Report - 32.pexeburay.com/index/d5?diff=0&utm_source=ogdd&utm_campaign=16138&utm_content=&utm_clickid=fkk0sowsww8c8o0w&aurl=https://tiranator.com/engine/download.php?id=4534&an=&utm

Report Overview

Visited public
2024-10-30 03:52:43
Tags
Submit Tags
URL
32.pexeburay.com/index/d5?diff=0&utm_source=ogdd&utm_campaign=16138&utm_content=&utm_clickid=fkk0sowsww8c8o0w&aurl=https://tiranator.com/engine/download.php?id=4534&an=&utm_term=&site=&darken=0&allFull=0&isubs=0
Finishing URL
32.pexeburay.com/index/d5?diff=0&utm_source=ogdd&utm_campaign=16138&utm_content=&utm_clickid=fkk0sowsww8c8o0w&aurl=https://tiranator.com/engine/download.php?id=4534&an=&utm_term=&site=&darken=0&allFull=0&isubs=0#
IP / ASN
172.67.188.74
#13335 CLOUDFLARENET
Title
Your file is ready for download

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cesupufius.com	unknown	2023-03-09	2023-03-09	2024-10-30	487 B	3.9 kB	88.208.46.23
32.pexeburay.com	unknown	2023-05-11	2023-05-16	2024-03-25	2.6 kB	114 kB	172.67.188.74
hdtcode.com	unknown	2019-04-29	2019-05-01	2024-10-16	852 B	272 B	185.98.54.153
tiranator.com	314538	2019-08-06	2019-08-06	2024-10-29	533 B	16 kB	46.28.234.91

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Mnemonic Secure DNS

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-10-30	medium	cesupufius.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	32.pexeburay.com/index/d5?diff=0&utm_source=ogdd&utm_campaign=16138&utm_content=&utm_clickid=fkk0sowsww8c8o0w&aurl=https://tiranator.com/engine/download.php?id=4534&an=&utm_term=&site=&darken=0&allFull=0&isubs=0	ScriptElement	30 kB	2023-04-05	2025-04-17
Pretty URL 32.pexeburay.com/index/d5?diff=0&utm_source=ogdd&utm_campaign=16138&utm_content=&utm_clickid=fkk0sowsww8c8o0w&aurl=https://tiranator.com/engine/download.php?id=4534&an=&utm_term=&site=&darken=0&allFull=0&isubs=0 IP 172.67.188.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 16:38 Last Seen2025-04-17 23:44 Times Seen36 Hash 5d299fc4158f5ee271d32054f20c567b f7a0862ea30145dcb0a90604dd7898a40e53feb1 c9ab2db9b28f51129edfd2aff30ad067245bd34b028991e08f56f7c947f60495 Loading...

	32.pexeburay.com/index/d5?diff=0&utm_source=ogdd&utm_campaign=16138&utm_content=&utm_clickid=fkk0sowsww8c8o0w&aurl=https://tiranator.com/engine/download.php?id=4534&an=&utm_term=&site=&darken=0&allFull=0&isubs=0	ScriptElement	2.2 kB	2023-03-07	2025-04-17
Pretty URL 32.pexeburay.com/index/d5?diff=0&utm_source=ogdd&utm_campaign=16138&utm_content=&utm_clickid=fkk0sowsww8c8o0w&aurl=https://tiranator.com/engine/download.php?id=4534&an=&utm_term=&site=&darken=0&allFull=0&isubs=0 IP 172.67.188.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08 Last Seen2025-04-17 23:44 Times Seen31 Hash a40976860ec9865090d3e26ffc73cc94 40f16d9869020c5752974e91bd792ba0d1f015e8 65ba0a06506d4e77ec12f1f4f2a2b0709d8a90c5fbf1a56605433347a396f630 Loading...

	32.pexeburay.com/199f8c6.php?utm_source=ogdd&utm_campaign=16138	ScriptElement	43 kB	2024-10-30	2024-10-30
Pretty URL 32.pexeburay.com/199f8c6.php?utm_source=ogdd&utm_campaign=16138 IP 172.67.188.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-30 03:52 Last Seen2024-10-30 03:52 Times Seen1 Hash 18f44fab0b19e018a5e6a1fe45f3415c d6c4a4f7e3e1cdb62e9b2691bce68c7e1760ccad 805af8a98be5c5666f59eb76435a7f0fb651cf95c362f2250d00d10918a5f981 Loading...

	32.pexeburay.com/index/d5?diff=0&utm_source=ogdd&utm_campaign=16138&utm_content=&utm_clickid=fkk0sowsww8c8o0w&aurl=https://tiranator.com/engine/download.php?id=4534&an=&utm_term=&site=&darken=0&allFull=0&isubs=0	ScriptElement	3.6 kB	2024-10-30	2024-10-30
Pretty URL 32.pexeburay.com/index/d5?diff=0&utm_source=ogdd&utm_campaign=16138&utm_content=&utm_clickid=fkk0sowsww8c8o0w&aurl=https://tiranator.com/engine/download.php?id=4534&an=&utm_term=&site=&darken=0&allFull=0&isubs=0 IP 172.67.188.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-30 03:52 Last Seen2024-10-30 03:52 Times Seen1 Hash 0e739851623962dc56e859b0e7bd7526 2baa741e4b7413196e45f65fe1b7ab019a6dc582 8f833645332a8ae8e9c952d7b4bba9424f6f03876e4e833c845206b5bec9dbcf Loading...

	32.pexeburay.com/index/d5?diff=0&utm_source=ogdd&utm_campaign=16138&utm_content=&utm_clickid=fkk0sowsww8c8o0w&aurl=https://tiranator.com/engine/download.php?id=4534&an=&utm_term=&site=&darken=0&allFull=0&isubs=0	ScriptElement	695 B	2023-03-07	2025-04-17
Pretty URL 32.pexeburay.com/index/d5?diff=0&utm_source=ogdd&utm_campaign=16138&utm_content=&utm_clickid=fkk0sowsww8c8o0w&aurl=https://tiranator.com/engine/download.php?id=4534&an=&utm_term=&site=&darken=0&allFull=0&isubs=0 IP 172.67.188.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08 Last Seen2025-04-17 23:44 Times Seen24 Hash 9e8d92218ee3ebc50c02807f95053e1d 471165c67069eb5e4a1a96bf3de5f2da1c8a1dff a7f50ca9fb45ef36eadc0461fd33f27d2f3032fcec793bcc869c43dba2b5bb73 Loading...

HTTP Transactions (8)

URL IP Response Size

POST cesupufius.com/59996

88.208.46.23

200 OK

3.2 kB

URL POST HTTP/1.1
cesupufius.com/59996
IP
88.208.46.23:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://32.pexeburay.com/index/d5?diff=0&utm_source=ogdd&utm_campaign=16138&utm_content=&utm_clickid=fkk0sowsww8c8o0w&aurl=https://tiranator.com/engine/download.php?id=4534&an=&utm_term=&site=&darken=0&allFull=0&isubs=0
Certificate
IssuerLet's Encrypt
Subjectcesupufius.com
Fingerprint40:39:41:B2:EB:F4:FF:3A:BC:D8:D6:80:FD:AB:6B:6C:04:97:54:79
ValidityThu, 29 Aug 2024 23:08:22 GMT - Wed, 27 Nov 2024 23:08:21 GMT

File type
JSON text data
Size
3.2 kB (3246 bytes)
Hash
65c60a1f75690ce32fcf8b1cfa9e0563
37c756dafa6140e4e1829704f1760fe6cd1738e5
e23c0408ba378a531e9f2fda2026c8e0c0130795ea96316cf39d87f5942691d0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /59996 HTTP/1.1
Host: cesupufius.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://32.pexeburay.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 217
Origin: https://32.pexeburay.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Oct 2024 03:52:19 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://32.pexeburay.com
Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Set-Cookie: userid=61369ef5-beb5-4a1c-a2b5-10a330b71f8a; expires=Tue, 30-Oct-2029 03:52:19 GMT; Path=/; SameSite=None; Secure
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version

GET 32.pexeburay.com/favicon.ico

172.67.188.74

200 OK

4.6 kB

URL GET HTTP/3
32.pexeburay.com/favicon.ico
IP
172.67.188.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://32.pexeburay.com/index/d5?diff=0&utm_source=ogdd&utm_campaign=16138&utm_content=&utm_clickid=fkk0sowsww8c8o0w&aurl=https://tiranator.com/engine/download.php?id=4534&an=&utm_term=&site=&darken=0&allFull=0&isubs=0
Certificate
IssuerGoogle Trust Services
Subjectpexeburay.com
Fingerprint1B:60:EC:42:7A:8A:7C:03:44:BA:6C:1B:6A:B1:47:8A:1D:1C:91:BC
ValidityThu, 24 Oct 2024 08:07:55 GMT - Wed, 22 Jan 2025 08:07:54 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Size
4.6 kB (4554 bytes)
Hash
4cdf3256cd7b8ec3917adb79d6bf457e
bc615337e9223183a126c8fb649774866fb53e69
fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 32.pexeburay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://32.pexeburay.com/index/d5?diff=0&utm_source=ogdd&utm_campaign=16138&utm_content=&utm_clickid=fkk0sowsww8c8o0w&aurl=https://tiranator.com/engine/download.php?id=4534&an=&utm_term=&site=&darken=0&allFull=0&isubs=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 30 Oct 2024 03:52:19 GMT
content-type: image/x-icon
last-modified: Wed, 02 Nov 2022 12:29:48 GMT
etag: W/"636262bc-1007"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bIo%2FRFOyt0PxiP8AZKSfIJVqI7ZlG4ovU8Sa7Cq3qmfJh06s%2FsS2mAxrlbzJ%2Fscz6XHJsHpOogOuWkt4AfcQN1rZi7hneMxLwfuFJVf3ssXjpos90XG8e8lfZFkjz5Jo%2BK2b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8da873afdd5bb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23209&sent=34&recv=12&lost=0&retrans=0&sent_bytes=25382&recv_bytes=2244&delivery_rate=26838&cwnd=24000&unsent_bytes=0&cid=ff0425793dd525aa&ts=591&x=1", cfHdrFlush;dur=0

GET hdtcode.com/event?data=&id=20

185.98.54.153

200 OK

0 B

URL GET HTTP/2
hdtcode.com/event?data=&id=20
IP
185.98.54.153:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://32.pexeburay.com/index/d5?diff=0&utm_source=ogdd&utm_campaign=16138&utm_content=&utm_clickid=fkk0sowsww8c8o0w&aurl=https://tiranator.com/engine/download.php?id=4534&an=&utm_term=&site=&darken=0&allFull=0&isubs=0
Certificate
IssuerLet's Encrypt
Subjecthdtcode.com
Fingerprint8B:C6:79:71:FD:A5:F0:DC:45:26:01:01:7E:43:14:CA:B3:30:BA:C5
ValiditySat, 05 Oct 2024 23:22:21 GMT - Fri, 03 Jan 2025 23:22:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /event?data=&id=20 HTTP/1.1
Host: hdtcode.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://32.pexeburay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.23.2
date: Wed, 30 Oct 2024 03:52:29 GMT
content-length: 0
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET 32.pexeburay.com/index/d5?diff=0&utm_source=ogdd&utm_campaign=16138&utm_content=&utm_clickid=fkk0sowsww8c8o0w&aurl=https://tiranator.com/engine/download.php?id=4534&an=&utm_term=&site=&darken=0&allFull=0&isubs=0

172.67.188.74

200 OK

57 kB

URL User Request GET HTTP/2
32.pexeburay.com/index/d5?diff=0&utm_source=ogdd&utm_campaign=16138&utm_content=&utm_clickid=fkk0sowsww8c8o0w&aurl=https://tiranator.com/engine/download.php?id=4534&an=&utm_term=&site=&darken=0&allFull=0&isubs=0
IP
172.67.188.74:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectpexeburay.com
Fingerprint1B:60:EC:42:7A:8A:7C:03:44:BA:6C:1B:6A:B1:47:8A:1D:1C:91:BC
ValidityThu, 24 Oct 2024 08:07:55 GMT - Wed, 22 Jan 2025 08:07:54 GMT

File type

Size
57 kB (56650 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /index/d5?diff=0&utm_source=ogdd&utm_campaign=16138&utm_content=&utm_clickid=fkk0sowsww8c8o0w&aurl=https://tiranator.com/engine/download.php?id=4534&an=&utm_term=&site=&darken=0&allFull=0&isubs=0 HTTP/1.1
Host: 32.pexeburay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 30 Oct 2024 03:52:18 GMT
content-type: text/html; charset=UTF-8
cache-control: no-transform
content-encoding: gzip
cf-cache-status: DYNAMIC
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fqjr51Q0MsfQ0RXM%2F7NB%2BC%2BmdRJncI96aSHvCds7Z8P1%2BKzYiguG7ThTiXYUQc%2BxTKjzlNVEpBlz%2Bf37EcRY4mANXnah0PuqSBmKi5zzkixSIz0wRfZ0zaX24FLclTTQbm4W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8da873abce1fb517-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21773&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3281&recv_bytes=1390&delivery_rate=261923&cwnd=254&unsent_bytes=0&cid=7dc3ba46d79b91e1&ts=99&x=0"
X-Firefox-Spdy: h2

GET 32.pexeburay.com/assets/styles/arrow.css?v1

172.67.188.74

200 OK

6.7 kB

URL GET HTTP/3
32.pexeburay.com/assets/styles/arrow.css?v1
IP
172.67.188.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://32.pexeburay.com/index/d5?diff=0&utm_source=ogdd&utm_campaign=16138&utm_content=&utm_clickid=fkk0sowsww8c8o0w&aurl=https://tiranator.com/engine/download.php?id=4534&an=&utm_term=&site=&darken=0&allFull=0&isubs=0
Certificate
IssuerGoogle Trust Services
Subjectpexeburay.com
Fingerprint1B:60:EC:42:7A:8A:7C:03:44:BA:6C:1B:6A:B1:47:8A:1D:1C:91:BC
ValidityThu, 24 Oct 2024 08:07:55 GMT - Wed, 22 Jan 2025 08:07:54 GMT

File type
ASCII text, with very long lines (7329), with no line terminators
Size
6.7 kB (6676 bytes)
Hash
21bc0deb669cebef6d921ae3355648c9
0871e4675c0f87bd37afe4d59f972c7300d5ef38
9e15e39a2f8c0e29113157fc423b8cd563c417f600a4369a5975dbdbff5eddd8

HTTP Headers

GET /assets/styles/arrow.css?v1 HTTP/1.1
Host: 32.pexeburay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://32.pexeburay.com/index/d5?diff=0&utm_source=ogdd&utm_campaign=16138&utm_content=&utm_clickid=fkk0sowsww8c8o0w&aurl=https://tiranator.com/engine/download.php?id=4534&an=&utm_term=&site=&darken=0&allFull=0&isubs=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 30 Oct 2024 03:52:19 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 12:29:48 GMT
etag: W/"636262bc-1a14"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KzQdjNUPDwxuN3L2BfgAmRSYSL4%2Fl3mvQwjHYbDh8FjbQXTfItrJ%2FDa1yc6f1XXzfJlQxlDYSi%2FV5bp%2B%2FzTHK2pi3duKZ0Gzi%2FpaoROupxMsMbgYx1ye3wZMAieVU2zndsJ4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8da873ae7cb6b515-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26473&sent=13&recv=7&lost=0&retrans=0&sent_bytes=4095&recv_bytes=1654&delivery_rate=32159&cwnd=12000&unsent_bytes=0&cid=ff0425793dd525aa&ts=371&x=1", cfHdrFlush;dur=0

GET 32.pexeburay.com/199f8c6.php?utm_source=ogdd&utm_campaign=16138

172.67.188.74

200 OK

43 kB

URL GET HTTP/3
32.pexeburay.com/199f8c6.php?utm_source=ogdd&utm_campaign=16138
IP
172.67.188.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://32.pexeburay.com/index/d5?diff=0&utm_source=ogdd&utm_campaign=16138&utm_content=&utm_clickid=fkk0sowsww8c8o0w&aurl=https://tiranator.com/engine/download.php?id=4534&an=&utm_term=&site=&darken=0&allFull=0&isubs=0
Certificate
IssuerGoogle Trust Services
Subjectpexeburay.com
Fingerprint1B:60:EC:42:7A:8A:7C:03:44:BA:6C:1B:6A:B1:47:8A:1D:1C:91:BC
ValidityThu, 24 Oct 2024 08:07:55 GMT - Wed, 22 Jan 2025 08:07:54 GMT

File type

Size
43 kB (42888 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /199f8c6.php?utm_source=ogdd&utm_campaign=16138 HTTP/1.1
Host: 32.pexeburay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://32.pexeburay.com/index/d5?diff=0&utm_source=ogdd&utm_campaign=16138&utm_content=&utm_clickid=fkk0sowsww8c8o0w&aurl=https://tiranator.com/engine/download.php?id=4534&an=&utm_term=&site=&darken=0&allFull=0&isubs=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 30 Oct 2024 03:52:19 GMT
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
content-encoding: gzip
cf-cache-status: DYNAMIC
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bl1PFC9nDskh%2Bd3DcLsiXlkJrhLjNC8EE%2BuPoHnoQNjQ5BeFVpE8uUfPn94Ym2Pst8o9fIhGaOdFMrUY%2F4uifyScj9QkEMFyo%2FloG7x052fM1v8W2W54Kb%2FTa7MJAE%2BdMRPu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8da873ae8cb7b515-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26473&sent=16&recv=7&lost=0&retrans=0&sent_bytes=6977&recv_bytes=1654&delivery_rate=32159&cwnd=12000&unsent_bytes=0&cid=ff0425793dd525aa&ts=376&x=1", cfHdrFlush;dur=0

GET tiranator.com/engine/download.php?id=4534

46.28.234.91

200 OK

15 kB

URL User Request GET HTTP/2
tiranator.com/engine/download.php?id=4534
IP
46.28.234.91:443
ASN
#207728 EUROHOSTER Ltd.

Certificate
IssuerLet's Encrypt
Subjecttiranator.com
Fingerprint26:7E:6A:57:08:62:3D:35:2C:90:E5:24:FC:71:1D:1D:EF:04:9E:D8
ValidityTue, 24 Sep 2024 00:00:46 GMT - Mon, 23 Dec 2024 00:00:45 GMT

File type
BitTorrent file
Size
15 kB (14803 bytes)
Hash
4278e308b328bc52211e3a0161fac1ed
14c096d8a1429e388cbc071cdfebf27f45b89c0d
c7619ce88b92c9fc6014b7f5eaec20926a43b5d347c136c92cf7d17ba0b5b0be

HTTP Headers

GET /engine/download.php?id=4534 HTTP/1.1
Host: tiranator.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://32.pexeburay.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 30 Oct 2024 03:52:19 GMT
content-type: application/x-bittorrent
expires: Tue, 1 Jan 1980 00:00:00 GMT
pragma: no-cache
set-cookie: PHPSESSID=1ebbrp5hf1njrdt43rdctkfsh7; path=/; domain=.tiranator.com; HttpOnly
dle_user_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.tiranator.com; httponly
dle_password=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.tiranator.com; httponly
dle_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.tiranator.com; httponly
last-modified: Wed, 30 Oct 2024 03:52:19 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-powered-by: https://0-web.ru/ (c) MSW
accept-ranges: bytes
content-transfer-encoding: binary
content-disposition: attachment; filename="gta.torrent"
strict-transport-security: max-age=31536000;
X-Firefox-Spdy: h2

GET hdtcode.com/event?data=&id=10

0.0.0.0

0 B

URL GET
hdtcode.com/event?data=&id=10
IP
0.0.0.0:0
ASN
#0

Requested by
https://32.pexeburay.com/index/d5?diff=0&utm_source=ogdd&utm_campaign=16138&utm_content=&utm_clickid=fkk0sowsww8c8o0w&aurl=https://tiranator.com/engine/download.php?id=4534&an=&utm_term=&site=&darken=0&allFull=0&isubs=0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /event?data=&id=10 HTTP/1.1
Host: hdtcode.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://32.pexeburay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Mnemonic Secure DNS

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (8)

URL POST HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN