Subjectgktorrent.si
FingerprintA9:64:6E:25:D5:E2:1E:5A:C5:3C:40:3C:29:1F:23:7E:B3:59:40:08
ValidityFri, 13 Dec 2024 19:59:03 GMT - Thu, 13 Mar 2025 20:55:20 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=PhotoFiltre Studio X, datetime=2022:02:12 13:05:26], baseline, precision 8, 150x150, components 3
Size
7.3 kB (7306 bytes)
Hash
0573d4afb59612940a3e4823747adff4
82e478eb20d06a30e996ca6c7d52afaf8106e1e4
ca6263642c45acb1d6ee1f646306d393040ac67dd077a4bf07f1280364f6e8b7

HTTP Headers

GET /themes/default/img/animation1.jpg HTTP/1.1
Host: www.gktorrent.si
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 14 Dec 2024 19:53:52 GMT
content-type: image/jpeg
content-length: 7306
last-modified: Tue, 15 Oct 2024 18:53:57 GMT
etag: "1c8a-6248879c667de"
cache-control: no-store
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WNowVdJd6pZHUatktc29YdUuhXg8per7mT8MFUXOn69RyyHgYZklFuQ4KRZdluJyfPQ%2BC2huFrEpD7PH96oMC%2BKtrmWDtIzDE59gJ8fYjwj%2BhZiFti1f76UswuCr4xIolTec"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f20be171f6756ca-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6260&min_rtt=1160&rtt_var=4106&sent=27&recv=10&lost=0&retrans=0&sent_bytes=19580&recv_bytes=2237&delivery_rate=18319&cwnd=12000&unsent_bytes=0&cid=b3fd97114657b107&ts=317&x=1", cfExtPri, cfHdrFlush;dur=0

zimage.cc/uploads/screen/e71c161411b07eed6d63dc8aae99e94923843544.webp

104.21.44.40

200 OK

29 kB

URL GET
zimage.cc/uploads/screen/e71c161411b07eed6d63dc8aae99e94923843544.webp
IP
104.21.44.40:0
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gktorrent.si/
Certificate
IssuerGoogle Trust Services
Subjectzimage.cc
FingerprintC6:A2:A9:26:83:71:23:60:EA:17:FE:E4:B8:BC:43:ED:D1:17:EB:95
ValiditySat, 26 Oct 2024 08:53:04 GMT - Fri, 24 Jan 2025 08:53:03 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 280x400, components 3
Size
29 kB (29026 bytes)
Hash
964d2a093c3d92163bd263c8e375a864
24c170988682de5ccc8a31050a9c9c4757da85a0
66ff4aee7b118b587dbd32e92d0009fd64e48316890736b2f1931f551e4d5e62

HTTP Headers

GET /uploads/screen/e71c161411b07eed6d63dc8aae99e94923843544.webp HTTP/1.1
Host: zimage.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 14 Dec 2024 19:53:52 GMT
content-type: image/webp
content-length: 29026
last-modified: Thu, 17 Oct 2024 17:09:55 GMT
etag: "71e3-624af416f9629-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: HIT
age: 119039
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FdctzTIwPAPxG%2BfGCMGN8Dx7xKSy2U1E46iisA1lxZTNiHgI%2FUrevA5jt4uh20gbQYUpenQ6oojaGrVIMyNP99X2hGiqw9xwJhzeAaefYvyhTsoUzWkGIL6vFhQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f20be17e97ab527-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5881&min_rtt=416&rtt_var=10241&sent=437&recv=191&lost=0&retrans=1&sent_bytes=586004&recv_bytes=2090&delivery_rate=116036117&cwnd=254&unsent_bytes=0&cid=16974f8d501d724d&ts=159&x=0"
X-Firefox-Spdy: h2

zimage.cc/uploads/screen/d413c735648f3a8194d4c9ed6ad3660655dacec3.webp

104.21.44.40

200 OK

38 kB

URL GET
zimage.cc/uploads/screen/d413c735648f3a8194d4c9ed6ad3660655dacec3.webp
IP
104.21.44.40:0
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gktorrent.si/
Certificate
IssuerGoogle Trust Services
Subjectzimage.cc
FingerprintC6:A2:A9:26:83:71:23:60:EA:17:FE:E4:B8:BC:43:ED:D1:17:EB:95
ValiditySat, 26 Oct 2024 08:53:04 GMT - Fri, 24 Jan 2025 08:53:03 GMT

File type
RIFF (little-endian) data, Web/P image
Size
38 kB (38534 bytes)
Hash
d069c9469f664d2161a587e9389c8aeb
8509c915e92a3d45ed17398aaaf7ee08ead94b53
b3f0a23e536d6c2c1a17cfca5b19eb56e8007d5d881465d07eacbf4da664f41a

HTTP Headers

GET /uploads/screen/d413c735648f3a8194d4c9ed6ad3660655dacec3.webp HTTP/1.1
Host: zimage.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 14 Dec 2024 19:53:52 GMT
content-type: image/webp
content-length: 38534
last-modified: Wed, 16 Oct 2024 20:12:39 GMT
etag: "96fc-6249db119dde8-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: HIT
age: 120834
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ByqR7mqbMQlkieLdve9YyaYwbWmsst800A9wJ%2BsqmefYMiXbBOAF0fAaShn3Ba0YXCtBPS%2B3bDgLytaZcU%2B14BQ1oFaBsDy7TBg4zX5nQ92LNIPE4J4cWVY%2BYRU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f20be17e977b527-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5881&min_rtt=416&rtt_var=10241&sent=459&recv=191&lost=0&retrans=1&sent_bytes=615613&recv_bytes=2090&delivery_rate=116036117&cwnd=254&unsent_bytes=0&cid=16974f8d501d724d&ts=159&x=0"
X-Firefox-Spdy: h2

ataiyalstrays.com/1clkn/56862

23.109.170.113

200 OK

26 B

URL GET HTTP/1.1
ataiyalstrays.com/1clkn/56862
IP
23.109.170.113:443
ASN
#7979 SERVERS-COM

Requested by
https://www.gktorrent.si/
Certificate
IssuerLet's Encrypt
Subjectataiyalstrays.com
Fingerprint80:EE:13:E0:F4:FA:11:26:10:2E:74:27:A9:6D:85:FC:E7:94:39:A6
ValiditySat, 26 Oct 2024 15:06:30 GMT - Fri, 24 Jan 2025 15:06:29 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1clkn/56862 HTTP/1.1
Host: ataiyalstrays.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 14 Dec 2024 19:53:52 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sun, 15-Dec-2024 19:53:52 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Sun, 15-Dec-2024 19:53:52 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

www.gktorrent.si/themes/default/img/footer.jpg

172.67.214.166

200 OK

9.6 kB

URL GET HTTP/3
www.gktorrent.si/themes/default/img/footer.jpg
IP
172.67.214.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gktorrent.si/
Certificate
IssuerGoogle Trust Services
Subjectgktorrent.si
FingerprintA9:64:6E:25:D5:E2:1E:5A:C5:3C:40:3C:29:1F:23:7E:B3:59:40:08
ValidityFri, 13 Dec 2024 19:59:03 GMT - Thu, 13 Mar 2025 20:55:20 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2017:06:04 12:20:56], baseline, precision 8, 1220x60, components 3
Size
9.6 kB (9633 bytes)
Hash
97fddb0e74115715fc8f567e46b8c712
12299a16edac93d8fdc373ae32e423d3b2943b91
67d99bd1dfe83f196706be97ca0695c2dd26b677252188fe0ab551a935540f8c

HTTP Headers

GET /themes/default/img/footer.jpg HTTP/1.1
Host: www.gktorrent.si
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 14 Dec 2024 19:53:52 GMT
content-type: image/jpeg
content-length: 9633
last-modified: Tue, 15 Oct 2024 18:53:59 GMT
etag: "25a1-6248879e15a4e"
cache-control: no-store
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WkJBZ%2FapDvLp7chnnMFj0xk1sD6enOVLnewpUcM%2BpPSJJfXDn3R2FslC50ZIaupgavyZeTlzOhkANHlnRGuE9ZqC4hamvDTaz9ahHy3yGbEhP2fu8RynjBeR%2BX0HUI2g6jXJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f20be193a6056ca-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9669&min_rtt=1160&rtt_var=9857&sent=56&recv=15&lost=0&retrans=1&sent_bytes=51185&recv_bytes=2981&delivery_rate=168294&cwnd=45600&unsent_bytes=0&cid=b3fd97114657b107&ts=660&x=1", cfExtPri, cfHdrFlush;dur=0

www.gktorrent.si/themes/default/img/sprites.png

172.67.214.166

200 OK

33 kB

URL GET HTTP/3
www.gktorrent.si/themes/default/img/sprites.png
IP
172.67.214.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gktorrent.si/
Certificate
IssuerGoogle Trust Services
Subjectgktorrent.si
FingerprintA9:64:6E:25:D5:E2:1E:5A:C5:3C:40:3C:29:1F:23:7E:B3:59:40:08
ValidityFri, 13 Dec 2024 19:59:03 GMT - Thu, 13 Mar 2025 20:55:20 GMT

File type
PNG image data, 360 x 112, 8-bit/color RGBA, non-interlaced
Size
33 kB (33117 bytes)
Hash
d0170697fb4f2c01eb54df5c4951dbbe
a222900207b5744b4dc2e0f52bf6372d4ec631a7
fe90ba698ba8ba79af4acc9d3f8ba0f5dc52d6f492f512d9646d9da4c74522a2

HTTP Headers

GET /themes/default/img/sprites.png HTTP/1.1
Host: www.gktorrent.si
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 14 Dec 2024 19:53:52 GMT
content-type: image/png
content-length: 33117
last-modified: Tue, 15 Oct 2024 18:54:01 GMT
etag: "815d-624887a01656e"
cache-control: no-store
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xm18Y1NUAC2L5Ahh8fHx8F%2FyBxuOqMp6QK1TuPt2RViBaicGjYSRQSKCg5JVmD7t8Jb6gSUFvYxAIUEAPIgjeOT5cwvY340b7QRptYZJnUR5%2FnJ%2Fbjg1B3N1aVODy1nhFTXV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f20be193a5f56ca-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8626&min_rtt=1160&rtt_var=9478&sent=65&recv=16&lost=0&retrans=1&sent_bytes=61728&recv_bytes=3025&delivery_rate=142310&cwnd=45600&unsent_bytes=0&cid=b3fd97114657b107&ts=666&x=1", cfExtPri, cfHdrFlush;dur=0

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/webfonts/fa-solid-900.woff2

104.17.25.14

200 OK

150 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/webfonts/fa-solid-900.woff2
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gktorrent.si/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint64:3F:50:40:E0:BD:89:CB:A9:C8:BE:E5:74:F6:9E:D6:2E:1A:32:02
ValidityTue, 26 Nov 2024 07:25:18 GMT - Mon, 24 Feb 2025 07:25:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 150472, version 770.256
Size
150 kB (150472 bytes)
Hash
3e50e269ee627bb2279f91d18c085167
a7fca574d24e9ffa5ee0e0589ffe17277ae4ec27
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6

HTTP Headers

GET /ajax/libs/font-awesome/6.2.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gktorrent.si
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 14 Dec 2024 19:53:52 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150472
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "630e6e62-24bc8"
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1495326
expires: Thu, 04 Dec 2025 19:53:52 GMT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2novHc9ZwJsNPaqTnSi573NKZZEaEN%2FyrI5zmZGa7AAnlXWHJlrfNEIHM0zR%2Bt22X98XtjtBYx0GYfmkxksqa2R0OEdOgx7Q280IKUOs2jBLkSiNgm1uCwNqLndgb%2FBzkTtZHMLa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8f20be19dc21b4fd-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/webfonts/fa-brands-400.woff2

104.17.25.14

200 OK

108 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/webfonts/fa-brands-400.woff2
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gktorrent.si/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint64:3F:50:40:E0:BD:89:CB:A9:C8:BE:E5:74:F6:9E:D6:2E:1A:32:02
ValidityTue, 26 Nov 2024 07:25:18 GMT - Mon, 24 Feb 2025 07:25:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 107460, version 770.256
Size
108 kB (107460 bytes)
Hash
f4bdd85a576812f553ec3cfea8b1a2b5
380bea4e9eb484d835d89cc608f2af7c3179e8a4
3fe890d088ecf0cc9bc1b9069201e52972dbad6237865524090e15982d0de718

HTTP Headers

GET /ajax/libs/font-awesome/6.2.0/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gktorrent.si
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 14 Dec 2024 19:53:52 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 107460
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "630e6e62-1a3c4"
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 353440
expires: Thu, 04 Dec 2025 19:53:52 GMT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XSR%2F9sB4l3ynRfVOWLZAWodUY9ATq7%2Byj5gRsMJgbgBkIMnllV1Z7cSxti69%2BY%2BV9m86xxIhJH0GG%2FiBX3mxZO7sHGE5dbmZ3AdqREI9%2BeJem0ZJ%2B%2Ff4fEv%2FDlUInJlpINXSWYq0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8f20be19dc23b4fd-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/webfonts/fa-solid-900.woff2

104.17.25.14

200 OK

150 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/webfonts/fa-solid-900.woff2
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gktorrent.si/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint64:3F:50:40:E0:BD:89:CB:A9:C8:BE:E5:74:F6:9E:D6:2E:1A:32:02
ValidityTue, 26 Nov 2024 07:25:18 GMT - Mon, 24 Feb 2025 07:25:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 150472, version 770.256
Size
150 kB (150472 bytes)
Hash
3e50e269ee627bb2279f91d18c085167
a7fca574d24e9ffa5ee0e0589ffe17277ae4ec27
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6

HTTP Headers

GET /ajax/libs/font-awesome/6.2.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gktorrent.si
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 14 Dec 2024 19:53:53 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150472
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "630e6e62-24bc8"
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1495327
expires: Thu, 04 Dec 2025 19:53:53 GMT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yTaFpxwfGM558dYFCxQNZX8is4FY4SGq0npj301tdjPX9W5puf9XyKLBTYkbNzx11XgbcOoBLdVMLGjpR72B75STmtdokpQkPZaz%2FjY728Xjbm8rs%2FGoFgRJVIRsThpv7Vp5GLCQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8f20be1a4cc4b4fd-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

www.googletagmanager.com/gtag/js?id=G-QMMND2ETSV

216.58.207.200

200 OK

105 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-QMMND2ETSV
IP
216.58.207.200:443
ASN
#15169 GOOGLE

Requested by
https://www.gktorrent.si/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint4B:B1:5A:60:07:55:DD:0C:FA:98:D3:8E:E8:58:9E:E7:6A:0D:60:12
ValidityMon, 04 Nov 2024 08:37:47 GMT - Mon, 27 Jan 2025 08:37:46 GMT

File type
JavaScript source, ASCII text, with very long lines (3835)
Size
105 kB (104698 bytes)
Hash
69eccb4d9be33972af5eb91c17e31236
ed0dc88387a4bd8f8cbf5c7ce25eba7e42664067
c17ecc0b9118dbbf96ad866f43dd66c4bc791152d1499e26b7d66cd8009e1e94

HTTP Headers

GET /gtag/js?id=G-QMMND2ETSV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 14 Dec 2024 19:53:52 GMT
expires: Sat, 14 Dec 2024 19:53:52 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 104698
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

zimage.cc/uploads/screen/f34bafaced71b22c7fba8e4b9cb81f9fca66d500.webp

104.21.44.40

200 OK

74 kB

URL GET
zimage.cc/uploads/screen/f34bafaced71b22c7fba8e4b9cb81f9fca66d500.webp
IP
104.21.44.40:0
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gktorrent.si/
Certificate
IssuerGoogle Trust Services
Subjectzimage.cc
FingerprintC6:A2:A9:26:83:71:23:60:EA:17:FE:E4:B8:BC:43:ED:D1:17:EB:95
ValiditySat, 26 Oct 2024 08:53:04 GMT - Fri, 24 Jan 2025 08:53:03 GMT

File type
gzip compressed data, from Unix
Size
74 kB (73572 bytes)
Hash
126e7220c91b04b0f7f95aa9ac5fb3dd
fb2276a319e26f600b3efadb4bc57739d151f8f8
5eba8f9aabddb7d8bd31efb572332f7bc578f20543196e1728145bce73c0d616

HTTP Headers

GET /uploads/screen/f34bafaced71b22c7fba8e4b9cb81f9fca66d500.webp HTTP/1.1
Host: zimage.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 14 Dec 2024 19:53:52 GMT
content-type: image/webp
last-modified: Thu, 17 Oct 2024 15:42:52 GMT
etag: "10452-624ae0a120b76-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: HIT
age: 119039
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FRiRY14zh6dwP%2BJQB4L5Cs2C7AS3ouxRBM3bnyzrU3lMhr6WtDmstmjUjn4meONJr8mS09jjXmNCmcWY0XHy6Ww0FgFIBbmzUAFwXChIajbFlIiakg4dofgBf%2FE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f20be1798f3b527-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1694&min_rtt=426&rtt_var=82&sent=339&recv=141&lost=0&retrans=1&sent_bytes=454036&recv_bytes=1871&delivery_rate=116036117&cwnd=254&unsent_bytes=0&cid=16974f8d501d724d&ts=107&x=0"
X-Firefox-Spdy: h2

www.gktorrent.si/themes/default/font/fontawesome-webfont.ttf

172.67.214.166

404 Not Found

2.3 kB

URL GET HTTP/3
www.gktorrent.si/themes/default/font/fontawesome-webfont.ttf
IP
172.67.214.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gktorrent.si/
Certificate
IssuerGoogle Trust Services
Subjectgktorrent.si
FingerprintA9:64:6E:25:D5:E2:1E:5A:C5:3C:40:3C:29:1F:23:7E:B3:59:40:08
ValidityFri, 13 Dec 2024 19:59:03 GMT - Thu, 13 Mar 2025 20:55:20 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (356)
Size
2.3 kB (2260 bytes)
Hash
8c6ba4d62821656c3b5591a9e9e05729
cae269a7204bc819c780610d65d40bd64e6ee363
221401245ff32dd998fa4613ad4090242b6a963882400afcf36f88fe639494b6

HTTP Headers

GET /themes/default/font/fontawesome-webfont.ttf HTTP/1.1
Host: www.gktorrent.si
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/themes/default/css/bootstrap.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Sat, 14 Dec 2024 19:53:53 GMT
content-type: text/html
content-length: 2260
last-modified: Tue, 15 Oct 2024 18:52:39 GMT
etag: "1af1-6248875225376-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: no-store
cf-cache-status: EXPIRED
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Dp20%2BfLEHjAM4pyy9sQBqjFdhQPZFeHzhSR9ym%2BR4ev6XLEuPdZXTt0%2BY56K9F0HXE52obmr35GoSj5CoN62SVfXmv5BYshIBWvyW5f%2BS9fBiCRUMMrhFG9bwTrgdHyi3oF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f20be1b3d3a56ca-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12062&min_rtt=1160&rtt_var=14640&sent=103&recv=20&lost=0&retrans=1&sent_bytes=104142&recv_bytes=3814&delivery_rate=59690&cwnd=45600&unsent_bytes=0&cid=b3fd97114657b107&ts=978&x=1", cfExtPri, cfHdrFlush;dur=0

containsreform.com/8c/33/72/8c33721f6aa15cc0a61420f50575e334.js

172.240.253.132

200 OK

34 kB

URL GET HTTP/1.1
containsreform.com/8c/33/72/8c33721f6aa15cc0a61420f50575e334.js
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://www.gktorrent.si/
Certificate
IssuerLet's Encrypt
Subjectcontainsreform.com
Fingerprint69:76:DF:8B:81:0F:D3:80:84:D1:7E:7C:B6:B8:23:2D:11:74:A4:12
ValidityTue, 10 Dec 2024 07:58:44 GMT - Mon, 10 Mar 2025 07:58:43 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (33841 bytes)
Hash
a95c2a5cf0e7eb5b924217543e68db20
a92c187438cc29f0bf2c824c5eb1a336b352be44
cef8365ed0131d0b99192ab30060f7b8b97b421e602e87d9a683100864868047

HTTP Headers

GET /8c/33/72/8c33721f6aa15cc0a61420f50575e334.js HTTP/1.1
Host: containsreform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Dec 2024 19:53:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: containsreform.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 249fc28f4cbea7b0a8cf4282e10aa083
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

zimage.cc/uploads/screen/5d7c3adf12d2cbd02af55159d21f682289bb7204.webp

104.21.44.40

200 OK

83 kB

URL GET
zimage.cc/uploads/screen/5d7c3adf12d2cbd02af55159d21f682289bb7204.webp
IP
104.21.44.40:0
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gktorrent.si/
Certificate
IssuerGoogle Trust Services
Subjectzimage.cc
FingerprintC6:A2:A9:26:83:71:23:60:EA:17:FE:E4:B8:BC:43:ED:D1:17:EB:95
ValiditySat, 26 Oct 2024 08:53:04 GMT - Fri, 24 Jan 2025 08:53:03 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 360x540, Scaling: [none]x[none], YUV color, decoders should clamp
Size
83 kB (83433 bytes)
Hash
70b5cd996b3136eb955b0cd297ce8226
19e349aba5232e2304d63332835928950a5cd146
42ff8cbc4feae4823d415dcc79509e27b8c26515e94e7227e4339a2036e1fc83

HTTP Headers

GET /uploads/screen/5d7c3adf12d2cbd02af55159d21f682289bb7204.webp HTTP/1.1
Host: zimage.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 14 Dec 2024 19:53:52 GMT
content-type: image/webp
last-modified: Tue, 22 Oct 2024 11:38:12 GMT
etag: "139ac-6250f344b62d4-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: HIT
age: 119039
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NPz%2F5RwbdDzKFyDzj4FUguztcjC9PXro%2FgUXHOeC%2BiwKrJLSIQaXKgYmHE81G2Gk1AKF4JKIks83IZjpWKmiY1kgbNslAS%2Flxy7UAbZseVZqjxNyPHrbdPRNUAg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f20be174893b527-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=506&min_rtt=448&rtt_var=96&sent=56&recv=16&lost=0&retrans=0&sent_bytes=67319&recv_bytes=1653&delivery_rate=7956043&cwnd=254&unsent_bytes=31856&cid=16974f8d501d724d&ts=66&x=0"
X-Firefox-Spdy: h2

www.gktorrent.si/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

172.67.214.166

200 OK

4.4 kB

URL GET HTTP/3
www.gktorrent.si/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
172.67.214.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gktorrent.si/
Certificate
IssuerGoogle Trust Services
Subjectgktorrent.si
FingerprintA9:64:6E:25:D5:E2:1E:5A:C5:3C:40:3C:29:1F:23:7E:B3:59:40:08
ValidityFri, 13 Dec 2024 19:59:03 GMT - Thu, 13 Mar 2025 20:55:20 GMT

File type
gzip compressed data, from Unix
Size
4.4 kB (4357 bytes)
Hash
e507d2fc5fffd49cad3bacd56dcba18b
6d7216d690071e75e0e9788ca069c164eaa0f033
5705f5495748df7afbb8c2d8a18ba6b0a4eaaf2660bec78c8e71552fcdcbd08f

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.gktorrent.si
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 14 Dec 2024 19:53:52 GMT
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 15:31:09 GMT
etag: W/"675318bd-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6N04%2B%2FPcDgT5xSuHLIKxF7eHfgCdAy9R1fYCmzqnYZskHWWabHBERgBaEqWAxCh16T%2FKZIjRTcQ%2BH8EgtT%2BVTne2NQT94JwzzPrmesezzle%2BirV8UxHWcN4EpaEJQYerX4l8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f20be171f6956ca-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 19:53:52 GMT
cache-control: max-age=172800, public
content-encoding: gzip

recordedthereby.com/sfp.js

185.196.197.71

200 OK

85 kB

URL GET HTTP/1.1
recordedthereby.com/sfp.js
IP
185.196.197.71:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.gktorrent.si/
Certificate
IssuerLet's Encrypt
Subjectrecordedthereby.com
FingerprintE0:09:99:E3:0E:A5:83:8D:96:1B:26:8A:2E:AC:12:98:C6:D3:E1:76
ValidityWed, 06 Nov 2024 14:09:18 GMT - Tue, 04 Feb 2025 14:09:17 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
85 kB (85378 bytes)
Hash
7e3e44049654b6e244c1777e68ffb8e7
8f2a8298666d607afd92a0baa362ef4dc9ccd039
4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Dec 2024 19:53:53 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 85378
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: f4bee7c14b4a59368af92373dc7174f9
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

proftrafficcounter.com/stats

18.185.237.16

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.237.16:443
ASN
#16509 AMAZON-02

Requested by
https://www.gktorrent.si/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
Fingerprint40:FD:DA:57:15:28:B1:29:02:3E:E6:2F:38:E5:11:E5:7F:DB:6B:40
ValidityMon, 21 Oct 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
964fd9cd31cd58fe04acebf8b2a508d6
a0989bffc9fdd768533372f9783fae37fc47721d
10d4087f8070ee2ba6b3861cce3471953fce914d64de580b031e7e7a8b6a86a0

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gktorrent.si
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Dec 2024 19:53:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.gktorrent.si
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=8deeb88a-7b61-4e35-87ac-7b2505613d9b:2:1; expires=Tue, 12 Dec 2034 19:53:53 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

capaciousdrewreligion.com/advertisers.js

185.196.197.71

200 OK

0 B

URL GET HTTP/1.1
capaciousdrewreligion.com/advertisers.js
IP
185.196.197.71:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.gktorrent.si/
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
FingerprintD9:49:50:C3:1F:23:A3:E8:75:32:16:6A:76:DE:28:2B:93:73:31:80
ValiditySun, 03 Nov 2024 04:28:34 GMT - Sat, 01 Feb 2025 04:28:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Dec 2024 19:53:53 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 40d8e5b61afac8872b89fc65a1cc5cc4
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

na.nawpush.com/tags/40269?version_name=c&domain=www.gktorrent.si

45.133.44.25

200 OK

1.8 kB

URL GET HTTP/2
na.nawpush.com/tags/40269?version_name=c&domain=www.gktorrent.si
IP
45.133.44.25:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.gktorrent.si/
Certificate
IssuerLet's Encrypt
Subjectna.nawpush.com
FingerprintE3:2A:E0:83:DD:EB:E9:73:D9:32:EC:CB:A0:DB:3A:2B:CB:E2:B1:87
ValiditySat, 23 Nov 2024 03:02:07 GMT - Fri, 21 Feb 2025 03:02:06 GMT

File type
JSON text data
Size
1.8 kB (1757 bytes)
Hash
c27a90ed513391f7ad7ce6dae81bfdca
fe614cde5c140aeee0d5b1b932b7c39a826e2b4d
f922158d514d80d93ce3e4562c110b4c515e4316340931d39d6d45acb214e0aa

HTTP Headers

GET /tags/40269?version_name=c&domain=www.gktorrent.si HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gktorrent.si
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Dec 2024 19:53:53 GMT
content-type: application/json
content-length: 1757
server: nginx/1.24.0
cache-control: max-age=300, public
x-proxy-cache: HIT
x-cdn-host-id: ds5058
access-control-allow-origin: *
X-Firefox-Spdy: h2

js.capndr.com/advertising.js

45.133.44.52

200 OK

0 B

URL GET HTTP/2
js.capndr.com/advertising.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.gktorrent.si/
Certificate
IssuerLet's Encrypt
Subjectjs.capndr.com
FingerprintEE:F1:2E:ED:4C:FD:0A:E5:A7:9B:DC:3C:6A:9E:B9:74:A2:33:71:9D
ValidityFri, 18 Oct 2024 02:03:01 GMT - Thu, 16 Jan 2025 02:03:00 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Dec 2024 19:53:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Sat, 14 Dec 2024 19:58:54 GMT
cache-control: max-age=300
x-proxy-cache: HIT
x-cdn-host-id: ds8137
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

js.wpadmngr.com/static/adManager.js

45.133.44.53

200 OK

849 B

URL GET HTTP/2
js.wpadmngr.com/static/adManager.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.gktorrent.si/
Certificate
IssuerLet's Encrypt
Subjectjs.wpadmngr.com
Fingerprint6F:EF:6B:BA:00:36:E2:2F:19:CD:05:86:8E:CC:A5:A3:12:5E:E8:57
ValidityWed, 06 Nov 2024 03:03:58 GMT - Tue, 04 Feb 2025 03:03:57 GMT

File type
JavaScript source, ASCII text, with very long lines (1735), with no line terminators
Size
849 B (849 bytes)
Hash
1e936cad37e18ba5bc2f07acd57447d6
f55969248208bb6871e28b9478761ffb25207c35
e98e6a93ea15df4d4fe1e38c890f29512d739f493428436defb914775df550f8

HTTP Headers

GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Dec 2024 19:53:53 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 05 Dec 2024 14:46:51 GMT
etag: W/"6751bcdb-6c7"
content-encoding: gzip
expires: Sat, 14 Dec 2024 19:58:53 GMT
cache-control: max-age=300
x-proxy-cache: HIT
x-cdn-host-id: ds8137
access-control-allow-origin: *
X-Firefox-Spdy: h2

fp.metricswpsh.com/fp?tag_id=40269

157.90.84.242

500 Internal Server Error

36 B

URL OPTIONS HTTP/1.1
fp.metricswpsh.com/fp?tag_id=40269
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.gktorrent.si/
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
FingerprintEE:9A:59:DB:A9:CD:73:0A:9C:87:AC:9F:FE:A1:90:AA:A1:7E:F8:D4
ValidityThu, 07 Nov 2024 10:40:28 GMT - Wed, 05 Feb 2025 10:40:27 GMT

File type
JSON text data
Size
36 B (36 bytes)
Hash
0849660b654e3a313882a44c0e7dc08a
b1493d6ce204eb99837d9b33849d1458093a6e6d
6e73b83ae8fcdaf81421a4236c9f817a9e4ea0fa931bf696f72872b266bd83e6

HTTP Headers

POST /fp?tag_id=40269 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1949
Origin: https://www.gktorrent.si
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 500 Internal Server Error
Server: nginx/1.20.1
Date: Sat, 14 Dec 2024 19:53:54 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 36
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.gktorrent.si
Vary: Origin

d457c69ef7.0e07fa9a08.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjAyMDk2OTYyMjA4MjQxNzAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTM2LjAiLCJ0YWdfaWQiOjQwMjY5LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuNDIsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MH0=

45.133.44.53

200 OK

0 B

URL GET HTTP/2
d457c69ef7.0e07fa9a08.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjAyMDk2OTYyMjA4MjQxNzAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTM2LjAiLCJ0YWdfaWQiOjQwMjY5LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuNDIsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MH0=
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.gktorrent.si/
Certificate
IssuerLet's Encrypt
Subjectd457c69ef7.0e07fa9a08.com
Fingerprint41:98:82:20:55:94:C6:F0:C4:1C:FE:4F:1A:2B:CE:39:5C:6F:0A:7F
ValidityWed, 11 Dec 2024 02:47:59 GMT - Tue, 11 Mar 2025 02:47:58 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjAyMDk2OTYyMjA4MjQxNzAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTM2LjAiLCJ0YWdfaWQiOjQwMjY5LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuNDIsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MH0= HTTP/1.1
Host: d457c69ef7.0e07fa9a08.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gktorrent.si
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Dec 2024 19:53:54 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
x-cdn-host-id: ds8137
X-Firefox-Spdy: h2

js.wpshsdk.com/npc/sdk/push.m.js?v=1

45.133.44.52

200 OK

20 kB

URL GET HTTP/2
js.wpshsdk.com/npc/sdk/push.m.js?v=1
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.gktorrent.si/
Certificate
IssuerLet's Encrypt
Subjectjs.wpshsdk.com
Fingerprint96:A0:59:8B:2C:E8:61:1F:B0:E2:7F:5B:B5:8C:AF:B6:E0:E0:43:5F
ValidityFri, 15 Nov 2024 04:04:39 GMT - Thu, 13 Feb 2025 04:04:38 GMT

File type
gzip compressed data, from Unix
Size
20 kB (19921 bytes)
Hash
7b1a164ceee6ec78d1fd83a84e01c7cd
4e53fd7716864ddd58b59be1488141d8ea01eb20
d67eee0b55cc77cbb6ac41cbbdb077a29caa55d4029335509d7ff60900e25805

HTTP Headers

GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Dec 2024 19:53:54 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 12 Dec 2024 14:10:43 GMT
etag: W/"675aeee3-83b6"
content-encoding: gzip
expires: Sat, 14 Dec 2024 19:58:54 GMT
cache-control: max-age=300
x-proxy-cache: HIT
x-cdn-host-id: ds8137
access-control-allow-origin: *
X-Firefox-Spdy: h2

storage.multstorage.com/log/count.html

104.21.30.242

200 OK

6.3 kB

URL GET HTTP/2
storage.multstorage.com/log/count.html
IP
104.21.30.242:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gktorrent.si/
Certificate
IssuerGoogle Trust Services
Subjectmultstorage.com
Fingerprint96:2B:62:41:7C:56:AE:E2:BF:91:30:F3:03:0A:B7:E6:EC:70:67:7B
ValidityFri, 08 Nov 2024 05:42:46 GMT - Thu, 06 Feb 2025 05:42:45 GMT

File type
HTML document, ASCII text, with very long lines (700)
Size
6.3 kB (6304 bytes)
Hash
b728ca9cd183d1b7c3f72116b19b22a3
c1fd73f6b02cf00b8bc60b09cc99495e8494b739
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2

HTTP Headers

GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Dec 2024 19:53:54 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: f7554bdbfe59b38a4eba029f89085697
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i5W9HJpzR3LqHJj4kXnLidhAxUOLDgh6HRsgtydKiRvkCUKF%2Ft1k5GrlEpOk7IJDlfXXBZ5wG5ybAbM8JMaxbBNvrs9ea9CdAiHHtJu8umI6pwwGgQTMTM7i4a6hbseBncmsFowZorxK9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f20be21fdc17129-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=531&min_rtt=459&rtt_var=178&sent=8&recv=10&lost=0&retrans=0&sent_bytes=3207&recv_bytes=1152&delivery_rate=7621052&cwnd=254&unsent_bytes=0&cid=a6377ddeba9e10fe&ts=62&x=0"
X-Firefox-Spdy: h2

www.gktorrent.si/

172.67.214.166

200 OK

50 kB

URL User Request GET HTTP/2
www.gktorrent.si/
IP
172.67.214.166:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectgktorrent.si
FingerprintA9:64:6E:25:D5:E2:1E:5A:C5:3C:40:3C:29:1F:23:7E:B3:59:40:08
ValidityFri, 13 Dec 2024 19:59:03 GMT - Thu, 13 Mar 2025 20:55:20 GMT

File type

Size
50 kB (50040 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: www.gktorrent.si
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Dec 2024 19:53:52 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: HIT
age: 4213
last-modified: Sat, 14 Dec 2024 18:43:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8pEhEFd25UldjFUMM0XifQn3W9QjVbGAEP4ZTbJB89%2BIpyi%2Fm7xM8UqDmaDD%2BHtFrPjw92dtFZ1tDZlP7AJHm%2FURHlydzLg8A9HiisChJUguNQdqGIgPp7%2Fo1XPAOlhJbQnG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f20be155c610b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=520&min_rtt=450&rtt_var=164&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3201&recv_bytes=1118&delivery_rate=6378854&cwnd=253&unsent_bytes=0&cid=7737c326aa9814da&ts=36&x=0"
X-Firefox-Spdy: h2

zimage.cc/uploads/screen/0cea313f90ad81dc6e4bd030b116cf28d3e063fa.webp

0.0.0.0

200 OK

0 B

URL GET
zimage.cc/uploads/screen/0cea313f90ad81dc6e4bd030b116cf28d3e063fa.webp
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.gktorrent.si/
Certificate
IssuerGoogle Trust Services
Subjectzimage.cc
FingerprintC6:A2:A9:26:83:71:23:60:EA:17:FE:E4:B8:BC:43:ED:D1:17:EB:95
ValiditySat, 26 Oct 2024 08:53:04 GMT - Fri, 24 Jan 2025 08:53:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/screen/0cea313f90ad81dc6e4bd030b116cf28d3e063fa.webp HTTP/1.1
Host: zimage.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Dec 2024 19:53:52 GMT
content-type: image/webp
last-modified: Tue, 22 Oct 2024 11:36:23 GMT
etag: "14f92-6250f2dcc0a68-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: HIT
age: 114504
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0YSMduUowk4JZZX%2F%2Fl1ntqdohe1R4%2Fg07HmghwvhPBMwCdy7tzkOYe%2ByaupkD1v%2F%2FEeM9159bVwROgBrnThGjvjodWUNqb8yN6G%2FNlJzZ2Eq2XJhri0bbofUbBI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f20be175896b527-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=506&min_rtt=448&rtt_var=96&sent=40&recv=16&lost=0&retrans=0&sent_bytes=46094&recv_bytes=1653&delivery_rate=7956043&cwnd=254&unsent_bytes=15927&cid=16974f8d501d724d&ts=66&x=0"
X-Firefox-Spdy: h2

zimage.cc/uploads/screen/384f015f60e3b81ce4b0f01bdc086792abfe1a5d.webp

0.0.0.0

200 OK

0 B

URL GET
zimage.cc/uploads/screen/384f015f60e3b81ce4b0f01bdc086792abfe1a5d.webp
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.gktorrent.si/
Certificate
IssuerGoogle Trust Services
Subjectzimage.cc
FingerprintC6:A2:A9:26:83:71:23:60:EA:17:FE:E4:B8:BC:43:ED:D1:17:EB:95
ValiditySat, 26 Oct 2024 08:53:04 GMT - Fri, 24 Jan 2025 08:53:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/screen/384f015f60e3b81ce4b0f01bdc086792abfe1a5d.webp HTTP/1.1
Host: zimage.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Dec 2024 19:53:52 GMT
content-type: image/webp
last-modified: Wed, 16 Oct 2024 17:34:00 GMT
etag: "15008-6249b79b329e1-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: HIT
age: 119039
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NqXpEBIUSZ9y0HY2VJQjwC%2B7orR0AlE9Y24c4Ozj90uUw8BQwoUXG922QOlMOjFDYEzPJ5oLrvFLJcEl6KUHnorwY64TLXIAG9QHhPL4xg1%2Fc50V6krKRFE8exc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f20be175897b527-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=506&min_rtt=448&rtt_var=96&sent=56&recv=16&lost=0&retrans=0&sent_bytes=67319&recv_bytes=1653&delivery_rate=7956043&cwnd=254&unsent_bytes=31856&cid=16974f8d501d724d&ts=66&x=0"
X-Firefox-Spdy: h2

www.gktorrent.si/themes/default/img/favicon.ico

172.67.214.166

200 OK

3.1 kB

URL GET HTTP/3
www.gktorrent.si/themes/default/img/favicon.ico
IP
172.67.214.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gktorrent.si/
Certificate
IssuerGoogle Trust Services
Subjectgktorrent.si
FingerprintA9:64:6E:25:D5:E2:1E:5A:C5:3C:40:3C:29:1F:23:7E:B3:59:40:08
ValidityFri, 13 Dec 2024 19:59:03 GMT - Thu, 13 Mar 2025 20:55:20 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Size
3.1 kB (3077 bytes)
Hash
d5700e3c1ad986257bd180f35de64842
3c49da1bf28247474b12a00f0eec579e7d76afb7
e7c404f5ac885d47faf16dfb691a60f11dd3d182ebd95c6a57008e7f56ef5954

HTTP Headers

GET /themes/default/img/favicon.ico HTTP/1.1
Host: www.gktorrent.si
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 14 Dec 2024 19:53:53 GMT
content-type: image/x-icon
content-length: 3100
last-modified: Tue, 15 Oct 2024 18:53:58 GMT
etag: "c05-6248879d97aae-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: no-store
cf-cache-status: HIT
age: 6460
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N8MIrchnV%2BJ7E4wPEF39%2BCONnW6g4AOe13apiAh9hDVUPIiGPnmdNZRjtl5IwAjBVuxIwJGdk%2BCY%2FY1WqkR0133ABJG3CUCiSN1oaaMICQJLK14CnY%2FYCbQkJNs8nCFQ%2BOiJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f20be1cef7c56ca-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10767&min_rtt=1160&rtt_var=13570&sent=107&recv=22&lost=0&retrans=1&sent_bytes=107190&recv_bytes=4147&delivery_rate=44915&cwnd=45600&unsent_bytes=0&cid=b3fd97114657b107&ts=1192&x=1", cfExtPri, cfHdrFlush;dur=0

js.wpadmngr.com/static/adManager.m.js

45.133.44.53

200 OK

122 kB

URL GET HTTP/2
js.wpadmngr.com/static/adManager.m.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.gktorrent.si/
Certificate
IssuerLet's Encrypt
Subjectjs.wpadmngr.com
Fingerprint6F:EF:6B:BA:00:36:E2:2F:19:CD:05:86:8E:CC:A5:A3:12:5E:E8:57
ValidityWed, 06 Nov 2024 03:03:58 GMT - Tue, 04 Feb 2025 03:03:57 GMT

File type

Size
122 kB (122015 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Dec 2024 19:53:53 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 05 Dec 2024 14:47:03 GMT
etag: W/"6751bce7-1dc9f"
content-encoding: gzip
expires: Sat, 14 Dec 2024 19:58:53 GMT
cache-control: max-age=300
x-proxy-cache: HIT
x-cdn-host-id: ds8137
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.gktorrent.si/themes/default/font/fontawesome-webfont.woff

172.67.214.166

404 Not Found

6.9 kB

URL GET HTTP/3
www.gktorrent.si/themes/default/font/fontawesome-webfont.woff
IP
172.67.214.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gktorrent.si/
Certificate
IssuerGoogle Trust Services
Subjectgktorrent.si
FingerprintA9:64:6E:25:D5:E2:1E:5A:C5:3C:40:3C:29:1F:23:7E:B3:59:40:08
ValidityFri, 13 Dec 2024 19:59:03 GMT - Thu, 13 Mar 2025 20:55:20 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (7288), with no line terminators
Size
6.9 kB (6897 bytes)
Hash
b822dc0ef2a75a7b14e692a5a8394b07
39a589ddecfd1a093866d4f66e716e4a7457c9bd
ad1bc57e21dbfd2b29935a26e103646e0c5c1b154d4c03606b93fa60764d937b

HTTP Headers

GET /themes/default/font/fontawesome-webfont.woff HTTP/1.1
Host: www.gktorrent.si
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/themes/default/css/bootstrap.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sat, 14 Dec 2024 19:53:53 GMT
content-type: text/html
content-length: 6897
last-modified: Tue, 15 Oct 2024 18:52:39 GMT
etag: "1af1-6248875225376"
vary: Accept-Encoding
cache-control: no-store
cf-cache-status: EXPIRED
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u28jmgsfW4pPhegWh8p7uE55h58eNFzSsD7Pski4BYisgxlYvZbJ5%2FEtJAXKko3Cnj4jprrDkB9eqN0zW3aLUVy8cI6GhbTT9iCmIxcMw1ij6geMY7%2BWs7jdEwjacRXjvR4Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f20be1a4bd156ca-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7930&min_rtt=1160&rtt_var=8501&sent=95&recv=18&lost=0&retrans=1&sent_bytes=96358&recv_bytes=3424&delivery_rate=7876507&cwnd=45600&unsent_bytes=0&cid=b3fd97114657b107&ts=833&x=1", cfExtPri, cfHdrFlush;dur=0

js.wpushsdk.com/npc/sdk/wpu/csub.m.js

45.133.44.53

200 OK

90 kB

URL GET HTTP/2
js.wpushsdk.com/npc/sdk/wpu/csub.m.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.gktorrent.si/
Certificate
IssuerLet's Encrypt
Subjectjs.wpushsdk.com
Fingerprint31:2C:65:3C:1C:5B:13:76:2B:B6:42:14:BE:CA:EB:F0:5C:09:21:E5
ValidityThu, 07 Nov 2024 03:04:28 GMT - Wed, 05 Feb 2025 03:04:27 GMT

File type

Size
90 kB (90137 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /npc/sdk/wpu/csub.m.js HTTP/1.1
Host: js.wpushsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Dec 2024 19:53:54 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 07 Dec 2022 08:28:22 GMT
etag: W/"63904ea6-16019"
content-encoding: gzip
expires: Sat, 14 Dec 2024 19:58:54 GMT
cache-control: max-age=300
x-proxy-cache: HIT
x-cdn-host-id: ds8138
access-control-allow-origin: *
X-Firefox-Spdy: h2

zimage.cc/uploads/screen/8964ac4666a18233dab9b3186e457e7af48fa23c.webp

0.0.0.0

200 OK

0 B

URL GET
zimage.cc/uploads/screen/8964ac4666a18233dab9b3186e457e7af48fa23c.webp
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.gktorrent.si/
Certificate
IssuerGoogle Trust Services
Subjectzimage.cc
FingerprintC6:A2:A9:26:83:71:23:60:EA:17:FE:E4:B8:BC:43:ED:D1:17:EB:95
ValiditySat, 26 Oct 2024 08:53:04 GMT - Fri, 24 Jan 2025 08:53:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/screen/8964ac4666a18233dab9b3186e457e7af48fa23c.webp HTTP/1.1
Host: zimage.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gktorrent.si/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Dec 2024 19:53:52 GMT
content-type: image/webp
last-modified: Wed, 23 Oct 2024 15:46:33 GMT
etag: "12496-62526ca57673d-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: HIT
age: 119039
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XTpdsvry5gWXhiOZu3z4z307smpmX8CjC6aOUQbsmp7WnNqADPAzdRm1gDnHU%2Fx6th9svSFmSAB5m2V0yzlwFGUz42PEDiHIaR%2FG%2FL5RigpsBT3jQ2UXGVTz1S0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f20be17589ab527-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=506&min_rtt=448&rtt_var=96&sent=57&recv=16&lost=0&retrans=1&sent_bytes=67797&recv_bytes=1653&delivery_rate=7956043&cwnd=254&unsent_bytes=31856&cid=16974f8d501d724d&ts=72&x=0"
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML