Report - btdb.threeproxy.net/

Report Overview

Visited public
2023-10-28 12:27:48
Tags
URL
btdb.threeproxy.net/
Finishing URL
btdb.threeproxy.net/
IP / ASN
172.67.181.59
#13335 CLOUDFLARENET
Title
BTDB - Free Torrent Search Engine | Bittorrent Movies Search Engine | Free Movies Torrent Magnet Search Engine

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-10-27 18:12:18	888 B	57 kB	104.17.25.14
theusualsuspectz.biz	unknown	2023-01-27	2023-01-27 02:27:31	2023-10-27 11:14:06	414 B	49 kB	188.114.97.1
a.kgorilla.net	unknown	unknown	No data	No data	399 B	737 B	0.0.0.0
matomo.hellohi.me	545402	2019-07-03	2019-07-03 22:13:04	2023-10-27 11:13:46	409 B	67 kB	188.114.96.1
vpnk.net	unknown	2023-10-26	2015-11-05 22:35:09	2023-10-26 04:32:38	421 B	810 B	0.0.0.0
formden.com	454894	2015-01-11	2015-02-28 03:46:06	2023-10-16 17:31:16	473 B	204 kB	104.26.1.81
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18 02:37:31	2023-10-27 18:15:14	441 B	36 kB	104.18.11.207
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2023-10-27 18:12:18	470 B	3.2 kB	151.101.65.229
heartilyscales.com	unknown	2022-12-16	2022-12-16 09:32:11	2023-10-27 11:14:06	443 B	15 kB	173.233.137.44
use.fontawesome.com	942	2012-10-18	2017-01-30 05:43:25	2023-10-27 18:16:14	1.6 kB	145 kB	172.64.103.11
btdb.threeproxy.net	unknown	2021-02-15	2022-11-02 11:35:19	2023-07-02 18:50:06	5.9 kB	313 kB	172.67.181.59

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-10-28 12:27:30	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD
2023-10-28 12:27:30	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-10-28	medium	heartilyscales.com	Sinkholed
2023-10-28	medium	theusualsuspectz.biz	Sinkholed

ThreatFox

No alerts detected

JavaScript (17)

	URL	From	Size	First Seen	Last Seen
	btdb.threeproxy.net/	ScriptElement	208 B	2023-03-29	2024-08-21
Pretty URL btdb.threeproxy.net/ IP 172.67.181.59 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-29 22:55 Last Seen2024-08-21 04:42 Times Seen4 Hash 4be6588b9650d63c8034927b7ae145d0 57a127077111dc2075310eda76dc9369651cc06d 73eaaf8c35f60d5ff2fb22ab36ea99fcbc6daad2dfe0d2aedf3886e0c9f2ab4e Loading...

	btdb.threeproxy.net/	ScriptElement	28 B	2023-03-29	2024-08-21
Pretty URL btdb.threeproxy.net/ IP 172.67.181.59 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-29 22:55 Last Seen2024-08-21 04:42 Times Seen4 Hash b2ac40e4410229f0c3a6b567852983c0 153278185e8afa6bc67ad372f9b097cfc6353bc2 baccad037870581fe00cdee037b38c00dfb89fa592907051337a1d53cf2867d8 Loading...

	btdb.threeproxy.net/	ScriptElement	29 B	2023-03-29	2024-08-21
Pretty URL btdb.threeproxy.net/ IP 172.67.181.59 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-29 22:55 Last Seen2024-08-21 04:42 Times Seen4 Hash 5947c3025f3331d1e86c1c3b0f8c8c87 c3d5ae1c3db59e1db25a823e006786c7dd8ef0c2 843b2b00225e1cab51194e2b6776fda3f62f736f549581b82bc2f3cab50bb006 Loading...

	btdb.threeproxy.net/	ScriptElement	23 B	2023-03-29	2024-08-21
Pretty URL btdb.threeproxy.net/ IP 172.67.181.59 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-29 22:55 Last Seen2024-08-21 04:42 Times Seen4 Hash 16f63b9dcf0f424d166b06552e753025 852462482ea547b421acf7fde7aa0397b125f836 8987ec50ed22908b8b41659c4c93826189ac1b9dd9a588f97ca9074d37a837c6 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js	ScriptElement	87 kB	2023-03-07	2025-05-11
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 03:19 Times Seen57531 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	btdb.threeproxy.net/	ScriptElement	469 B	2023-04-13	2024-08-21
Pretty URL btdb.threeproxy.net/ IP 172.67.181.59 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-13 18:12 Last Seen2024-08-21 04:42 Times Seen4 Hash bf417fe4e512829632380c81a7e42fe3 d3035dcfe4a7dc51d07d11781536240cfd5544da 310eff8fb93c3a778046909a0ed58f55242d27c26a16c6fe321780dc922ea3af Loading...

	btdb.threeproxy.net/	ScriptElement	508 B	2023-03-29	2024-08-21
Pretty URL btdb.threeproxy.net/ IP 172.67.181.59 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-29 22:55 Last Seen2024-08-21 04:42 Times Seen4 Hash 971e865ea5337d6b2aa044559c8cef84 a336f6bb07e1dd502f4bd9926db43f009401d665 ffe1ecdd8128c02ffb72bdab6c678c05e5786f3f2bf0c0d957183eaf1cd51284 Loading...

	btdb.threeproxy.net/app/apx14.js	ScriptElement	7.7 kB	2023-03-07	2025-05-10
Pretty URL btdb.threeproxy.net/app/apx14.js IP 172.67.181.59 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:40 Last Seen2025-05-10 16:28 Times Seen810 Hash dfb1f327618e201778f2de85cfbcd173 fceb89a2221463e5bc5a71feff1247683ab08cc5 dc03bc8b63938916a73dd976e186d05559ddc61da2725e1063b7936fa9f0fc33 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/3.3.0/js/bootstrap.min.js	ScriptElement	35 kB	2023-03-07	2025-05-07
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/3.3.0/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-07 04:54 Times Seen589 Hash 281cd50dd9f58c5550620fc148a7bc39 dfb8410ffc10a57d69b81620087c5a0b6027765a 484081bfe6c76d77610eb71a6e71206fe5304d62c037f058b403592192069306 Loading...

	btdb.threeproxy.net/	ScriptElement	551 B	2023-03-07	2025-04-15
Pretty URL btdb.threeproxy.net/ IP 172.67.181.59 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:40 Last Seen2025-04-15 09:40 Times Seen77 Hash fdc2bec923b3895a187277ce3537c9b4 961e4ad149ede60e2fec4cbf1660140d5368eb43 0f4a4441301771b5e6cef91663dfe35f3bb5117354ba3a6b7d741bf0f133da33 Loading...

	btdb.threeproxy.net/	ScriptElement	816 B	2024-08-20	2024-08-20
Pretty URL btdb.threeproxy.net/ IP 172.67.181.59 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 22:04 Last Seen2024-08-20 22:04 Times Seen1 Hash d2be7526241467e32188910c511220fc 5b3896b0c984028926a3d6249bec2804c45009ab 79e6bc4c5a495fa452565d028dd8dbfc717fbb470b87ca4afa3e187fe3e6fdae Loading...

	btdb.threeproxy.net/	ScriptElement	464 B	2023-03-12	2024-08-20
Pretty URL btdb.threeproxy.net/ IP 172.67.181.59 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 23:23 Last Seen2024-08-20 22:04 Times Seen3 Hash fbf6efcde393617bd273b98b3faa67e1 c9b3a20a4a1a77fecc86927cfc312b27a4be56c1 de8dec6a19a7b4dd125728cb12bc49db134b0af38d2175dac7c3fcdeabb860e9 Loading...

	unknown	Function	34 B	2023-04-11	2025-05-10
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:16 Last Seen2025-05-10 19:46 Times Seen67031 Hash 572cb94037fffc2a0a53b465972e15f1 0d679b041a7c1ca45cc99e2d229fc2b86762838d 6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35 Loading...

	unknown	EventHandler	21 B	2023-04-10	2025-05-10
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 22:51 Last Seen2025-05-10 22:31 Times Seen5394 Hash e56ddbb05a974a6bc5ea44661e509a21 448d4cb69f9441e10731b1ff4aa9dc81502589bd 1759e8c6c2ce9c987245281cd33bb9260ce82e31b604131a5da486db89369913 Loading...

	btdb.threeproxy.net/	ScriptElement	449 B	2023-03-07	2025-04-15
Pretty URL btdb.threeproxy.net/ IP 172.67.181.59 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:40 Last Seen2025-04-15 12:49 Times Seen391 Hash 8ec4ea2cc07fb4298dd793cbc67d3755 04c34c92ef5baad58af7c56b728d4a84c55f7185 9a0e8ee9789c9f554b318f332bf0d2c61f85cdcf33afc1228b6f94181f841b1d Loading...

	btdb.threeproxy.net/	ScriptElement	100 kB	2023-10-27	2024-08-20
Pretty URL btdb.threeproxy.net/ IP 172.67.181.59 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-27 12:12 Last Seen2024-08-20 22:13 Times Seen30 Hash 78ec2d8d2582ad5df7b6a5a9deabb953 3c5905c49bdc61b45d09b00ecd0bad7ff615eea4 3bab62497d7cb623716204657dbc55b922e5438a78ce4d63d7c7e070e56d7698 Loading...

	btdb.threeproxy.net/app/apx19.js	ScriptElement	9.2 kB	2023-03-07	2025-05-10
Pretty URL btdb.threeproxy.net/app/apx19.js IP 172.67.181.59 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:40 Last Seen2025-05-10 16:28 Times Seen806 Hash 2344c3f05f624d595f6fb920e4d74ded eb4d1404ac2d5eecd307f4588aeeab5c8ef463f1 3a28fe59e4a2af96d8edeeb12d7040c574cf71fa88fccb5cf49e9c0a1d4e4c7a Loading...

HTTP Transactions (25)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

104.17.25.14

200 OK

27 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://btdb.threeproxy.net/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65451)
Size
27 kB (27433 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btdb.threeproxy.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Oct 2023 12:27:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 27433
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1538f"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 111765
expires: Thu, 17 Oct 2024 12:27:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ruW%2BbMYJ4swKfl6npgd6dxS9bjvGdqovb0md%2FBoT0GT8gt056%2FWUayiXBCMzFi%2BgPWn9CxhV6VI6G4sChJqEoMdvti9VP7DZawC%2FDmKcDIVpqObEWCEBxhXXBDZnUHrpbGx4%2FZ4%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 81d32c55a8290b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/file-icon-vectors@1.0.0/dist/file-icon-square-o.min.css

151.101.65.229

200 OK

2.4 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/file-icon-vectors@1.0.0/dist/file-icon-square-o.min.css
IP
151.101.65.229:443
ASN
#54113 FASTLY

Requested by
https://btdb.threeproxy.net/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with very long lines (25734)
Size
2.4 kB (2434 bytes)
Hash
fca0ba5ed4d8f09dd04b4b69669baf75
46b5d1d7ed20d24fafd7c920ec77aa7905c9c80c
c7593a2088993b008f62c4f0e70de7ee5fe596646d6b74b1b76da918ef904dc0

HTTP Headers

GET /npm/file-icon-vectors@1.0.0/dist/file-icon-square-o.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btdb.threeproxy.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.0.0
x-jsd-version-type: version
etag: W/"6578-RrXR1+0g0k+v18kg7HeqeQXJyAw"
content-encoding: br
accept-ranges: bytes
date: Sat, 28 Oct 2023 12:27:29 GMT
age: 2803899
x-served-by: cache-fra-etou8220052-FRA, cache-bma1658-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2434
X-Firefox-Spdy: h2

heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js

173.233.137.44

200 OK

14 kB

URL GET HTTP/1.1
heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://btdb.threeproxy.net/
Certificate
IssuerLet's Encrypt
Subjectheartilyscales.com
FingerprintF0:0C:2F:00:27:D9:41:A2:9B:5F:2C:5F:B6:BE:55:43:BB:A5:CC:81
ValidityFri, 13 Oct 2023 06:44:51 GMT - Thu, 11 Jan 2024 06:44:50 GMT

File type
ASCII text, with very long lines (40553), with no line terminators
Size
14 kB (14297 bytes)
Hash
5047cf7bd7f43f63f7ebc7583ccb46ff
5e169c097d217c5b4109c575a3de58ce70b97444
154b97a1779156ddf70a7318c113b167fc52ff9598d6911dbbcd13fb049f462b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /a2/86/90/a286902791a7f4c98bcb1e812322cd78.js HTTP/1.1
Host: heartilyscales.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btdb.threeproxy.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 28 Oct 2023 12:27:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9ff71f0d3778a93fad66d49e177b25b9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

104.17.25.14

200 OK

27 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://btdb.threeproxy.net/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65451)
Size
27 kB (27433 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btdb.threeproxy.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 12:27:30 GMT
content-type: application/javascript; charset=utf-8
content-length: 27433
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1538f"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 111766
expires: Thu, 17 Oct 2024 12:27:30 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54gsQWaL7MgW2i5ySnweQ8KDPa82XfKAJKlbzPwSo5gTypRJNZfZJlTXZyuMzMeLo3UyeSWn6nbhOT9lZcyXz7TjCP0Gdot1fBDKgmwoOHjrd%2FhxGd%2Fa6GKl5R60jvohaHrT2ec9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 81d32c5bdd540b55-OSL
alt-svc: h3=":443"; ma=86400

use.fontawesome.com/releases/v5.8.1/webfonts/fa-regular-400.woff2

172.64.103.11

200 OK

14 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.8.1/webfonts/fa-regular-400.woff2
IP
172.64.103.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://btdb.threeproxy.net/
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 13552, version 329.-17761\012- data
Size
14 kB (13552 bytes)
Hash
e6257a726a0cf6ec8c6fec22821c055f
8583a4f0dd12e15a48b3395593307a84d971cc33
ccf4db1eeb68c96e05e74f8ebfa75cc60c3a0fed862dae6b0ad85d4e1b5b4e4f

HTTP Headers

GET /releases/v5.8.1/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btdb.threeproxy.net
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 28 Oct 2023 12:27:30 GMT
content-type: font/woff2
content-length: 13552
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "e6257a726a0cf6ec8c6fec22821c055f"
last-modified: Fri, 22 Sep 2023 01:45:57 GMT
vary: Origin, Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lg49zucVSEzbRqfrOBZa1g6yBkMYGtEm2tDeLunHY3EfutAtwhCKxth2GMHCZc9xjARFH8n0QBAenmc7tU8Djo9jJr%2FMx24tgVt%2FPdg5KKvzjXi6fywSlXhGM7%2B3vCmX1oKJ3O2i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d32c5beef84195-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.8.1/webfonts/fa-solid-900.woff2

172.64.103.11

200 OK

74 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.8.1/webfonts/fa-solid-900.woff2
IP
172.64.103.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://btdb.threeproxy.net/
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 74256, version 329.-17761\012- data
Size
74 kB (74256 bytes)
Hash
418dad87601f9c8abd0e5798c0dc1feb
a6b003ef506e92d05cde73adf67487d7fd7ec6df
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe

HTTP Headers

GET /releases/v5.8.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btdb.threeproxy.net
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 28 Oct 2023 12:27:30 GMT
content-type: font/woff2
content-length: 74256
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "418dad87601f9c8abd0e5798c0dc1feb"
last-modified: Fri, 22 Sep 2023 01:45:57 GMT
vary: Origin, Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rHe927ItpgbSvN7wiJ0t0G0yOaR%2BXwq8PJNDy2r4iT0opbHgFA9VueI5%2BSJJV4aMPcDUquA2zUuYShtmS6bUwLPhjj2x3hQgFjY2Fcg5U6uRIvZSjux%2B5mnCYd3qCjzNDcerUugh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d32c5beef54195-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

btdb.threeproxy.net/files/font-awesome.min.css

172.67.181.59

200 OK

32 kB

URL GET HTTP/3
btdb.threeproxy.net/files/font-awesome.min.css
IP
172.67.181.59:443
ASN
#13335 CLOUDFLARENET

Requested by
https://btdb.threeproxy.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectthreeproxy.net
FingerprintE2:33:C3:DA:78:EF:CD:12:85:27:FB:DB:05:9E:1A:D7:27:F3:F3:45
ValiditySun, 08 Oct 2023 04:42:31 GMT - Sat, 06 Jan 2024 04:42:30 GMT

File type
ASCII text, with very long lines (30808)
Size
32 kB (31579 bytes)
Hash
617e867a0b0f815f3bb65942971a26e3
542160bc1c9a120eb1660f11d4426d9e9cbb5ce3
d802f77b468c09dbaf124f8fffc9de28bad80b11589d0652deee6c06b871ea4f

HTTP Headers

GET /files/font-awesome.min.css HTTP/1.1
Host: btdb.threeproxy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btdb.threeproxy.net/
Cookie: view=1; PHPSESSID=hei8j3tn0a29s0nsgcmb4029gs
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Oct 2023 12:27:29 GMT
content-type: text/css;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Sun, 29-Oct-2023 12:27:29 GMT; Max-Age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vx%2FZUhMg2MFLmuzst%2BQpLE52uEt%2BPsWM8%2FXVzFs819WYZ9EHkS%2BwegS0wUkqr8OTfAZzQO4DmxJLQ6jKQtyTD4qiMSHJzjbC6gEZYz55x9q%2FcVK7ResZZOGuPku9Kx%2B6dKsoE40V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d32c554ffb0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

theusualsuspectz.biz/j/m/qqqq.js

188.114.97.1

200 OK

48 kB

URL GET HTTP/2
theusualsuspectz.biz/j/m/qqqq.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://btdb.threeproxy.net/
Certificate
IssuerGoogle Trust Services LLC
Subjecttheusualsuspectz.biz
Fingerprint24:F3:7E:77:4B:2B:67:1B:B9:2E:2F:DF:7F:15:E9:9A:23:12:2F:89
ValidityWed, 20 Sep 2023 02:26:53 GMT - Tue, 19 Dec 2023 02:26:52 GMT

File type
ASCII text, with very long lines (48351), with no line terminators
Size
48 kB (48351 bytes)
Hash
febd5bfc829d7c8aa363e93e2e61f414
10d66213a9249bea47b15acf295323f01d217ef0
ff391f38fc73325f58d0626b9415ac121f1461407d74e86ebddefd8180050d76

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /j/m/qqqq.js HTTP/1.1
Host: theusualsuspectz.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btdb.threeproxy.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Oct 2023 12:27:29 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 02 Mar 2021 03:16:06 GMT
etag: W/"603dadf6-bcdf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: br
cf-cache-status: HIT
age: 109668
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UaLhofnFJi2AeHGTZvGXbTXBCEXYX3YSYyUOnMq86nJYdadQIyydQVrIrwUrFV%2F0ddqE5wImWj6m8SaSI3xwZH7uawetuwFrLBlm3kPr8v3yIdLjAMAFTmgvsUySAXRj85j0o7NmcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d32c560e5db524-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

btdb.threeproxy.net/app/x12.js

172.67.181.59

200 OK

11 kB

URL GET HTTP/3
btdb.threeproxy.net/app/x12.js
IP
172.67.181.59:443
ASN
#13335 CLOUDFLARENET

Requested by
https://btdb.threeproxy.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectthreeproxy.net
FingerprintE2:33:C3:DA:78:EF:CD:12:85:27:FB:DB:05:9E:1A:D7:27:F3:F3:45
ValiditySun, 08 Oct 2023 04:42:31 GMT - Sat, 06 Jan 2024 04:42:30 GMT

File type
ASCII text, with very long lines (11180), with no line terminators
Size
11 kB (11180 bytes)
Hash
94efa3c05291ac5cccd32cc3a11c9724
3a033e4d6f5e5eaf76030a81c8a05c619de436c2
58c753f7ffcb584d2ed43470ec9bdd30a4cd4723f368d83de6163413d5555102

HTTP Headers

GET /app/x12.js HTTP/1.1
Host: btdb.threeproxy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btdb.threeproxy.net/
Cookie: view=1; PHPSESSID=hei8j3tn0a29s0nsgcmb4029gs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Oct 2023 12:27:29 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 15 Sep 2020 18:26:18 GMT
etag: W/"5f61074a-2bac"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teFbmXPEyTmEg%2BlyK8q8XAuw6MvQ%2FZUwRoxaEpPSTA2iBXh9j6Mth8kI1fCkuka2RQ2NRxGv9JfmeK%2F79eekQzlYJm9ATmrVbolOH%2Bp4OQqpNlywDl5r7ubWFZoOs9AGzaVkKNhw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d32c5578180b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

matomo.hellohi.me/matomo.js

188.114.96.1

200 OK

66 kB

URL GET HTTP/2
matomo.hellohi.me/matomo.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://btdb.threeproxy.net/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint3B:19:FF:F4:F0:F2:6F:BE:66:7F:4C:A0:E8:02:E6:F4:94:A8:6C:68
ValidityWed, 01 Mar 2023 00:00:00 GMT - Thu, 29 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1601)
Size
66 kB (65842 bytes)
Hash
a3a7245d6daf7d31d2069c0ba05879dd
ec1bf464889e71aec1ced6d8361a26c76e4a1460
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

HTTP Headers

GET /matomo.js HTTP/1.1
Host: matomo.hellohi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btdb.threeproxy.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Oct 2023 12:27:30 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 19 Oct 2023 04:58:52 GMT
etag: W/"6530b78c-10132"
expires: Sat, 28 Oct 2023 12:28:29 GMT
cache-control: public, max-age=14400
pragma: public
content-encoding: br
cf-cache-status: HIT
age: 3541
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpOzjKeDe1lD9CXIwpAjyUUGWhkGDUuAy0r7MjFwbMMJl0pGvRoYSQ7zztz7KePuwoawS%2BGnx1TkOvf3cGdmiOwvIvovII2e0pBiO5ikg24Tcq%2Fj9RBvFYbdnNvnIiuZBS98KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d32c5cdac9b512-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.8.1/css/all.css

172.64.103.11

200 OK

55 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.8.1/css/all.css
IP
172.64.103.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://btdb.threeproxy.net/
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (54926)
Size
55 kB (55111 bytes)
Hash
e4c542a7f6bf6f74fdd8cdf6e8096396
3a0571a695a35f238026b9398386dc99d9a0c56d
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

HTTP Headers

GET /releases/v5.8.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://btdb.threeproxy.net
DNT: 1
Connection: keep-alive
Referer: https://btdb.threeproxy.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Oct 2023 12:27:30 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
etag: W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
last-modified: Fri, 22 Sep 2023 01:45:55 GMT
vary: Origin, Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIqxlQGQ044FcW456aDR0GLx3GQYKdv3T8HzqhoiOUJUm8LQDLfd5tRZKMVnFWBVssPTDlBFTc3wkz8uUDez0bT0XtPsAzjIpcGNdBVBdvL%2BKw07uk53Hp2lSwO3nsufbh%2B%2FFa9R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d32c57f8d34195-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

btdb.threeproxy.net/zpp/zpp4.js?q22q2q2

172.67.181.59

200 OK

39 kB

URL GET HTTP/3
btdb.threeproxy.net/zpp/zpp4.js?q22q2q2
IP
172.67.181.59:443
ASN
#13335 CLOUDFLARENET

Requested by
https://btdb.threeproxy.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectthreeproxy.net
FingerprintE2:33:C3:DA:78:EF:CD:12:85:27:FB:DB:05:9E:1A:D7:27:F3:F3:45
ValiditySun, 08 Oct 2023 04:42:31 GMT - Sat, 06 Jan 2024 04:42:30 GMT

File type
ASCII text, with very long lines (38995), with no line terminators
Size
39 kB (38995 bytes)
Hash
7dc63553536847077855df4f82f1ec18
146c3aac34cb4e7e1e9c692ccd0161b2e4f018de
3a18b1964d1d209c46d754459b9ef98d4a9a85065e245f8311be727ffee3f960

HTTP Headers

GET /zpp/zpp4.js?q22q2q2 HTTP/1.1
Host: btdb.threeproxy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btdb.threeproxy.net/
Cookie: view=1; PHPSESSID=hei8j3tn0a29s0nsgcmb4029gs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Oct 2023 12:27:29 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 02 Mar 2021 05:54:51 GMT
etag: W/"603dd32b-9853"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QwnHbieKpYZXsRI7ilDxdJ%2F5oqYE7DRBcUYuIo%2BSQgZCeJdCohwb%2FzBWkIu851%2FhsKziQWiRKwX9bt0Swyqt788OM6sYdS6%2BkD2DB5eqoN%2BxXjkk%2Fu%2BFkq1XJGfsbyBVcHkpcbYA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d32c5578160b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

btdb.threeproxy.net/files/logo.png

172.67.181.59

200 OK

1.9 kB

URL GET HTTP/3
btdb.threeproxy.net/files/logo.png
IP
172.67.181.59:443
ASN
#13335 CLOUDFLARENET

Requested by
https://btdb.threeproxy.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectthreeproxy.net
FingerprintE2:33:C3:DA:78:EF:CD:12:85:27:FB:DB:05:9E:1A:D7:27:F3:F3:45
ValiditySun, 08 Oct 2023 04:42:31 GMT - Sat, 06 Jan 2024 04:42:30 GMT

File type
PNG image data, 304 x 93, 8-bit colormap, non-interlaced\012- data
Size
1.9 kB (1901 bytes)
Hash
6f645b7af1f3bdca67aa63b6ff66feff
c2f7b59a1056156f2f626b00d1090e154299ddfd
bbf464c6924486f9dac61ca28427e1f17e4a4f02cc5f3e4009e48241622636f9

HTTP Headers

GET /files/logo.png HTTP/1.1
Host: btdb.threeproxy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btdb.threeproxy.net/
Cookie: view=1; PHPSESSID=hei8j3tn0a29s0nsgcmb4029gs
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Oct 2023 12:27:29 GMT
content-type: image/png
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Sun, 29-Oct-2023 12:27:29 GMT; Max-Age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RxzdwJGLqSGqX6oX9ODopTRt4t786cMNJnHNGvN%2BlmvCumCEr8LXm5NvxCQEYUuTTH9g62cvxSg1ytPYQ2l57xjd7a1bx9%2FRNzMN2dyJZ47pZhU2oDz%2BF4UJCUgc%2BieyV0IcE5%2BX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d32c55680c0b65-OSL
alt-svc: h3=":443"; ma=86400

btdb.threeproxy.net/cdn-cgi/apps/head/eonMsSaWoPGHqHdsBoYDBPjD6UM.js

172.67.181.59

404 Not Found

0 B

URL GET HTTP/3
btdb.threeproxy.net/cdn-cgi/apps/head/eonMsSaWoPGHqHdsBoYDBPjD6UM.js
IP
172.67.181.59:443
ASN
#13335 CLOUDFLARENET

Requested by
https://btdb.threeproxy.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectthreeproxy.net
FingerprintE2:33:C3:DA:78:EF:CD:12:85:27:FB:DB:05:9E:1A:D7:27:F3:F3:45
ValiditySun, 08 Oct 2023 04:42:31 GMT - Sat, 06 Jan 2024 04:42:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/apps/head/eonMsSaWoPGHqHdsBoYDBPjD6UM.js HTTP/1.1
Host: btdb.threeproxy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btdb.threeproxy.net/
Cookie: view=1; PHPSESSID=hei8j3tn0a29s0nsgcmb4029gs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sat, 28 Oct 2023 12:27:29 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5mfaLN3HEZzvp52cTT1QezBFtkdB%2BzaOugUSr4fWUkosUo5%2Ba9ZwPK7jWwQwW9NzlGQ20i9xhSqCtkNoMv8IVqOdWXQKsnXNc76sI1hDnim08Wvl7F8bwnLBUMEleKNHpuXBSEL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d32c554ff70b65-OSL
alt-svc: h3=":443"; ma=86400

vpnk.net/api_.null.p_.null.nfo.php?js=1

0.0.0.0

0 B

URL GET
vpnk.net/api_.null.p_.null.nfo.php?js=1
IP
0.0.0.0:0
ASN
#0

Requested by
https://btdb.threeproxy.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectvpnk.net
FingerprintE0:D4:2B:31:AF:FB:28:79:75:3C:CA:9C:78:55:CC:3B:D9:41:C3:34
ValidityWed, 25 Oct 2023 23:37:08 GMT - Tue, 23 Jan 2024 23:37:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api_.null.p_.null.nfo.php?js=1 HTTP/1.1
Host: vpnk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btdb.threeproxy.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 28 Oct 2023 12:27:29 GMT
content-type: text/html; charset=UTF-8
location: https://a.kgorilla.net/h/
set-cookie: view=1; expires=Sun, 29-Oct-2023 12:27:29 GMT; Max-Age=86400
PHPSESSID=0j18sp0bbtqf4c1qnd6oos7cn1; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BNNAJpANkrnD9RD0XS0S7hNAm8519gPwHP11DGGKZvZmFELFMoJPmB6uusKlcj2iLLway1YovcAz4fWB%2BV%2F3luvJwkFGo3h0ELeiUdmci7At9O5WY2%2FJSub9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d32c561a720b51-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

btdb.threeproxy.net/favicon.ico

172.67.181.59

200 OK

15 kB

URL GET HTTP/3
btdb.threeproxy.net/favicon.ico
IP
172.67.181.59:443
ASN
#13335 CLOUDFLARENET

Requested by
https://btdb.threeproxy.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectthreeproxy.net
FingerprintE2:33:C3:DA:78:EF:CD:12:85:27:FB:DB:05:9E:1A:D7:27:F3:F3:45
ValiditySun, 08 Oct 2023 04:42:31 GMT - Sat, 06 Jan 2024 04:42:30 GMT

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
15 kB (15086 bytes)
Hash
78dd0e186388a14197d9f79a10712145
a3250a837f99f52cbdd470c8b035aced9c3853d9
9097c15555c5392a97778f6a3860d7648b8ff59d06b28d2bae1d147052fd8ddc

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: btdb.threeproxy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btdb.threeproxy.net/
Cookie: view=1; PHPSESSID=hei8j3tn0a29s0nsgcmb4029gs
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Oct 2023 12:27:31 GMT
content-type: image/x-icon
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Sun, 29-Oct-2023 12:27:31 GMT; Max-Age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKp5zweu6NmriAbA9zF0Z%2BCGGpWbQbCdWQrIeG41ICxXe9b8mrhvZE619EPf9Gxbh7kQgOBnNw%2FxlpY3A6YffyE0A%2B7ecaZPB9RkwBf7r3lxPuwXecKlfvoW%2FQUU0TzJ64h9hgd%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d32c622fe80b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

btdb.threeproxy.net/app/apx19.js

172.67.181.59

200 OK

9.2 kB

URL GET HTTP/3
btdb.threeproxy.net/app/apx19.js
IP
172.67.181.59:443
ASN
#13335 CLOUDFLARENET

Requested by
https://btdb.threeproxy.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectthreeproxy.net
FingerprintE2:33:C3:DA:78:EF:CD:12:85:27:FB:DB:05:9E:1A:D7:27:F3:F3:45
ValiditySun, 08 Oct 2023 04:42:31 GMT - Sat, 06 Jan 2024 04:42:30 GMT

File type
ASCII text, with very long lines (10516), with no line terminators
Size
9.2 kB (9183 bytes)
Hash
d26dea46bd49f9297502159ed377f84c
2da344f74215617efd03c4805e5e15d7d8039515
77d7964a36f5c3105bc99271b3ffe2d4ebc5541e4acd38def734b3eaea38fd38

HTTP Headers

GET /app/apx19.js HTTP/1.1
Host: btdb.threeproxy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btdb.threeproxy.net/
Cookie: view=1; PHPSESSID=hei8j3tn0a29s0nsgcmb4029gs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Oct 2023 12:27:29 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 15 Sep 2020 18:46:59 GMT
etag: W/"5f610c23-23df"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zo192Hl0yTVpCDVWQP4IzAUf1mZu1fT6ON7ZxTQB6cIL8iQFZm7bijel1R86z%2FXiOlg%2FhbXdJYLgnLI9OG6WLwtUNAobOau6aUaC2Kpq0vDlXlcCPNaxjeGUpdALvIElQY0fHcYA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d32c55680e0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

btdb.threeproxy.net/hy.js?q22q2q2

172.67.181.59

200 OK

56 kB

URL GET HTTP/3
btdb.threeproxy.net/hy.js?q22q2q2
IP
172.67.181.59:443
ASN
#13335 CLOUDFLARENET

Requested by
https://btdb.threeproxy.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectthreeproxy.net
FingerprintE2:33:C3:DA:78:EF:CD:12:85:27:FB:DB:05:9E:1A:D7:27:F3:F3:45
ValiditySun, 08 Oct 2023 04:42:31 GMT - Sat, 06 Jan 2024 04:42:30 GMT

File type
ASCII text, with very long lines (56131), with no line terminators
Size
56 kB (56131 bytes)
Hash
667d77da844b6d5ad62b2f26e77b4b12
01ae61192a38af73a93c67468fb8271d7bbfa4f6
f240ce7fa62cd81d92f29081815f2cd2376ea6867887d17d5625009ebdf355b1

HTTP Headers

GET /hy.js?q22q2q2 HTTP/1.1
Host: btdb.threeproxy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btdb.threeproxy.net/
Cookie: view=1; PHPSESSID=hei8j3tn0a29s0nsgcmb4029gs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Oct 2023 12:27:29 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 02 Mar 2021 05:54:49 GMT
etag: W/"603dd329-db43"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9edvnfX1NvbOo8XzHLfQMIE90VceL7I5f2y0JkYbiY7OITEOa8AWxvhm1fbbjlGT9AAWR6Gb3nP0c5D8KRPD4fCqCN2hh7ygy1YxVLMh2pKMAsPdi6%2BPfibNls17Qh7ZPMG2n1%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d32c5578150b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

btdb.threeproxy.net/files/style.css?v=3

172.67.181.59

200 OK

15 kB

URL GET HTTP/3
btdb.threeproxy.net/files/style.css?v=3
IP
172.67.181.59:443
ASN
#13335 CLOUDFLARENET

Requested by
https://btdb.threeproxy.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectthreeproxy.net
FingerprintE2:33:C3:DA:78:EF:CD:12:85:27:FB:DB:05:9E:1A:D7:27:F3:F3:45
ValiditySun, 08 Oct 2023 04:42:31 GMT - Sat, 06 Jan 2024 04:42:30 GMT

File type

Size
15 kB (14554 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /files/style.css?v=3 HTTP/1.1
Host: btdb.threeproxy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btdb.threeproxy.net/
Cookie: view=1; PHPSESSID=hei8j3tn0a29s0nsgcmb4029gs
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Oct 2023 12:27:29 GMT
content-type: text/css;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Sun, 29-Oct-2023 12:27:29 GMT; Max-Age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5QQMTRY2D0pDW8ev8n8l4DayVgsuxEkABtebHCOiTdwpQUAjkwsQj%2B9GmhdwnzbOBMzLCdKukTod1EEMQPrtTViwL9xCLVC70qHa46WXP3y4NznlThHszQMUJaezikctWenxAEMf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d32c554ffa0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

formden.com/static/assets/demos/bootstrap-iso/bootstrap-iso/bootstrap-iso.css

104.26.1.81

200 OK

203 kB

URL GET HTTP/2
formden.com/static/assets/demos/bootstrap-iso/bootstrap-iso/bootstrap-iso.css
IP
104.26.1.81:443
ASN
#13335 CLOUDFLARENET

Requested by
https://btdb.threeproxy.net/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB4:20:D5:56:2D:B7:AA:41:22:3D:EF:6E:99:C8:76:04:93:79:F0:F1
ValidityWed, 19 Apr 2023 00:00:00 GMT - Thu, 18 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (386)
Size
203 kB (202858 bytes)
Hash
983b32a3322df186728fb6b0f8a1fb74
16402572b9e1e854737c0adade7372b680739f2b
404e4e0e62d557f5850e6f82dcf55d7295566f59046b98d6bdd8f043bd61a136

HTTP Headers

GET /static/assets/demos/bootstrap-iso/bootstrap-iso/bootstrap-iso.css HTTP/1.1
Host: formden.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btdb.threeproxy.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Oct 2023 12:27:29 GMT
content-type: text/css
last-modified: Fri, 25 Sep 2015 15:49:42 GMT
etag: W/"3186a-520944bc5d687-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DvHNXG%2BcB9ajG84VZ2HmMfTznKeUBYShsEhrGoLYoJmRZU1aGR50NuT6bVsEx1efoN10K%2FNy2VXk7mDk2mCH%2BRb9c6Rp63phaeQoxHVgPR%2FT1P1IjE4zFwAzx1X1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d32c55dbedb527-OSL
content-encoding: br
X-Firefox-Spdy: h2

btdb.threeproxy.net/

172.67.181.59

200 OK

118 kB

URL User Request GET HTTP/2
btdb.threeproxy.net/
IP
172.67.181.59:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectthreeproxy.net
FingerprintE2:33:C3:DA:78:EF:CD:12:85:27:FB:DB:05:9E:1A:D7:27:F3:F3:45
ValiditySun, 08 Oct 2023 04:42:31 GMT - Sat, 06 Jan 2024 04:42:30 GMT

File type

Size
118 kB (117928 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: btdb.threeproxy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Oct 2023 12:27:28 GMT
content-type: text/html;charset=UTF-8
set-cookie: view=1; expires=Sun, 29-Oct-2023 12:27:28 GMT; Max-Age=86400
PHPSESSID=hei8j3tn0a29s0nsgcmb4029gs; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jw6mNkShmRZ%2BLhMCIrF5IeZIu%2F3ObWtTUqDq6lOgTkCkcV8FY8jewJ7G3CPKz36fe2McWlNMYO2%2FTL9hwQRKSxI4JFc2ey5RSMWxrb3vmor4xzV4V2Ox0phj7ZL%2Bd0aOHrHLfIzj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d32c500b63569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/3.3.0/js/bootstrap.min.js

104.18.11.207

200 OK

35 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.3.0/js/bootstrap.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://btdb.threeproxy.net/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (32108)
Size
35 kB (34653 bytes)
Hash
281cd50dd9f58c5550620fc148a7bc39
dfb8410ffc10a57d69b81620087c5a0b6027765a
484081bfe6c76d77610eb71a6e71206fe5304d62c037f058b403592192069306

HTTP Headers

GET /bootstrap/3.3.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btdb.threeproxy.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Oct 2023 12:27:29 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
cdn-edgestorageid: 617, 617
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
cdn-cachedat: 2021-04-13 03:03:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: cf5df4bf0119679a95c9a64be7d8c9f1
cdn-cache: HIT
cf-cache-status: HIT
age: 209902
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 81d32c55ebfcb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

btdb.threeproxy.net/app/apx14.js

172.67.181.59

200 OK

7.7 kB

URL GET HTTP/3
btdb.threeproxy.net/app/apx14.js
IP
172.67.181.59:443
ASN
#13335 CLOUDFLARENET

Requested by
https://btdb.threeproxy.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectthreeproxy.net
FingerprintE2:33:C3:DA:78:EF:CD:12:85:27:FB:DB:05:9E:1A:D7:27:F3:F3:45
ValiditySun, 08 Oct 2023 04:42:31 GMT - Sat, 06 Jan 2024 04:42:30 GMT

File type
ASCII text, with very long lines (8720), with no line terminators
Size
7.7 kB (7663 bytes)
Hash
3db7729f5768690d08cfbb852bda88b3
29d50e49674a25263da47dec24318c1a68f003e0
997dcda1cc75d9821ee6a9b2dba6fff73b5f104ed1a49792f998d7fe70d24893

HTTP Headers

GET /app/apx14.js HTTP/1.1
Host: btdb.threeproxy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btdb.threeproxy.net/
Cookie: view=1; PHPSESSID=hei8j3tn0a29s0nsgcmb4029gs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Oct 2023 12:27:29 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 15 Sep 2020 18:26:19 GMT
etag: W/"5f61074b-1def"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gplRZFReshhHLxoGwBD%2FT5tDIx5TQOalIAw%2BbhIxT6XEQjtFH0xowui4ZC0%2BcdMteeFg24c0DVylLaHkOXtgLXxy9NuKZFfRDWpqqtk9gmW%2Fp9dABF4oIB7GbGID8dkckcQhtIv%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d32c5578170b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

a.kgorilla.net/h/

0.0.0.0

0 B

URL GET
a.kgorilla.net/h/
IP
0.0.0.0:0
ASN
#0

Requested by
https://btdb.threeproxy.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectkgorilla.net
FingerprintAA:8F:5C:B1:8D:32:2D:AF:69:10:E9:E4:AB:8C:A1:E3:38:AF:89:0F
ValidityWed, 25 Oct 2023 23:39:08 GMT - Tue, 23 Jan 2024 23:39:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /h/ HTTP/1.1
Host: a.kgorilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://btdb.threeproxy.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Oct 2023 12:27:30 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=s9mu6ppcd9s4jnv7kh7t94e489; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AXV%2FrBgRodpRigHd%2B77nRigDFJhEMMG1oonzS5lxLY7qa5ReiTsS4KAbZ15HenUOnaxJRmB4rPFMyJfURShL6Z7z9v38qF15cpMWI1QVcK%2FXCjSSW1kvJfJbfBmtJwfx8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d32c58699fb50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

btdb.threeproxy.net/user.php

172.67.181.59

200 OK

0 B

URL POST HTTP/3
btdb.threeproxy.net/user.php
IP
172.67.181.59:443
ASN
#13335 CLOUDFLARENET

Requested by
https://btdb.threeproxy.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectthreeproxy.net
FingerprintE2:33:C3:DA:78:EF:CD:12:85:27:FB:DB:05:9E:1A:D7:27:F3:F3:45
ValiditySun, 08 Oct 2023 04:42:31 GMT - Sat, 06 Jan 2024 04:42:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /user.php HTTP/1.1
Host: btdb.threeproxy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 39
Origin: https://btdb.threeproxy.net
DNT: 1
Connection: keep-alive
Referer: https://btdb.threeproxy.net/
Cookie: view=1; PHPSESSID=hei8j3tn0a29s0nsgcmb4029gs
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Oct 2023 12:27:30 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V2wKx9JucPQGpM8RI0txd6ebYGmJk2vjqdkggSzgAN7W%2Fc%2BeLPmcn0X5wYVjaYP3tmaq990mvAkG437dDRpQbZ1hOqwX4BzBt%2FonQ5YTJV8ye7fi4kN9t%2Bvv2JAhc1CwGWY7%2BM2n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d32c5c5c170b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by