Report - 1tamilblasters.party/

Report Overview

Visited public
2025-05-18 08:58:35
Tags
Submit Tags
URL
1tamilblasters.party/
Finishing URL
www.1tamilblasters.earth/
IP / ASN
172.67.194.109
#13335 CLOUDFLARENET
Title
1TamilBlasters Latest Tamil Malayalam Telugu Kannada Hindi HD Movies Download

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-05-14	906 B	50 kB	142.250.178.106
www.1tamilblasters.earth	unknown	unknown	No data	No data	32 kB	4.5 MB	104.21.9.212
www.1tamilblasters.spa	unknown	unknown	No data	No data	2.9 kB	11 kB	172.67.218.238
recordedthereby.com	unknown	2024-05-08	2024-05-08	2025-05-12	846 B	172 kB	185.196.197.71
vgnk2nrvyyke.l4.adsco.re	unknown	unknown	No data	No data	480 B	463 B	185.200.118.62
pubtrky.com	unknown	2023-11-21	2023-11-21	2025-05-12	506 B	530 B	172.67.188.110
vgnk2nrvyyke.n4.adsco.re	unknown	unknown	No data	No data	480 B	463 B	38.132.109.126
shotgunchancecruel.com	unknown	2024-08-20	2025-01-25	2025-05-12	6.1 kB	4.0 kB	192.243.61.227
c.adsco.re	16577	2017-02-14	2017-11-29	2025-05-15	521 B	80 kB	104.17.166.186
1tamilblasters.party	unknown	2024-12-27	2025-01-05	2025-01-05	489 B	1.7 MB	104.21.36.131
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-05-14	2.2 kB	164 kB	142.250.74.35
jauntyhatredeighty.com	unknown	2024-08-28	2024-11-26	2024-11-26	1.5 kB	154 kB	192.243.59.12
adsco.re	8541	2017-02-14	2017-04-03	2025-05-15	468 B	1.8 kB	162.252.214.5
nannyirrationalacquainted.com	unknown	2024-08-19	2025-01-22	2025-05-12	2.7 kB	2.6 kB	192.243.59.20
displayvertising.com	65650	2020-04-18	2020-04-29	2025-05-11	1.8 kB	257 B	216.59.56.9
cdn.creative-stat1.com	unknown	2024-08-20	2024-08-27	2025-05-15	2.3 kB	184 kB	172.67.133.15
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27	2025-05-14	437 B	377 B	185.196.197.72
www.displayvertising.com	124302	2020-04-18	2020-04-29	2025-05-11	481 B	38 kB	95.173.205.15
cdn.storageimagedisplay.com	unknown	2024-09-13	2024-09-13	2025-05-15	461 B	15 kB	45.133.44.1
vgnk2nrvyyke.s4.adsco.re	unknown	unknown	No data	No data	480 B	463 B	185.200.116.60
experttrafficcounter.com	unknown	2025-01-23	2025-01-24	2025-05-16	2.0 kB	1.5 kB	52.29.222.230
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-05-14	445 B	385 kB	142.250.74.136
acscdn.com	93608	2020-05-05	2020-05-06	2025-05-15	845 B	240 kB	104.18.16.201
youradexchange.com	273384	2012-11-09	2013-02-04	2025-05-15	1.5 kB	1.8 kB	172.67.177.214
4.adsco.re	19179	2017-02-14	2021-01-04	2025-05-15	897 B	0 B	0.0.0.0
6.adsco.re	17812	2017-02-14	2018-01-15	2025-05-15	897 B	1.0 kB	104.17.166.186
unseenreport.com	unknown	2022-03-30	2022-03-30	2025-05-15	1.6 kB	992 B	192.243.61.227
cdn.show-sb.com	unknown	2024-08-20	2024-08-31	2025-05-15	514 B	3.7 kB	172.67.170.115

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-05-18 08:58:17	low	Client IP	185.200.118.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-05-18 08:58:17	low	Client IP	38.132.109.186	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-05-18 08:58:17	low	Client IP	185.200.116.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-05-18	medium	nannyirrationalacquainted.com	Sinkholed
2025-05-18	medium	nannyirrationalacquainted.com	Sinkholed
2025-05-18	medium	jauntyhatredeighty.com	Sinkholed
2025-05-18	medium	recordedthereby.com	Sinkholed
2025-05-17	medium	shotgunchancecruel.com	Sinkholed
2025-05-18	medium	nannyirrationalacquainted.com	Sinkholed
2025-05-17	medium	shotgunchancecruel.com	Sinkholed
2025-05-18	medium	nannyirrationalacquainted.com	Sinkholed
2025-05-18	medium	recordedthereby.com	Sinkholed
2025-05-17	medium	shotgunchancecruel.com	Sinkholed
2025-05-17	medium	shotgunchancecruel.com	Sinkholed
2025-05-18	medium	jauntyhatredeighty.com	Sinkholed
2025-05-17	medium	shotgunchancecruel.com	Sinkholed
2025-05-18	medium	capaciousdrewreligion.com	Sinkholed
2025-05-18	medium	nannyirrationalacquainted.com	Sinkholed
2025-05-17	medium	shotgunchancecruel.com	Sinkholed
2025-05-18	medium	unseenreport.com	Sinkholed
2025-05-18	medium	unseenreport.com	Sinkholed
2025-05-17	medium	shotgunchancecruel.com	Sinkholed
2025-05-18	medium	jauntyhatredeighty.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (33)

	URL	From	Size	First Seen	Last Seen
	www.1tamilblasters.earth/	ScriptElement	153 B	2025-03-10	2025-07-04
Pretty URL www.1tamilblasters.earth/ IP 104.21.9.212 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-10 13:31 Last Seen2025-07-04 14:01 Times Seen4 Hash 02290f336ac6fbe0b0a4b5f4d0b194ee 92254bc7e50382e5a840530ca6a2376fec897303 32aeae3de55ed90953ee34e220c12a1bc5130fa330fc593b96b373e8aba3a699 Loading...

	displayvertising.com/jrfmryfdfxqviaaszg?fnqCxiHk=BQOCAAAAAAAACZUAAp8OtEE0Aa_wJL-9JJI0gwIDMRUyHnXH5jIqHubzTnKkyDclFx33gPcClBOkvkv3Huly_FLjqZf_7ojKtRtx28FlTDQSDKUScT0CXYtm5cpwKXAxTt_vbAwQO9pjokTDeh_EwQ84ev-r0jauXtvmrsveJFXVwsAjBlOjQsYKhAA7dk20h7K4QuD19GBTViL5qCnVMCdd9gynGb1V2wnQQFkiljFCb-hmdVf7_3HhhsF_uDtwT-gPPSMB_ch3S53bqPChMkX6fJZmazM4VZAYZ1YP0nNhlmZUbGWFM7192YjJH6tOzUPVWcbD-gS3VKHDjimGk4OsuJau3ClhVxIWF-Cgls7N5HXLcIaRyYY5gb4CLb7hW4wU8hwkkBtxXaTit1fYz4jsNg72ov8k430z3lN-2haUKizlors3TNOrmS7t1OfbpV2racezinNw7xlRkxDNFtxir-lxYm9j68dA5nRBGfD5XV2NTRESzv8uRA1LwFxMGRWQJUZgw_OzGPhKO9ZjzA3gyQzv0PgE_jOyk_Mwm0XoItnKgTZ49K0UgZ4ld_HEgfCGgbdARJX6bS8BlwhU8g6uL2ZhK8XoOzlWCyaD2RRiOodDNDaqHq7Xl93AnOZ2-7OtnkS4-p_FXNjHVQIvvnII2JqngI08H979DAsNRMcrxrGxrIAvitgEpRZab2567XH5_HTKzvIAy_LyiaUL1eOshzSJDkbApvxl5lI1gOobnDkMdniicf-HD2SZmmz2mkD35PriUboeVpLMLV8jyNJS96U9QolbEPka4TfvjcMQt8rPfUkE44zhF4ivI7sO9aqeTBMJvduHw36UiTBelHSaIUh2grc3UvQfmLb7oM1Yp8onmkOaOwZjxeGnfxx97LlVc9tusgAIsW6pyX3YLh8sQkSkQ_U7E9bkY--ggsVzXmX1YJsygDj6dwe6E45gN04dIvY-HE_hphCRLkVvlsthiztDB9XmdjqE0jyrAlW5gdY_jNwsMWvoMgJSWB0YH2-Qj3BpM6m0O_cKv1ZnR7sDHjJvXjCwIGMQ1L5TJLElOSHX9ln4PU_bMjjPKqOyqJFxT6JEeg5FlryatVUmgWyVphCORU9fid6VAAIhjoJrUao6MzcxCBEN3d-iJTkPlqdqT977zQewVvzhRf6bkyN5LK9-Sp253dN2V_UtW-CMLmGDi8OyIVkyNVY6&ujdsyNlq=4&CWmGHjTi=5200727&pCDoROzE=&dCoOvegN=0,0&ebnOcJtG=&qaWLPuFt=&s=1280,1024,1,1280,1024,0	ScriptElement	44 B	2023-03-07	2025-07-16
Pretty URL displayvertising.com/jrfmryfdfxqviaaszg?fnqCxiHk=BQOCAAAAAAAACZUAAp8OtEE0Aa_wJL-9JJI0gwIDMRUyHnXH5jIqHubzTnKkyDclFx33gPcClBOkvkv3Huly_FLjqZf_7ojKtRtx28FlTDQSDKUScT0CXYtm5cpwKXAxTt_vbAwQO9pjokTDeh_EwQ84ev-r0jauXtvmrsveJFXVwsAjBlOjQsYKhAA7dk20h7K4QuD19GBTViL5qCnVMCdd9gynGb1V2wnQQFkiljFCb-hmdVf7_3HhhsF_uDtwT-gPPSMB_ch3S53bqPChMkX6fJZmazM4VZAYZ1YP0nNhlmZUbGWFM7192YjJH6tOzUPVWcbD-gS3VKHDjimGk4OsuJau3ClhVxIWF-Cgls7N5HXLcIaRyYY5gb4CLb7hW4wU8hwkkBtxXaTit1fYz4jsNg72ov8k430z3lN-2haUKizlors3TNOrmS7t1OfbpV2racezinNw7xlRkxDNFtxir-lxYm9j68dA5nRBGfD5XV2NTRESzv8uRA1LwFxMGRWQJUZgw_OzGPhKO9ZjzA3gyQzv0PgE_jOyk_Mwm0XoItnKgTZ49K0UgZ4ld_HEgfCGgbdARJX6bS8BlwhU8g6uL2ZhK8XoOzlWCyaD2RRiOodDNDaqHq7Xl93AnOZ2-7OtnkS4-p_FXNjHVQIvvnII2JqngI08H979DAsNRMcrxrGxrIAvitgEpRZab2567XH5_HTKzvIAy_LyiaUL1eOshzSJDkbApvxl5lI1gOobnDkMdniicf-HD2SZmmz2mkD35PriUboeVpLMLV8jyNJS96U9QolbEPka4TfvjcMQt8rPfUkE44zhF4ivI7sO9aqeTBMJvduHw36UiTBelHSaIUh2grc3UvQfmLb7oM1Yp8onmkOaOwZjxeGnfxx97LlVc9tusgAIsW6pyX3YLh8sQkSkQ_U7E9bkY--ggsVzXmX1YJsygDj6dwe6E45gN04dIvY-HE_hphCRLkVvlsthiztDB9XmdjqE0jyrAlW5gdY_jNwsMWvoMgJSWB0YH2-Qj3BpM6m0O_cKv1ZnR7sDHjJvXjCwIGMQ1L5TJLElOSHX9ln4PU_bMjjPKqOyqJFxT6JEeg5FlryatVUmgWyVphCORU9fid6VAAIhjoJrUao6MzcxCBEN3d-iJTkPlqdqT977zQewVvzhRf6bkyN5LK9-Sp253dN2V_UtW-CMLmGDi8OyIVkyNVY6&ujdsyNlq=4&CWmGHjTi=5200727&pCDoROzE=&dCoOvegN=0,0&ebnOcJtG=&qaWLPuFt=&s=1280,1024,1,1280,1024,0 IP 216.59.56.9 ASN #53334 TUT-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17 Last Seen2025-07-16 08:34 Times Seen10890 Hash d5f0a25e4d3522d56d48ce7bc3e518fb 86794caff58f7fee6e684c2ba7195f970a8d6f4c 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5 Loading...

	www.1tamilblasters.earth/uploads/javascript_core/global_global_core.js.dcc5776d4949d5147ce2337240a36c86.js?v=4e52a1ea3c	ScriptElement	35 kB	2023-03-07	2025-07-04
Pretty URL www.1tamilblasters.earth/uploads/javascript_core/global_global_core.js.dcc5776d4949d5147ce2337240a36c86.js?v=4e52a1ea3c IP 104.21.9.212 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-07-04 14:01 Times Seen38 Hash b985d97f08a746a9e640e13b84153ac6 7a9542ba202375c9e5be922b44bd71f6d2985708 c451e968e926da4739ed2dd2a66a18f7b7c072235da7db7bce15a8ddb7acfaf8 Loading...

	jauntyhatredeighty.com/1d/01/f9/1d01f9ce6e4547da6ad284aa16eea6bf.js	ScriptElement	1.0 kB	2025-04-22	2025-05-18
Pretty URL jauntyhatredeighty.com/1d/01/f9/1d01f9ce6e4547da6ad284aa16eea6bf.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 16:11 Last Seen2025-05-18 08:58 Times Seen4 Hash 137744320333f4f3a170d2197f374f9a 7ad2eef221b63dcef2930006e447d9ebcdd1b7d0 f5101df4cf6b4ede2233bf9a2473c5aea6941d5e7a37523c5b0265d14f18ffc8 Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2025-01-25	2025-06-27
Pretty URL recordedthereby.com/sfp.js IP 185.196.197.71 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-25 09:25 Last Seen2025-06-27 06:21 Times Seen2209 Hash 108625937affa4b38bb17cea65510d72 2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0 Loading...

	www.1tamilblasters.earth/applications/chatbox/interface/livestamp/livestamp.min.js?v=4e52a1ea3c	ScriptElement	1.4 kB	2023-05-12	2025-07-04
Pretty URL www.1tamilblasters.earth/applications/chatbox/interface/livestamp/livestamp.min.js?v=4e52a1ea3c IP 104.21.9.212 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-12 06:46 Last Seen2025-07-04 14:01 Times Seen34 Hash 5ee75a2eaa8ede6e7970d33a30a2cb3b 7fd963d1d6ddfc7c37eb6f12046a3cdb6a325a36 39c4cf39499361741e077d3513620dad83835dc66092bf72f406c6eec18c7d5f Loading...

	www.1tamilblasters.earth/uploads/javascript_bimchatbox/front_front_chatbox.js.c61fe1a6cdb6fa99caec1f574e8573f8.js?v=4e52a1ea3c	ScriptElement	64 kB	2023-11-15	2025-07-04
Pretty URL www.1tamilblasters.earth/uploads/javascript_bimchatbox/front_front_chatbox.js.c61fe1a6cdb6fa99caec1f574e8573f8.js?v=4e52a1ea3c IP 104.21.9.212 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-15 15:15 Last Seen2025-07-04 14:01 Times Seen34 Hash 5e9a0816c0d2431dfb005bdf359be0ea 34d124e79c2c345bd04bb466054fc1357d10c5d4 6829fbeb4fa4793781812ff45da8b1a5c464a9c709caab261bb7187b735f2972 Loading...

	jauntyhatredeighty.com/ce/d0/50/ced0506a5584c90299ec188b96fad1c4.js	ScriptElement	1.0 kB	2025-05-18	2025-06-28
Pretty URL jauntyhatredeighty.com/ce/d0/50/ced0506a5584c90299ec188b96fad1c4.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-18 08:58 Last Seen2025-06-28 22:43 Times Seen25 Hash add9d4d3e14414cd1e21ab3eb63fedec 9a7901d4a3c991aeb3b41c71ec827056f15ca72c bb4734fdfaa3ad6e9e428299a5db3699f3e68660958dec2f14c0474e067a3775 Loading...

	acscdn.com/script/aclib.js	ScriptElement	1.0 kB	2025-04-07	2025-05-18
Pretty URL acscdn.com/script/aclib.js IP 104.18.16.201 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-07 19:31 Last Seen2025-05-18 08:58 Times Seen7 Hash 39a3cf7adecde5bcf91d1e623f52d0ee f666693b1fb5cb4914f8c3d011f3d3763a3083e0 441ad7f7dd64781032a41487edc046fc53c177dfc0ead6a6e768adcef81d459d Loading...

	www.1tamilblasters.earth/	Eval	1.0 kB	2025-01-26	2025-05-18
Pretty URL www.1tamilblasters.earth/ IP 104.21.9.212 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-01-26 04:47 Last Seen2025-05-18 08:58 Times Seen2 Hash 36bb43a94c6de8869a6890721ae99950 2ed21a168ca53e5ed05ea039eadae0f1ad04a584 36bd6639d3e29d1719263d7f564e3d5a7e271fc83070d69744fb5aa5c755cdf5 Loading...

	www.1tamilblasters.earth/	ScriptElement	568 B	2023-03-07	2025-06-25
Pretty URL www.1tamilblasters.earth/ IP 104.21.9.212 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:18 Last Seen2025-06-25 09:49 Times Seen41 Hash f34c2d8ba96226cec8444f00b41b074c 80ba9248f2527f6a58c19473975d3f12ec0863d9 744dc6321ed6e38b904d7811d8353d8efa2faddabab50ecc8d9d9bbad3682366 Loading...

	www.1tamilblasters.earth/uploads/javascript_global/root_front.js.da1f2914d5c1797a744eefea491fc048.js?v=4e52a1ea3c	ScriptElement	1.0 kB	2025-05-18	2025-05-18
Pretty URL www.1tamilblasters.earth/uploads/javascript_global/root_front.js.da1f2914d5c1797a744eefea491fc048.js?v=4e52a1ea3c IP 104.21.9.212 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-18 08:58 Last Seen2025-05-18 08:58 Times Seen1 Hash 7d2987e2cdfd7bebe1e602eb6f526ef9 9994db864978f535e9d6312e967c53fa49e2f200 9b8d87ed6dafdf115224bf9fcc9e109f905b8e09c925b570dcc1f612048c000f Loading...

	www.googletagmanager.com/gtag/js?id=G-VVY9CWDB5S	ScriptElement	1.0 kB	2025-05-18	2025-05-18
Pretty URL www.googletagmanager.com/gtag/js?id=G-VVY9CWDB5S IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-18 08:58 Last Seen2025-05-18 08:58 Times Seen1 Hash e64ce6c4bc43e2fee61777dd5aa56c9c 7af2f88da40b2f2c8205a869bde5efe0818c9901 7c5ddef8d4268a531e0c405e57acc1eb3094876e9adb205abc03fd0f24929daa Loading...

	www.1tamilblasters.earth/	Function	166 B	2023-04-14	2025-07-16
Pretty URL www.1tamilblasters.earth/ IP 104.21.9.212 ASN #13335 CLOUDFLARENET Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 06:36 Last Seen2025-07-16 08:28 Times Seen532 Hash b3e842a6c0f384dd341556f48a584fa1 ae83201c7d3a8c7f08b46557c85a214329b31872 ebf5058ae600c9966d2c3ef0835639c0d0702743c378ffb1c7b5e47c0b5176bb Loading...

	about:blank	JavascriptURL	5 B	2023-03-07	2025-07-16
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by javascriptURL Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-16 08:34 Times Seen31330 Hash 68934a3e9455fa72420237eb05902327 7cb6efb98ba5972a9b5090dc2e517fe14d12cb04 fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa Loading...

	www.1tamilblasters.earth/	ScriptElement	838 B	2025-05-18	2025-05-18
Pretty URL www.1tamilblasters.earth/ IP 104.21.9.212 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-18 08:58 Last Seen2025-05-18 08:58 Times Seen1 Hash c04806c7f2968e1013597ee3a7b519e7 2ea93fd494ab31c619c77cc164a8e98d4a286f80 529b9ba0560defb7a6fca8071bbfc35e9662ae9785f7d373d1e8038f674687c6 Loading...

	acscdn.com/script/suv5.js	ScriptElement	96 kB	2025-05-14	2025-05-18
Pretty URL acscdn.com/script/suv5.js IP 104.18.16.201 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-14 06:19 Last Seen2025-05-18 17:01 Times Seen11 Hash 2da4397b2985f6204274c4395920cc39 bcc00806745a04b2fd6262eb970cdb822d8b9a8e 421dbe24ca9deca94f451fdb9c02f16838d1bd5cfab5d442cb8dc6fd888b22dd Loading...

	www.1tamilblasters.earth/uploads/javascript_global/root_library.js.c4436661c63e41c7340b9bb9db31b550.js?v=4e52a1ea3c	ScriptElement	374 kB	2023-03-07	2025-07-09
Pretty URL www.1tamilblasters.earth/uploads/javascript_global/root_library.js.c4436661c63e41c7340b9bb9db31b550.js?v=4e52a1ea3c IP 104.21.9.212 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-07-09 05:35 Times Seen46 Hash 46963bd221ad819a26b91b6d5b9ac7a5 6db502e39de3d3a548ce2c3fac661f8166d7a417 6a1f8f243c85f0023dcf30a77a626a1885076cbcc5e268129f6e1f978713df3f Loading...

	www.1tamilblasters.earth/uploads/javascript_chatbox/front_front_chatbox.js.2c9c60eb8bff035a501a07c037bbebba.js?v=4e52a1ea3c	ScriptElement	1.0 kB	2025-05-18	2025-05-18
Pretty URL www.1tamilblasters.earth/uploads/javascript_chatbox/front_front_chatbox.js.2c9c60eb8bff035a501a07c037bbebba.js?v=4e52a1ea3c IP 104.21.9.212 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-18 08:58 Last Seen2025-05-18 08:58 Times Seen1 Hash a9e079018730c11735ce3cd1c96e1ae4 393be3b379c18d21ee11c29bc42ddf5914ea5dac 9c1bbe4ac2babb63ef6fd48622cc43c3f39170fe36e0be1beecf1ec9696d1659 Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2025-01-25	2025-06-27
Pretty URL recordedthereby.com/sfp.js IP 185.196.197.71 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-25 09:25 Last Seen2025-06-27 06:21 Times Seen2209 Hash 108625937affa4b38bb17cea65510d72 2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0 Loading...

	www.1tamilblasters.earth/uploads/javascript_global/root_js_lang_1.js.c5092d64f590d18b74b3689e0151034a.js?v=4e52a1ea3c	ScriptElement	98 kB	2023-12-02	2025-07-04
Pretty URL www.1tamilblasters.earth/uploads/javascript_global/root_js_lang_1.js.c5092d64f590d18b74b3689e0151034a.js?v=4e52a1ea3c IP 104.21.9.212 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-02 19:42 Last Seen2025-07-04 14:01 Times Seen33 Hash 6febbd23d416d415c4fd4fc56b9247e5 c3816e817f4e5562c5456061058c586f5dad60fb bb00b8c630ba631167e65baea9c1a9b086328c2dcf50e761d7ab6cb6abd32723 Loading...

	www.1tamilblasters.earth/uploads/javascript_global/root_map.js.59badda12ea710e0a55c03d949d55afa.js?v=4e52a1ea3c	ScriptElement	2.2 kB	2025-05-18	2025-05-18
Pretty URL www.1tamilblasters.earth/uploads/javascript_global/root_map.js.59badda12ea710e0a55c03d949d55afa.js?v=4e52a1ea3c IP 104.21.9.212 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-18 08:58 Last Seen2025-05-18 08:58 Times Seen1 Hash 46bf94af825337703ace622a0bce3a7a ef15b6d17be0066e9db676f3a3a8568111954353 456cd5a9cc4be16a0951c19236af64b82f2ebedbd97c4e5664e84b5d55444866 Loading...

	www.1tamilblasters.earth/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	8.4 kB	2025-05-18	2025-05-18
Pretty URL www.1tamilblasters.earth/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.21.9.212 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-18 08:58 Last Seen2025-05-18 08:58 Times Seen1 Hash 64ebfcf21cfd99b2d856d1f123601a03 e49ba00e92ecbfd4ff66b214e9a8f07d4f196ede 1f857f24baf072dcc9186d59ea2811567dd5b2d69bedc522f2fb8cc057e9a462 Loading...

	c.adsco.re/#0.9429836095201803	ScriptElement	486 B	2023-03-07	2025-07-16
Pretty URL c.adsco.re/#0.9429836095201803 IP 104.17.166.186 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 08:34 Times Seen2025 Hash 77c8287be10ff4b66a8490ca4d999917 7fccb364c5e22958503bcd8b92cdb648d5c4c96e c2d43195d015b5856873b3b0c6e717ee21599ca3f03f820b7c325f27b9b6a31d Loading...

	www.1tamilblasters.earth/uploads/javascript_cms/front_app.js.beafb2de185a01f905cb1950589f0ed7.js?v=4e52a1ea3c	ScriptElement	3.1 kB	2023-03-07	2025-07-04
Pretty URL www.1tamilblasters.earth/uploads/javascript_cms/front_app.js.beafb2de185a01f905cb1950589f0ed7.js?v=4e52a1ea3c IP 104.21.9.212 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-07-04 14:01 Times Seen20 Hash 034012e999eecd926cbf9a5f5eb84463 86a9c8fe8c6c5bdf3aa3d6f8d0d48696c1b1aeb6 7727a5560890b1fb5e041288ba47aeea77965919a56c5a68522861a2c6924980 Loading...

	cdn.creative-stat1.com/sb/chat/mob/ssp/1/js/jquery.min.js	ScriptElement	90 kB	2023-03-07	2025-07-16
Pretty URL cdn.creative-stat1.com/sb/chat/mob/ssp/1/js/jquery.min.js IP 172.67.133.15 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:04 Last Seen2025-07-16 08:41 Times Seen2793 Hash 561acb3e541133bbdd2c0c19f8ee35a1 ffd1353cf3f77d25f801c84d8208613eb0d3d548 9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc Loading...

	www.1tamilblasters.earth/	ScriptElement	7.1 kB	2025-05-18	2025-05-18
Pretty URL www.1tamilblasters.earth/ IP 104.21.9.212 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-18 08:58 Last Seen2025-05-18 08:58 Times Seen1 Hash d2eaac4a79fd62b14640277c3332dc16 cb1264a5a92d4e0c225ce647906bb086ccef0731 4ebdc416887cad7be8df67a06cd12322f71fec70d1b6b9ec8f03099f02b5a8f5 Loading...

	about:blank	ScriptElement	564 B	2025-05-18	2025-05-18
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-18 08:58 Last Seen2025-05-18 08:58 Times Seen1 Hash 0269bc4b9b629547f14d0b032cec6c9f bcf6f91d79f4ba7ba412c758df353cc1cecea16b 029b0847a4bcc523392cca4f205dc25aba8b339bc640ed83e09e824607702188 Loading...

	about:blank	ScriptElement	236 B	2025-05-18	2025-05-18
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-18 08:58 Last Seen2025-05-18 08:58 Times Seen1 Hash adc2988a2f30771070a5e64ac9bf9bb8 346574c4822a63ffc6b214fcbbdbaad595651e30 2c1b564bf8f606d35b0ff96297e6ecb7bf2dd9436b5ed9e5c8ee7744831501d6 Loading...

	www.1tamilblasters.earth/uploads/javascript_global/root_framework.js.d44ec8a5048a9bda5f302ddf96cb5159.js?v=4e52a1ea3c	ScriptElement	402 kB	2023-03-07	2025-07-04
Pretty URL www.1tamilblasters.earth/uploads/javascript_global/root_framework.js.d44ec8a5048a9bda5f302ddf96cb5159.js?v=4e52a1ea3c IP 104.21.9.212 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-07-04 14:01 Times Seen38 Hash 12f84a3bebd926e6b393700fc134f7a6 e1b3a3baa95328617d15de1c1a11458786ddcaf1 0a3854371b69cee51a3529ff60be1471b7b9a6965c7a05b2f99712376c1ec15d Loading...

	www.1tamilblasters.earth/	Function	164 B	2023-04-14	2025-07-16
Pretty URL www.1tamilblasters.earth/ IP 104.21.9.212 ASN #13335 CLOUDFLARENET Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 06:36 Last Seen2025-07-16 08:28 Times Seen539 Hash b750e6c6113e9f8c308d46e706440977 d594ae97a1ff12e12846a8fc62dc153d45223b7f 1f833e4732eb802ef961cf2b0dc34fc95839c03054c4a5bec0a541b4f062a487 Loading...

	www.1tamilblasters.earth/	Function	163 B	2023-04-14	2025-07-16
Pretty URL www.1tamilblasters.earth/ IP 104.21.9.212 ASN #13335 CLOUDFLARENET Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 06:36 Last Seen2025-07-16 08:28 Times Seen540 Hash 411867b319241d427a5b90e512a1e738 77c9861729f51f36501e4aaa7a4f8bda898b40b1 c1c19f5ec30646ad750d86fc0dd2fdc2b6e08f3939a3f7cbfd94ec8c1c379f81 Loading...

	www.1tamilblasters.earth/applications/chatbox/interface/livestamp/moment.js?v=4e52a1ea3c	ScriptElement	336 kB	2023-03-07	2025-07-04
Pretty URL www.1tamilblasters.earth/applications/chatbox/interface/livestamp/moment.js?v=4e52a1ea3c IP 104.21.9.212 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01 Last Seen2025-07-04 14:01 Times Seen37 Hash c741de861d86c1afc0544b28c92ab9ff b8415c7c614987c760917e59e01f00c5f59768ea a1aa4afb56406d1395a2fcb23caf6bff467744bd4956fdd48507506e44abca24 Loading...

HTTP Transactions (108)

URL IP Response Size

GET fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i

142.250.178.106

200 OK

32 kB

URL GET
fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i
IP
142.250.178.106:443
ASN
#15169 GOOGLE

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7A:29:E6:A8:BE:59:2C:AE:82:2D:CA:8E:15:89:41:BE:EC:D2:0D:EA
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
ASCII text, with very long lines (1572)
Size
32 kB (32400 bytes)
Hash
4cf74f8e1b260912a674611c1bb60b2d
fa3b194d0bbb6b0df5527d135013648454257509
fb3a2b23f7374cd6d5c4365c61fa9ee7a8a5b0a477e73e9e65ef92b78204befe

HTTP Headers

GET /css?family=Roboto:300,300i,400,400i,700,700i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.1tamilblasters.earth/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 18 May 2025 08:58:12 GMT
date: Sun, 18 May 2025 08:58:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint15:8B:D4:EA:7E:CB:34:1B:6F:2E:20:9E:39:44:7A:D6:D7:30:26:AB
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 May 2025 10:03:46 GMT
expires: Fri, 15 May 2026 10:03:46 GMT
cache-control: public, max-age=31536000
age: 255267
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

POST pubtrky.com/ut/hb.php?cb=0.4245542204728908&v=1

172.67.188.110

204 No Content

0 B

URL POST
pubtrky.com/ut/hb.php?cb=0.4245542204728908&v=1
IP
172.67.188.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subjectpubtrky.com
FingerprintD1:DF:C8:94:03:32:97:45:6F:1A:E3:AD:EE:EC:22:B8:E7:5C:6F:27
ValidityMon, 05 May 2025 10:34:21 GMT - Sun, 03 Aug 2025 11:31:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /ut/hb.php?cb=0.4245542204728908&v=1 HTTP/1.1
Host: pubtrky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 1481
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Sun, 18 May 2025 08:58:15 GMT
server: cloudflare
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=vDejrFi2ypp7o0M5wjpr1fIyYYGmHmQX%2BsEC7K1SK6ZO3KQ6Dr493govCHSR4w%2F%2B2kRxs5o2W8ujzVKLTc9PI85jVyXS32s1yw%3D%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 941a26d4a8d95688-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.1tamilblasters.earth/applications/chatbox/interface/livestamp/livestamp.min.js?v=4e52a1ea3c

104.21.9.212

200 OK

1.4 kB

URL GET
www.1tamilblasters.earth/applications/chatbox/interface/livestamp/livestamp.min.js?v=4e52a1ea3c
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
JavaScript source, ASCII text, with very long lines (520), with CRLF line terminators
Size
1.4 kB (1418 bytes)
Hash
5ee75a2eaa8ede6e7970d33a30a2cb3b
7fd963d1d6ddfc7c37eb6f12046a3cdb6a325a36
39c4cf39499361741e077d3513620dad83835dc66092bf72f406c6eec18c7d5f

HTTP Headers

GET /applications/chatbox/interface/livestamp/livestamp.min.js?v=4e52a1ea3c HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8czReDGnXOxTKeomKfbTwwDwlVEuVULuh%2BMAodYbUd7sESNiOH7yXLvVaEnBw6aeO%2B92UY4PoA%2FXIntpaI%2FPTjSZVptjFt7mn%2FWAb%2B7izS3fxD4A%2B%2BPzH3EYlFnn5yECSB8FpJjjn4gIRb0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Sun, 26 Nov 2023 16:04:25 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: HIT
age: 791
content-encoding: br
cf-ray: 941a26c0e91c1c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3516&min_rtt=597&rtt_var=2816&sent=281&recv=174&lost=0&retrans=0&sent_bytes=200873&recv_bytes=17535&delivery_rate=3919593&cwnd=102000&unsent_bytes=0&cid=368ce31e545f4529&ts=274&x=16"

GET www.1tamilblasters.earth/uploads/javascript_global/root_front.js.da1f2914d5c1797a744eefea491fc048.js?v=4e52a1ea3c

104.21.9.212

200 OK

103 kB

URL GET
www.1tamilblasters.earth/uploads/javascript_global/root_front.js.da1f2914d5c1797a744eefea491fc048.js?v=4e52a1ea3c
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (2853)
Size
103 kB (102597 bytes)
Hash
5a3ac4063a8a4600ae0bd6a4e009e81f
785140a20352aed99cdd4a3316b46eb90d65668c
fb1a5c8f738456fc3d945fa837c7f2ea7d5f4f8ced2af58481c03fb7c57661ee

HTTP Headers

GET /uploads/javascript_global/root_front.js.da1f2914d5c1797a744eefea491fc048.js?v=4e52a1ea3c HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:11 GMT
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DTypu85DRXfu2%2Fic8VxKz3fH5gH9MP%2Fdp%2Ft4uSV9xDcq05s4FhpTzFIdsR49ix2rPcyapjo3l06U7wIelyKkkz5tbT2U1tSpB9bcRu1f19emjaAycAMhTSHKi4xroEI2eR%2B%2B9Om7yYXejZc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Fri, 16 May 2025 20:04:30 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
age: 790
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 941a26c0e91e1c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2954&min_rtt=597&rtt_var=1649&sent=188&recv=169&lost=0&retrans=0&sent_bytes=92821&recv_bytes=15673&delivery_rate=2487463&cwnd=48000&unsent_bytes=0&cid=368ce31e545f4529&ts=268&x=16"

GET www.1tamilblasters.earth/se1/_appcss/forums_responsive.css

104.21.9.212

200 OK

7.4 kB

URL GET
www.1tamilblasters.earth/se1/_appcss/forums_responsive.css
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
ASCII text, with very long lines (7353), with no line terminators
Size
7.4 kB (7353 bytes)
Hash
1c575ccb6bca2c525d6d0d6f5818cec8
163eecfc5087b0058006054d8bbc512310b5c648
f0bec4e20bc4af56f95159be1e6dd93c1150eae46e1aabd71db1b5d937af44bb

HTTP Headers

GET /se1/_appcss/forums_responsive.css HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6nWd%2BQpT5kltrin1mm7KJGnCtuLZPxQGVPH%2FJZCyFXe4qoGBhj2%2Fnn1tQNlFNo8%2BJQvWfc4SMFcqODzjYKiGsa62RQQuUr0hdeiB9z2RNgaavGahMAkMnGtIfehp2xtr6RFPGGLDZavrwlI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 19:59:59 GMT
last-modified: Tue, 22 Oct 2024 15:42:38 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 133093
content-encoding: br
cf-ray: 941a26c169471c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3737&min_rtt=597&rtt_var=2540&sent=622&recv=186&lost=0&retrans=0&sent_bytes=585859&recv_bytes=22249&delivery_rate=83463&cwnd=268200&unsent_bytes=0&cid=368ce31e545f4529&ts=348&x=16"

GET www.1tamilblasters.spa/se1/applications/core/interface/font/fontawesome-webfont.ttf?v=4.7.0

172.67.218.238

404 Not Found

1.3 kB

URL GET
www.1tamilblasters.spa/se1/applications/core/interface/font/fontawesome-webfont.ttf?v=4.7.0
IP
172.67.218.238:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.spa
FingerprintED:6D:01:D8:6F:DA:22:61:F6:D8:EE:94:F1:04:37:60:D1:10:9E:17
ValidityThu, 15 May 2025 11:22:21 GMT - Wed, 13 Aug 2025 12:20:54 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
1.3 kB (1251 bytes)
Hash
8150f458ed6fb9b1db4e5cfa57a1a281
6e5726854d28687b560d7fdcb5c782c425c7dfb9
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

HTTP Headers

GET /se1/applications/core/interface/font/fontawesome-webfont.ttf?v=4.7.0 HTTP/1.1
Host: www.1tamilblasters.spa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sun, 18 May 2025 08:58:14 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
content-encoding: br
cf-ray: 941a26d1bb991c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=35moYU8ZLnAT%2FEeKAvR%2F1aAqS%2BTH65dyCBH901hMaZr5JGsmV4ItMFld7TDA%2FTNxa0Nsv2dxljirgUY14QpLkgL08wxyaJWG6v7Z73%2F82vpuKti1sxRwFNuSCm3xE%2FqS02abIAPggQZq"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5402&min_rtt=1524&rtt_var=4121&sent=22&recv=14&lost=0&retrans=0&sent_bytes=7353&recv_bytes=2245&delivery_rate=1326353&cwnd=12000&unsent_bytes=0&cid=709dd1adf76c1e67&ts=577&x=16"

POST nannyirrationalacquainted.com/pixel/pure

192.243.59.20

200 OK

0 B

URL POST
nannyirrationalacquainted.com/pixel/pure
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerLet's Encrypt
Subjectnannyirrationalacquainted.com
Fingerprint02:A2:15:3C:6C:15:16:0E:78:8F:56:09:21:EA:27:04:2D:EC:D5:E2
ValiditySun, 20 Apr 2025 00:43:48 GMT - Sat, 19 Jul 2025 00:43:47 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /pixel/pure HTTP/1.1
Host: nannyirrationalacquainted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 73
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 18 May 2025 08:58:15 GMT
Content-Length: 0
Connection: keep-alive
Host: nannyirrationalacquainted.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

POST vgnk2nrvyyke.n4.adsco.re/

38.132.109.126

200 OK

0 B

URL POST
vgnk2nrvyyke.n4.adsco.re/
IP
38.132.109.126:443
ASN
#9009 M247 Europe SRL

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerLet's Encrypt
Subject*.n4.adsco.re
FingerprintEB:C6:B8:97:D3:9D:38:6F:22:4B:ED:17:B4:B6:9C:E0:30:A8:06:1E
ValiditySat, 19 Apr 2025 09:14:20 GMT - Fri, 18 Jul 2025 09:14:19 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST / HTTP/1.1
Host: vgnk2nrvyyke.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 18 May 2025 08:58:17 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 16 Jun 2023 08:37:42 GMT
etag: "648c1f56-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint15:8B:D4:EA:7E:CB:34:1B:6F:2E:20:9E:39:44:7A:D6:D7:30:26:AB
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 May 2025 10:03:46 GMT
expires: Fri, 15 May 2026 10:03:46 GMT
cache-control: public, max-age=31536000
age: 255271
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET displayvertising.com/jrfmryfdfxqviaaszg?fnqCxiHk=BQOCAAAAAAAACZUAAp8OtEE0Aa_wJL-9JJI0gwIDMRUyHnXH5jIqHubzTnKkyDclFx33gPcClBOkvkv3Huly_FLjqZf_7ojKtRtx28FlTDQSDKUScT0CXYtm5cpwKXAxTt_vbAwQO9pjokTDeh_EwQ84ev-r0jauXtvmrsveJFXVwsAjBlOjQsYKhAA7dk20h7K4QuD19GBTViL5qCnVMCdd9gynGb1V2wnQQFkiljFCb-hmdVf7_3HhhsF_uDtwT-gPPSMB_ch3S53bqPChMkX6fJZmazM4VZAYZ1YP0nNhlmZUbGWFM7192YjJH6tOzUPVWcbD-gS3VKHDjimGk4OsuJau3ClhVxIWF-Cgls7N5HXLcIaRyYY5gb4CLb7hW4wU8hwkkBtxXaTit1fYz4jsNg72ov8k430z3lN-2haUKizlors3TNOrmS7t1OfbpV2racezinNw7xlRkxDNFtxir-lxYm9j68dA5nRBGfD5XV2NTRESzv8uRA1LwFxMGRWQJUZgw_OzGPhKO9ZjzA3gyQzv0PgE_jOyk_Mwm0XoItnKgTZ49K0UgZ4ld_HEgfCGgbdARJX6bS8BlwhU8g6uL2ZhK8XoOzlWCyaD2RRiOodDNDaqHq7Xl93AnOZ2-7OtnkS4-p_FXNjHVQIvvnII2JqngI08H979DAsNRMcrxrGxrIAvitgEpRZab2567XH5_HTKzvIAy_LyiaUL1eOshzSJDkbApvxl5lI1gOobnDkMdniicf-HD2SZmmz2mkD35PriUboeVpLMLV8jyNJS96U9QolbEPka4TfvjcMQt8rPfUkE44zhF4ivI7sO9aqeTBMJvduHw36UiTBelHSaIUh2grc3UvQfmLb7oM1Yp8onmkOaOwZjxeGnfxx97LlVc9tusgAIsW6pyX3YLh8sQkSkQ_U7E9bkY--ggsVzXmX1YJsygDj6dwe6E45gN04dIvY-HE_hphCRLkVvlsthiztDB9XmdjqE0jyrAlW5gdY_jNwsMWvoMgJSWB0YH2-Qj3BpM6m0O_cKv1ZnR7sDHjJvXjCwIGMQ1L5TJLElOSHX9ln4PU_bMjjPKqOyqJFxT6JEeg5FlryatVUmgWyVphCORU9fid6VAAIhjoJrUao6MzcxCBEN3d-iJTkPlqdqT977zQewVvzhRf6bkyN5LK9-Sp253dN2V_UtW-CMLmGDi8OyIVkyNVY6&ujdsyNlq=4&CWmGHjTi=5200727&pCDoROzE=&dCoOvegN=0,0&ebnOcJtG=&qaWLPuFt=&s=1280,1024,1,1280,1024,0

216.59.56.9

200 OK

44 B

URL GET
displayvertising.com/jrfmryfdfxqviaaszg?fnqCxiHk=BQOCAAAAAAAACZUAAp8OtEE0Aa_wJL-9JJI0gwIDMRUyHnXH5jIqHubzTnKkyDclFx33gPcClBOkvkv3Huly_FLjqZf_7ojKtRtx28FlTDQSDKUScT0CXYtm5cpwKXAxTt_vbAwQO9pjokTDeh_EwQ84ev-r0jauXtvmrsveJFXVwsAjBlOjQsYKhAA7dk20h7K4QuD19GBTViL5qCnVMCdd9gynGb1V2wnQQFkiljFCb-hmdVf7_3HhhsF_uDtwT-gPPSMB_ch3S53bqPChMkX6fJZmazM4VZAYZ1YP0nNhlmZUbGWFM7192YjJH6tOzUPVWcbD-gS3VKHDjimGk4OsuJau3ClhVxIWF-Cgls7N5HXLcIaRyYY5gb4CLb7hW4wU8hwkkBtxXaTit1fYz4jsNg72ov8k430z3lN-2haUKizlors3TNOrmS7t1OfbpV2racezinNw7xlRkxDNFtxir-lxYm9j68dA5nRBGfD5XV2NTRESzv8uRA1LwFxMGRWQJUZgw_OzGPhKO9ZjzA3gyQzv0PgE_jOyk_Mwm0XoItnKgTZ49K0UgZ4ld_HEgfCGgbdARJX6bS8BlwhU8g6uL2ZhK8XoOzlWCyaD2RRiOodDNDaqHq7Xl93AnOZ2-7OtnkS4-p_FXNjHVQIvvnII2JqngI08H979DAsNRMcrxrGxrIAvitgEpRZab2567XH5_HTKzvIAy_LyiaUL1eOshzSJDkbApvxl5lI1gOobnDkMdniicf-HD2SZmmz2mkD35PriUboeVpLMLV8jyNJS96U9QolbEPka4TfvjcMQt8rPfUkE44zhF4ivI7sO9aqeTBMJvduHw36UiTBelHSaIUh2grc3UvQfmLb7oM1Yp8onmkOaOwZjxeGnfxx97LlVc9tusgAIsW6pyX3YLh8sQkSkQ_U7E9bkY--ggsVzXmX1YJsygDj6dwe6E45gN04dIvY-HE_hphCRLkVvlsthiztDB9XmdjqE0jyrAlW5gdY_jNwsMWvoMgJSWB0YH2-Qj3BpM6m0O_cKv1ZnR7sDHjJvXjCwIGMQ1L5TJLElOSHX9ln4PU_bMjjPKqOyqJFxT6JEeg5FlryatVUmgWyVphCORU9fid6VAAIhjoJrUao6MzcxCBEN3d-iJTkPlqdqT977zQewVvzhRf6bkyN5LK9-Sp253dN2V_UtW-CMLmGDi8OyIVkyNVY6&ujdsyNlq=4&CWmGHjTi=5200727&pCDoROzE=&dCoOvegN=0,0&ebnOcJtG=&qaWLPuFt=&s=1280,1024,1,1280,1024,0
IP
216.59.56.9:443
ASN
#53334 TUT-AS

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerSectigo Limited
Subjectdisplayvertising.com
FingerprintBB:A7:E2:24:FF:EC:EC:B7:A1:F9:77:02:9A:AB:B1:8A:AD:9C:95:5F
ValidityFri, 04 Apr 2025 00:00:00 GMT - Tue, 05 May 2026 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
44 B (44 bytes)
Hash
d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

HTTP Headers

GET /jrfmryfdfxqviaaszg?fnqCxiHk=BQOCAAAAAAAACZUAAp8OtEE0Aa_wJL-9JJI0gwIDMRUyHnXH5jIqHubzTnKkyDclFx33gPcClBOkvkv3Huly_FLjqZf_7ojKtRtx28FlTDQSDKUScT0CXYtm5cpwKXAxTt_vbAwQO9pjokTDeh_EwQ84ev-r0jauXtvmrsveJFXVwsAjBlOjQsYKhAA7dk20h7K4QuD19GBTViL5qCnVMCdd9gynGb1V2wnQQFkiljFCb-hmdVf7_3HhhsF_uDtwT-gPPSMB_ch3S53bqPChMkX6fJZmazM4VZAYZ1YP0nNhlmZUbGWFM7192YjJH6tOzUPVWcbD-gS3VKHDjimGk4OsuJau3ClhVxIWF-Cgls7N5HXLcIaRyYY5gb4CLb7hW4wU8hwkkBtxXaTit1fYz4jsNg72ov8k430z3lN-2haUKizlors3TNOrmS7t1OfbpV2racezinNw7xlRkxDNFtxir-lxYm9j68dA5nRBGfD5XV2NTRESzv8uRA1LwFxMGRWQJUZgw_OzGPhKO9ZjzA3gyQzv0PgE_jOyk_Mwm0XoItnKgTZ49K0UgZ4ld_HEgfCGgbdARJX6bS8BlwhU8g6uL2ZhK8XoOzlWCyaD2RRiOodDNDaqHq7Xl93AnOZ2-7OtnkS4-p_FXNjHVQIvvnII2JqngI08H979DAsNRMcrxrGxrIAvitgEpRZab2567XH5_HTKzvIAy_LyiaUL1eOshzSJDkbApvxl5lI1gOobnDkMdniicf-HD2SZmmz2mkD35PriUboeVpLMLV8jyNJS96U9QolbEPka4TfvjcMQt8rPfUkE44zhF4ivI7sO9aqeTBMJvduHw36UiTBelHSaIUh2grc3UvQfmLb7oM1Yp8onmkOaOwZjxeGnfxx97LlVc9tusgAIsW6pyX3YLh8sQkSkQ_U7E9bkY--ggsVzXmX1YJsygDj6dwe6E45gN04dIvY-HE_hphCRLkVvlsthiztDB9XmdjqE0jyrAlW5gdY_jNwsMWvoMgJSWB0YH2-Qj3BpM6m0O_cKv1ZnR7sDHjJvXjCwIGMQ1L5TJLElOSHX9ln4PU_bMjjPKqOyqJFxT6JEeg5FlryatVUmgWyVphCORU9fid6VAAIhjoJrUao6MzcxCBEN3d-iJTkPlqdqT977zQewVvzhRf6bkyN5LK9-Sp253dN2V_UtW-CMLmGDi8OyIVkyNVY6&ujdsyNlq=4&CWmGHjTi=5200727&pCDoROzE=&dCoOvegN=0,0&ebnOcJtG=&qaWLPuFt=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: displayvertising.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
popads-node: wb4
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Sun, 18 May 2025 08:58:18 GMT
X-Firefox-Spdy: h2

GET www.1tamilblasters.earth/se1/_appcss/core1.css

104.21.9.212

200 OK

18 kB

URL GET
www.1tamilblasters.earth/se1/_appcss/core1.css
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
ASCII text, with very long lines (17911), with no line terminators
Size
18 kB (17911 bytes)
Hash
824f28109e386021e0e22a6b3add38ed
f327365984eff11842525807c7cfe7ba918b7f01
b934e67b83c11f6f3172a5c6feaba1faebbc34128e2ed4c35174c56d142b9b20

HTTP Headers

GET /se1/_appcss/core1.css HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a6MTF9RPEEJJ%2BImtYULn2nhz6LeuuAoT2vhVt%2Fo90gZAD8wM4D%2BE0SKtoqyj%2FGu2OeCVHRMI7q3OwKOXwpUCFM5HN%2BrUg%2Bko3oEEJ6Ed1Zjb0hmxWCCYy37BWNQJZ3IcgwyuOWSgufH3zuc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 19:59:59 GMT
last-modified: Thu, 15 May 2025 13:04:17 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
age: 133092
cf-cache-status: HIT
content-encoding: br
cf-ray: 941a26c1192b1c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3288&min_rtt=597&rtt_var=2087&sent=466&recv=179&lost=0&retrans=0&sent_bytes=415169&recv_bytes=19331&delivery_rate=2691747&cwnd=208800&unsent_bytes=0&cid=368ce31e545f4529&ts=294&x=16"

GET www.1tamilblasters.spa/se1/applications/core/interface/font/fontawesome-webfont.woff2?v=4.7.0

172.67.218.238

404 Not Found

1.3 kB

URL GET
www.1tamilblasters.spa/se1/applications/core/interface/font/fontawesome-webfont.woff2?v=4.7.0
IP
172.67.218.238:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.spa
FingerprintED:6D:01:D8:6F:DA:22:61:F6:D8:EE:94:F1:04:37:60:D1:10:9E:17
ValidityThu, 15 May 2025 11:22:21 GMT - Wed, 13 Aug 2025 12:20:54 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
1.3 kB (1251 bytes)
Hash
8150f458ed6fb9b1db4e5cfa57a1a281
6e5726854d28687b560d7fdcb5c782c425c7dfb9
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

HTTP Headers

GET /se1/applications/core/interface/font/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.1tamilblasters.spa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Sun, 18 May 2025 08:58:13 GMT
content-type: text/html
server: cloudflare
x-content-type-options: nosniff
cf-ray: 941a26c80fba569f-OSL
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1BfpElet%2FY0YGmTOlzlQtPv%2F1oWx1bHC5rHekr2bCnTQqSIDAo89M2Vpj8KrMdIWVw5YtSkXiMSzRkI81%2BThKpYjEMuHuqiZl1yEUBBfrc07EbDFXOD%2BpE%2B0sLAv3k8GXk2AE1zShnDY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6199&min_rtt=427&rtt_var=11533&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3218&recv_bytes=1186&delivery_rate=8227272&cwnd=251&unsent_bytes=0&cid=6c07a7676a9d8aba&ts=97&x=0"
X-Firefox-Spdy: h2

GET www.1tamilblasters.spa/se1/applications/core/interface/font/icomoon.woff?v=-29n77j

172.67.218.238

404 Not Found

1.3 kB

URL GET
www.1tamilblasters.spa/se1/applications/core/interface/font/icomoon.woff?v=-29n77j
IP
172.67.218.238:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.spa
FingerprintED:6D:01:D8:6F:DA:22:61:F6:D8:EE:94:F1:04:37:60:D1:10:9E:17
ValidityThu, 15 May 2025 11:22:21 GMT - Wed, 13 Aug 2025 12:20:54 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
1.3 kB (1251 bytes)
Hash
8150f458ed6fb9b1db4e5cfa57a1a281
6e5726854d28687b560d7fdcb5c782c425c7dfb9
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

HTTP Headers

GET /se1/applications/core/interface/font/icomoon.woff?v=-29n77j HTTP/1.1
Host: www.1tamilblasters.spa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Sun, 18 May 2025 08:58:14 GMT
content-type: text/html
server: cloudflare
x-content-type-options: nosniff
cf-ray: 941a26ce890d569f-OSL
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XARgazcmllqhbHdLM%2F3If7UxMwx5o94UoZIn%2F9jGY4BOJH%2FwI0RkfmX73C5az15MrEYLXYJnRIKyjjmL%2FThv4TOr4FyYIxyf3qjNShoAAvSGi%2BG5Lb3WDWFyK%2BIaIDs7U06tLmqWRvRg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4296&min_rtt=416&rtt_var=7728&sent=12&recv=15&lost=0&retrans=0&sent_bytes=5267&recv_bytes=1296&delivery_rate=8227272&cwnd=254&unsent_bytes=0&cid=6c07a7676a9d8aba&ts=1127&x=0"
X-Firefox-Spdy: h2

OPTIONS nannyirrationalacquainted.com/pixel/pure

192.243.59.20

204 No Content

0 B

URL OPTIONS
nannyirrationalacquainted.com/pixel/pure
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerLet's Encrypt
Subjectnannyirrationalacquainted.com
Fingerprint02:A2:15:3C:6C:15:16:0E:78:8F:56:09:21:EA:27:04:2D:EC:D5:E2
ValiditySun, 20 Apr 2025 00:43:48 GMT - Sat, 19 Jul 2025 00:43:47 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /pixel/pure HTTP/1.1
Host: nannyirrationalacquainted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.1tamilblasters.earth/
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.19.5
Date: Sun, 18 May 2025 08:58:14 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET 4.adsco.re/

0.0.0.0

0 B

URL GET
4.adsco.re/
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerSectigo Limited
Subject*.adsco.re
Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B
ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

POST vgnk2nrvyyke.s4.adsco.re/

185.200.116.60

200 OK

0 B

URL POST
vgnk2nrvyyke.s4.adsco.re/
IP
185.200.116.60:443
ASN
#9009 M247 Europe SRL

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerLet's Encrypt
Subject*.s4.adsco.re
FingerprintAE:BB:65:20:B5:2F:2A:DA:30:73:84:C4:DC:5F:66:67:7C:1F:84:BB
ValiditySat, 19 Apr 2025 09:14:19 GMT - Fri, 18 Jul 2025 09:14:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST / HTTP/1.1
Host: vgnk2nrvyyke.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 18 May 2025 08:58:17 GMT
content-type: text/html
content-length: 0
last-modified: Tue, 03 Oct 2023 13:29:59 GMT
etag: "651c1757-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2

GET jauntyhatredeighty.com/1d/01/f9/1d01f9ce6e4547da6ad284aa16eea6bf.js

192.243.59.12

200 OK

34 kB

URL GET
jauntyhatredeighty.com/1d/01/f9/1d01f9ce6e4547da6ad284aa16eea6bf.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerLet's Encrypt
Subjectjauntyhatredeighty.com
Fingerprint28:8D:F8:8E:40:C6:65:E3:DE:9C:09:44:8E:66:64:0D:98:DA:3C:B6
ValiditySat, 26 Apr 2025 21:30:59 GMT - Fri, 25 Jul 2025 21:30:58 GMT

File type
JavaScript source, ASCII text, with very long lines (33839), with no line terminators
Size
34 kB (33839 bytes)
Hash
14d9b8ec1c0ced3982e0402199f84dad
cebcd0227b0ff094914db33c23dcec7c346dde7e
4b94f0c8592bbfee919cb0ca34db9062007dc61066d6580fe570a6aba14c2887

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1d/01/f9/1d01f9ce6e4547da6ad284aa16eea6bf.js HTTP/1.1
Host: jauntyhatredeighty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 18 May 2025 08:58:12 GMT
Content-Type: application/javascript
Content-Length: 12964
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: jauntyhatredeighty.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 893e025ba98a4f4dc53938c678e9ea76
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET recordedthereby.com/sfp.js

185.196.197.71

200 OK

85 kB

URL GET
recordedthereby.com/sfp.js
IP
185.196.197.71:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerLet's Encrypt
Subjectrecordedthereby.com
Fingerprint43:76:D8:56:43:66:8A:49:51:DC:E6:8E:5A:E9:35:93:29:07:37:C1
ValidityMon, 05 May 2025 21:20:39 GMT - Sun, 03 Aug 2025 21:20:38 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
85 kB (85380 bytes)
Hash
108625937affa4b38bb17cea65510d72
2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee
c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 18 May 2025 08:58:13 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28255
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 645f6fe67ba07ccb600c5e22682640df
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET acscdn.com/script/suv5.js

104.18.16.201

200 OK

96 kB

URL GET
acscdn.com/script/suv5.js
IP
104.18.16.201:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subjectacscdn.com
FingerprintE8:04:28:CD:40:56:EF:C8:19:07:48:1D:8F:83:82:58:38:D8:61:A1
ValidityTue, 13 May 2025 15:22:09 GMT - Mon, 11 Aug 2025 16:21:52 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65493), with no line terminators
Size
96 kB (96328 bytes)
Hash
2da4397b2985f6204274c4395920cc39
bcc00806745a04b2fd6262eb970cdb822d8b9a8e
421dbe24ca9deca94f451fdb9c02f16838d1bd5cfab5d442cb8dc6fd888b22dd

HTTP Headers

GET /script/suv5.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: text/javascript
x-guploader-uploadid: AAO2VwpkDJ8N9jYdNIpofNzl_qiC51YkNLLUwJNtfcmwVHcLjRx-aqnyZkfobpdxKHMhdF8ANzSEGtI
x-goog-generation: 1747151554362564
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 96328
x-goog-hash: crc32c=nmRP1w==, md5=LaQ5eymF9iBCdMQ5WSDMOQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Sun, 18 May 2025 09:58:12 GMT
cache-control: public, max-age=3600
last-modified: Tue, 13 May 2025 15:52:34 GMT
etag: W/"2da4397b2985f6204274c4395920cc39"
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 2123
priority: u=3,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 941a26c6e9a1b529-OSL
content-encoding: gzip
server-timing: cfExtPri

GET shotgunchancecruel.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=80

192.243.61.227

200 OK

0 B

URL GET
shotgunchancecruel.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=80
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerLet's Encrypt
Subjectshotgunchancecruel.com
Fingerprint57:F1:91:12:31:BB:80:19:FF:41:09:D0:8D:7B:40:3F:77:DF:B2:B3
ValiditySun, 20 Apr 2025 02:16:11 GMT - Sat, 19 Jul 2025 02:16:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=80 HTTP/1.1
Host: shotgunchancecruel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 18 May 2025 08:58:17 GMT
Content-Length: 0
Connection: keep-alive
Host: shotgunchancecruel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET www.1tamilblasters.earth/uploads/monthly_2024_10/TBL.thumb.jpg.7efcb00a0be3928e9b617f975ea43a38.jpg

104.21.9.212

200 OK

10 kB

URL GET
www.1tamilblasters.earth/uploads/monthly_2024_10/TBL.thumb.jpg.7efcb00a0be3928e9b617f975ea43a38.jpg
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 240x240, components 3
Size
10 kB (9953 bytes)
Hash
0bdec345c80576af1d1ae3c289d70a21
af12dde830aa3726660ed0dc1a53b728f51992e7
67e48d7d6b8b81b5a9b9b4e3cc076b0a0295e19323848e535c6c0ee06f1c8ce7

HTTP Headers

GET /uploads/monthly_2024_10/TBL.thumb.jpg.7efcb00a0be3928e9b617f975ea43a38.jpg HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: image/jpeg
content-length: 9953
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 20:24:51 GMT
last-modified: Tue, 22 Oct 2024 12:23:36 GMT
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
age: 131600
cf-cache-status: HIT
cf-ray: 941a26c2e9861c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P3hZ5Ru28uUUwvDSRogjoV4wA1i2tbtFLWuYpVRklrkgwUuAKONsC2vApRsV0vR3y6LzdUmwN7d5TBLX4emwdZIcV572bZhPyNK5Pp4bX9NVxyIFJfrhwPDueOvMFh6tUSYYGBDitSgMvuQ%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2179&min_rtt=597&rtt_var=1566&sent=700&recv=198&lost=0&retrans=0&sent_bytes=667929&recv_bytes=24531&delivery_rate=5868629&cwnd=268200&unsent_bytes=0&cid=368ce31e545f4529&ts=580&x=16"

GET 6.adsco.re:2087/

104.17.166.186

200 OK

45 B

URL GET
6.adsco.re:2087/
IP
104.17.166.186:2087
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerSectigo Limited
Subject*.adsco.re
Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B
ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
45 B (45 bytes)
Hash
5b41cb22f84f645a103acc7bfbf084ff
bac3967b26d5ec4a0d09a580714e8219796816bd
709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc

HTTP Headers

GET / HTTP/1.1
Host: 6.adsco.re:2087
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 08:58:16 GMT
content-type: text/plain;charset=UTF-8
content-length: 45
access-control-allow-origin: https://www.1tamilblasters.earth
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 941a26dfee0056af-OSL
alt-svc: h3=":2087"; ma=86400
X-Firefox-Spdy: h2

GET c.adsco.re/#0.9429836095201803

104.17.166.186

200 OK

79 kB

URL GET
c.adsco.re/#0.9429836095201803
IP
104.17.166.186:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerSectigo Limited
Subject*.adsco.re
Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B
ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (689)
Size
79 kB (79103 bytes)
Hash
f0e71ebb1e2c90b307c171052ca517d0
1a1950b1868c0bfb8629f6f81b81439160727a79
adbce95b9ac0da66ea3a1d707494d9c74876e1c9186c446b4b5a22d15adc1ee5

HTTP Headers

GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:16 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Wed, 18 Jun 2025 08:58:16 GMT
etag: W/"8Oceux4skLMHwXEFLKUX0A=="
content-encoding: gzip
cf-cache-status: HIT
age: 805754
priority: u=4,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 941a26e0187456a4-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET www.1tamilblasters.earth/uploads/css_built_3/ec0c06d47f161faa24112e8cbf0665bc_chatbox.css.1e5ab42bbe468d77008a23e6301bb3fd.css?v=4e52a1ea3c

104.21.9.212

200 OK

2.6 kB

URL GET
www.1tamilblasters.earth/uploads/css_built_3/ec0c06d47f161faa24112e8cbf0665bc_chatbox.css.1e5ab42bbe468d77008a23e6301bb3fd.css?v=4e52a1ea3c
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
ASCII text, with very long lines (2636), with no line terminators
Size
2.6 kB (2636 bytes)
Hash
715ca39dbf6d1fda3ea51925da1a35b4
f6a30051fa5b773d925f289fc4459b7c9916bf53
4033d3f4dfea92c804970bb30ecaca34822d4f3cb4ddf9cf0cd9d4514d3c70b2

HTTP Headers

GET /uploads/css_built_3/ec0c06d47f161faa24112e8cbf0665bc_chatbox.css.1e5ab42bbe468d77008a23e6301bb3fd.css?v=4e52a1ea3c HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JKB%2F0z4XLEspxrdMaOUXhjr%2Fip4XURiIFLYmE3kHx2h3rAXZnyiXw2D%2FN4U7TI8Kl515WuKfm0CwgHT1ZnP5D6Z7HJFWEdaduDTUDS9KJD1m9a9LhrNBcmPpI5p6HzLff0t54H4o4CCKWok%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 20:24:50 GMT
last-modified: Fri, 16 May 2025 20:04:25 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
age: 131601
cf-cache-status: HIT
content-encoding: br
cf-ray: 941a26c0b9001c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3516&min_rtt=597&rtt_var=2816&sent=281&recv=174&lost=0&retrans=0&sent_bytes=200873&recv_bytes=17535&delivery_rate=3919593&cwnd=102000&unsent_bytes=0&cid=368ce31e545f4529&ts=276&x=16"

POST nannyirrationalacquainted.com/pixel/pure

192.243.59.20

200 OK

0 B

URL POST
nannyirrationalacquainted.com/pixel/pure
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerLet's Encrypt
Subjectnannyirrationalacquainted.com
Fingerprint02:A2:15:3C:6C:15:16:0E:78:8F:56:09:21:EA:27:04:2D:EC:D5:E2
ValiditySun, 20 Apr 2025 00:43:48 GMT - Sat, 19 Jul 2025 00:43:47 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /pixel/pure HTTP/1.1
Host: nannyirrationalacquainted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 73
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 18 May 2025 08:58:14 GMT
Content-Length: 0
Connection: keep-alive
Host: nannyirrationalacquainted.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET www.1tamilblasters.earth/uploads/javascript_core/front_front_widgets.js.c7fd8d712af91249a0dcd063b78829ea.js?csrfKey=e4b8480e82b097f6ed5a44d5a7bf8acd&antiCache=4e52a1ea3c

104.21.9.212

200 OK

17 kB

URL GET
www.1tamilblasters.earth/uploads/javascript_core/front_front_widgets.js.c7fd8d712af91249a0dcd063b78829ea.js?csrfKey=e4b8480e82b097f6ed5a44d5a7bf8acd&antiCache=4e52a1ea3c
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
JavaScript source, ASCII text, with very long lines (2171)
Size
17 kB (16890 bytes)
Hash
177fd39127cfc656969be8cab0ecf855
d3b4f3b918daf613d0c84226969752ca707a7e79
6be7316f5723aa38095a52b175efa8e9048345ff88227c7e806971dc888afe3c

HTTP Headers

GET /uploads/javascript_core/front_front_widgets.js.c7fd8d712af91249a0dcd063b78829ea.js?csrfKey=e4b8480e82b097f6ed5a44d5a7bf8acd&antiCache=4e52a1ea3c HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691; _ga_VVY9CWDB5S=GS2.1.s1747558692$o1$g0$t1747558692$j0$l0$h0; _ga=GA1.1.1679180738.1747558693; ips4_ipsTimezone=UTC; ips4_hasJS=true; cf_clearance=Q0YDG2fVjgsmvHiDFvlBU_EF4ynsqSEZ0u5T3C4qZng-1747558694-1.2.1.1-5LqqiyNd6ZsgnDN.0iKbm44XhV2jL0hvP6e0d42CaRErQYkjWN3S1ZbjpUCo4KVbKUnyxoi480nIghElLYyMHw7Dvh_6HuFZj3sCEdZJvysAsTGJ5A1o6XuXPp0d6MWPDgh8nv02UBKVUHemZP.2CdIazV49v0UF_e.7LaW3qEKcWAw6Y.ofXF_hUVnydUwEG7RnyZ_Pl_FVZ4YZatvTgXIDBPD_3L6m3qd8_M3IgymPV0uj3qu8g_AN32X0Rhr8oZx2c1RScU3.VfUzqxzSIj2TD8DBtJu5L7OmDQP_ulfgyiH7MVDh4IIBBBjSLzZ2vGUjNDizIeUZBgwVMG5joTsmSYQlCPR2.4RiTEo0jag; dom3ic8zudi28v8lr6fgphwffqoz0j6c=30da44ba-4092-4ad1-b245-d8576ff70c5a%3A2%3A1; pp_main_ced0506a5584c90299ec188b96fad1c4=1; sb_page_1d01f9ce6e4547da6ad284aa16eea6bf=1; sb_main_1d01f9ce6e4547da6ad284aa16eea6bf=1; sb_count_1d01f9ce6e4547da6ad284aa16eea6bf=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:15 GMT
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=csliwksDH8wCE5%2B%2BJPvERCrb7JTG3RDvIddjWwuPTqklYmCAmB3%2BJ9uryFb4RMJoEcZv7nIkmZcx35PXcWICWXFSIQmw8ryGWt38jChf9%2BzNjURpxk9r4s%2FAucvfjzubU5xEih%2FqtDRONio%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Fri, 16 May 2025 20:18:32 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 941a26d46bcc1c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2168&min_rtt=597&rtt_var=921&sent=816&recv=223&lost=0&retrans=0&sent_bytes=779362&recv_bytes=42031&delivery_rate=3263568&cwnd=268200&unsent_bytes=0&cid=368ce31e545f4529&ts=3448&x=16"

GET 4.adsco.re:2087/

0.0.0.0

0 B

URL GET
4.adsco.re:2087/
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.1tamilblasters.earth/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: 4.adsco.re:2087
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET cdn.creative-stat1.com/sb/chat/mob/ssp/1/js/script.js

172.67.133.15

200 OK

382 B

URL GET
cdn.creative-stat1.com/sb/chat/mob/ssp/1/js/script.js
IP
172.67.133.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
Fingerprint0B:D7:09:43:6C:42:76:92:3B:8C:0E:15:43:A3:A3:AC:94:B2:C2:CB
ValiditySun, 13 Apr 2025 21:34:38 GMT - Sat, 12 Jul 2025 22:33:20 GMT

File type
ASCII text
Size
382 B (382 bytes)
Hash
4f5f05ab032dd8fc0db448fcf51a35e2
78f94f93fdb792d95ea3ac293ac1b8e3bc13d609
7fd8e9c0e5ca0c7123954a109fa8b7e8368c7e1262880925e2ac7b8c877a9e38

HTTP Headers

GET /sb/chat/mob/ssp/1/js/script.js HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:17 GMT
content-type: application/javascript
content-length: 382
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tTtkVnk96LOi9mPXYBfXxp1OVq9Ya%2FzpKFpQsdUAM%2BHvPwP4EUGOHJ3Fnl2oJAX6%2BgLs60h3vOe3RBmT%2F%2BfZBwsDXW3BKJ2Pttn5ivf0H8GhLmVL3xpAtob%2BB9AthPPrbd6UMpvBO1Wi"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 07 May 2022 03:21:31 GMT
etag: "6275e5bb-17e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
accept-ranges: bytes
age: 115135
cf-cache-status: HIT
cf-ray: 941a26e14d590b69-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5059&min_rtt=977&rtt_var=4362&sent=108&recv=30&lost=0&retrans=0&sent_bytes=103579&recv_bytes=2722&delivery_rate=2388706&cwnd=96000&unsent_bytes=0&cid=2f65e3c67948f3b4&ts=268&x=16"

GET shotgunchancecruel.com/impr.gif?sid=H4sIAAAAAAAC_1RSzYscxRuunuzhB7-DGMSLCHMQNODOdk_3zs4YJBhjJBiTkEQCCkJ99Wy51V1tVff0ZLwEAxI8jYLgseeZTRY1iHoXZFbwsBDMeJpD9pL_QCE3QXoyMPpCvR_1vAXP-9T72aQ4JhEKurjyrhkprenWdstvvnJDpcKUrnnpejPwW_7p5g2VdqLTzWHt7OC1IIxa_qnm25Lvma22H_h-4AfN88rK2Ay3lihUdr8XtHp-K2q3gu0IQ_vf2hUeHPUgBsfkJJSYP_M4_gCKz5AmP5yTbi832atvJYWmubEYiIP30r3UlCmSdRpbD3F6sOqGcXNCvm7ApAerCWAG-_UEYGpOGs8_AksPVjTBBnefMmUaMgUT_0c5mEHqGRSdgZvbUOIhAbjApctIk3uXjC3pzacordE52XjyF1Q5JxuPnkOafH9Wq2HzmtFFrkzqMIwrqOEMqj9DVhwiHzWgykPw_FMo8YBsPbmINNm_7LSBEouXGJdxp8uizSAO2GYU8HCzx-LuZscPeNvf3gn9QCwlUvEMWo5BnYeiPspDEXsoMg-JWDQjvxvxgIaduCf4jh_RKBKS-b1u2_dpj--g4DX_MfJsDK7H4PYWMnsLe-qLh9snYYtf4HYrOOHB5QQDUaGUBKUjKClBqQjKnKAcVHeFdm1X3RPaFSxYxfYqhtXU5P0JvWvyvkwJqB3DimpfZR-72-D5iekodmJqakdZXk0pE9UkOybP1up65sEh9uSiGQg_iHtcdmS0He0I2qGi3Y0oDTpS0g6L4VQF5RpLPUZqTl7_6m9kak42_vc7GD2E04fgygMtXgQtK9DdCqP0p5wmSjNNXS6ta2W6cBCmQpZvIL_pTfQxeWH5y-9_8jkkPzrzOFwauK2Q2QofqV8J-vrO9Kopyf5VUzry4-UsV4ka0XoDruU0lye-fUfeLI0VF8658Tdv8Bqo0_vXpcsv0lSotO_Id2eVENKeN5ZL8vMFd0OyK4XbPVvYtMguXnnz_IUks9I5ZdIZqJoT708Lrubk5G-L5XaHmx9C2RlsUSEpjsjKoMwMPLsFl635O0Ng9bqHZR7KopraNltfakWg5bqmrIL7V83W-dTS-jVV1cTdQd82QPPbSJMKA1thoCtQPYYrTkzzzB6d-WNFg-nGlGnb2Gfa6i-XMtfuDpxaNONQtrnvd3c6QdiNZRBGgsfb3agnOtQPQ4nczXdPTV7-JwAA___k5H-xxAQAAA==

192.243.61.225

200 OK

0 B

URL GET
shotgunchancecruel.com/impr.gif?sid=H4sIAAAAAAAC_1RSzYscxRuunuzhB7-DGMSLCHMQNODOdk_3zs4YJBhjJBiTkEQCCkJ99Wy51V1tVff0ZLwEAxI8jYLgseeZTRY1iHoXZFbwsBDMeJpD9pL_QCE3QXoyMPpCvR_1vAXP-9T72aQ4JhEKurjyrhkprenWdstvvnJDpcKUrnnpejPwW_7p5g2VdqLTzWHt7OC1IIxa_qnm25Lvma22H_h-4AfN88rK2Ay3lihUdr8XtHp-K2q3gu0IQ_vf2hUeHPUgBsfkJJSYP_M4_gCKz5AmP5yTbi832atvJYWmubEYiIP30r3UlCmSdRpbD3F6sOqGcXNCvm7ApAerCWAG-_UEYGpOGs8_AksPVjTBBnefMmUaMgUT_0c5mEHqGRSdgZvbUOIhAbjApctIk3uXjC3pzacordE52XjyF1Q5JxuPnkOafH9Wq2HzmtFFrkzqMIwrqOEMqj9DVhwiHzWgykPw_FMo8YBsPbmINNm_7LSBEouXGJdxp8uizSAO2GYU8HCzx-LuZscPeNvf3gn9QCwlUvEMWo5BnYeiPspDEXsoMg-JWDQjvxvxgIaduCf4jh_RKBKS-b1u2_dpj--g4DX_MfJsDK7H4PYWMnsLe-qLh9snYYtf4HYrOOHB5QQDUaGUBKUjKClBqQjKnKAcVHeFdm1X3RPaFSxYxfYqhtXU5P0JvWvyvkwJqB3DimpfZR-72-D5iekodmJqakdZXk0pE9UkOybP1up65sEh9uSiGQg_iHtcdmS0He0I2qGi3Y0oDTpS0g6L4VQF5RpLPUZqTl7_6m9kak42_vc7GD2E04fgygMtXgQtK9DdCqP0p5wmSjNNXS6ta2W6cBCmQpZvIL_pTfQxeWH5y-9_8jkkPzrzOFwauK2Q2QofqV8J-vrO9Kopyf5VUzry4-UsV4ka0XoDruU0lye-fUfeLI0VF8658Tdv8Bqo0_vXpcsv0lSotO_Id2eVENKeN5ZL8vMFd0OyK4XbPVvYtMguXnnz_IUks9I5ZdIZqJoT708Lrubk5G-L5XaHmx9C2RlsUSEpjsjKoMwMPLsFl635O0Ng9bqHZR7KopraNltfakWg5bqmrIL7V83W-dTS-jVV1cTdQd82QPPbSJMKA1thoCtQPYYrTkzzzB6d-WNFg-nGlGnb2Gfa6i-XMtfuDpxaNONQtrnvd3c6QdiNZRBGgsfb3agnOtQPQ4nczXdPTV7-JwAA___k5H-xxAQAAA==
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerLet's Encrypt
Subjectshotgunchancecruel.com
Fingerprint57:F1:91:12:31:BB:80:19:FF:41:09:D0:8D:7B:40:3F:77:DF:B2:B3
ValiditySun, 20 Apr 2025 02:16:11 GMT - Sat, 19 Jul 2025 02:16:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC_1RSzYscxRuunuzhB7-DGMSLCHMQNODOdk_3zs4YJBhjJBiTkEQCCkJ99Wy51V1tVff0ZLwEAxI8jYLgseeZTRY1iHoXZFbwsBDMeJpD9pL_QCE3QXoyMPpCvR_1vAXP-9T72aQ4JhEKurjyrhkprenWdstvvnJDpcKUrnnpejPwW_7p5g2VdqLTzWHt7OC1IIxa_qnm25Lvma22H_h-4AfN88rK2Ay3lihUdr8XtHp-K2q3gu0IQ_vf2hUeHPUgBsfkJJSYP_M4_gCKz5AmP5yTbi832atvJYWmubEYiIP30r3UlCmSdRpbD3F6sOqGcXNCvm7ApAerCWAG-_UEYGpOGs8_AksPVjTBBnefMmUaMgUT_0c5mEHqGRSdgZvbUOIhAbjApctIk3uXjC3pzacordE52XjyF1Q5JxuPnkOafH9Wq2HzmtFFrkzqMIwrqOEMqj9DVhwiHzWgykPw_FMo8YBsPbmINNm_7LSBEouXGJdxp8uizSAO2GYU8HCzx-LuZscPeNvf3gn9QCwlUvEMWo5BnYeiPspDEXsoMg-JWDQjvxvxgIaduCf4jh_RKBKS-b1u2_dpj--g4DX_MfJsDK7H4PYWMnsLe-qLh9snYYtf4HYrOOHB5QQDUaGUBKUjKClBqQjKnKAcVHeFdm1X3RPaFSxYxfYqhtXU5P0JvWvyvkwJqB3DimpfZR-72-D5iekodmJqakdZXk0pE9UkOybP1up65sEh9uSiGQg_iHtcdmS0He0I2qGi3Y0oDTpS0g6L4VQF5RpLPUZqTl7_6m9kak42_vc7GD2E04fgygMtXgQtK9DdCqP0p5wmSjNNXS6ta2W6cBCmQpZvIL_pTfQxeWH5y-9_8jkkPzrzOFwauK2Q2QofqV8J-vrO9Kopyf5VUzry4-UsV4ka0XoDruU0lye-fUfeLI0VF8658Tdv8Bqo0_vXpcsv0lSotO_Id2eVENKeN5ZL8vMFd0OyK4XbPVvYtMguXnnz_IUks9I5ZdIZqJoT708Lrubk5G-L5XaHmx9C2RlsUSEpjsjKoMwMPLsFl635O0Ng9bqHZR7KopraNltfakWg5bqmrIL7V83W-dTS-jVV1cTdQd82QPPbSJMKA1thoCtQPYYrTkzzzB6d-WNFg-nGlGnb2Gfa6i-XMtfuDpxaNONQtrnvd3c6QdiNZRBGgsfb3agnOtQPQ4nczXdPTV7-JwAA___k5H-xxAQAAA== HTTP/1.1
Host: shotgunchancecruel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 18 May 2025 08:58:17 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: shotgunchancecruel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 9aab7dd69d95d3149b34d4391e3c7d48
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET nannyirrationalacquainted.com/pixel/purst?dl=0&th=0&sc=0&rs=1324&rd=1324&fd=801&bv=25.5.2579&tmpl=70

192.243.59.20

200 OK

0 B

URL GET
nannyirrationalacquainted.com/pixel/purst?dl=0&th=0&sc=0&rs=1324&rd=1324&fd=801&bv=25.5.2579&tmpl=70
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerLet's Encrypt
Subjectnannyirrationalacquainted.com
Fingerprint02:A2:15:3C:6C:15:16:0E:78:8F:56:09:21:EA:27:04:2D:EC:D5:E2
ValiditySun, 20 Apr 2025 00:43:48 GMT - Sat, 19 Jul 2025 00:43:47 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1324&rd=1324&fd=801&bv=25.5.2579&tmpl=70 HTTP/1.1
Host: nannyirrationalacquainted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 18 May 2025 08:58:13 GMT
Content-Length: 0
Connection: keep-alive
Host: nannyirrationalacquainted.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET www.1tamilblasters.earth/uploads/monthly_2022_05/TBLFavi.png

104.21.9.212

200 OK

878 B

URL GET
www.1tamilblasters.earth/uploads/monthly_2022_05/TBLFavi.png
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
878 B (878 bytes)
Hash
9810c3c03052475db46987923e2ac2d4
fc18b18cd404ada2542db2d087d76449b9c0280b
616f305866ab77660d32d32b1cc026a0518422681c75e13ef479e9149f8268bb

HTTP Headers

GET /uploads/monthly_2022_05/TBLFavi.png HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691; _ga_VVY9CWDB5S=GS2.1.s1747558692$o1$g0$t1747558692$j0$l0$h0; _ga=GA1.1.1679180738.1747558693
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:13 GMT
content-type: image/png
content-length: 878
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 20:00:01 GMT
last-modified: Sun, 15 May 2022 21:32:57 GMT
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
age: 133092
cf-cache-status: HIT
cf-ray: 941a26cc1add1c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q%2F9VtXnWQrZPO33g6bnx3KYGPfOVpAs0Byy7G%2FnUBR1VPxce08yvbL5ke6lQVDGEDGZkzR7tYMrdXs4QPlQNP0urE03s%2Ba23y8QLqOQiA%2Bntm6thfz25zdVrbadB1JlerSYkKBPxx9Bi%2Fyo%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1980&min_rtt=597&rtt_var=1049&sent=721&recv=202&lost=0&retrans=0&sent_bytes=687378&recv_bytes=25115&delivery_rate=4404394&cwnd=268200&unsent_bytes=0&cid=368ce31e545f4529&ts=2053&x=16"

GET www.1tamilblasters.earth/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.21.9.212

302 Found

8.4 kB

URL GET
www.1tamilblasters.earth/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type

Size
8.4 kB (8423 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691; _ga_VVY9CWDB5S=GS2.1.s1747558692$o1$g0$t1747558692$j0$l0$h0; _ga=GA1.1.1679180738.1747558693; ips4_ipsTimezone=UTC; ips4_hasJS=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Sun, 18 May 2025 08:58:14 GMT
content-length: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/6fab0cec561d/main.js?
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
access-control-allow-origin: *
cf-ray: 941a26ceab381c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dsCdqpDymFAYgd90Mxj6R5ZgEVcOAJ%2BE7DbajA7pyGikOY581iaGMJP0HyoZyrcBsaSN4rkM8JUh1nc%2B%2BDa%2BcEyvqrUC9DyJtA5PLJ4J%2FcnXZ9cQd4oC3SKqLSb7FkmOGwN7Pb2LD%2FJOfNY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1896&min_rtt=597&rtt_var=954&sent=724&recv=204&lost=0&retrans=0&sent_bytes=689052&recv_bytes=25586&delivery_rate=123017&cwnd=268200&unsent_bytes=0&cid=368ce31e545f4529&ts=2463&x=16"

GET www.1tamilblasters.earth/applications/core/interface/font/fontawesome-webfont.woff2?v=4.7.0

104.21.9.212

200 OK

77 kB

URL GET
www.1tamilblasters.earth/applications/core/interface/font/fontawesome-webfont.woff2?v=4.7.0
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /applications/core/interface/font/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/uploads/css_built_3/341e4a57816af3ba440d891ca87450ff_framework.css.ef38b4ed8ac528889503986f0347a9c2.css?v=4e52a1ea3c
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691; _ga_VVY9CWDB5S=GS2.1.s1747558692$o1$g0$t1747558692$j0$l0$h0; _ga=GA1.1.1679180738.1747558693; ips4_ipsTimezone=UTC; ips4_hasJS=true; cf_clearance=Q0YDG2fVjgsmvHiDFvlBU_EF4ynsqSEZ0u5T3C4qZng-1747558694-1.2.1.1-5LqqiyNd6ZsgnDN.0iKbm44XhV2jL0hvP6e0d42CaRErQYkjWN3S1ZbjpUCo4KVbKUnyxoi480nIghElLYyMHw7Dvh_6HuFZj3sCEdZJvysAsTGJ5A1o6XuXPp0d6MWPDgh8nv02UBKVUHemZP.2CdIazV49v0UF_e.7LaW3qEKcWAw6Y.ofXF_hUVnydUwEG7RnyZ_Pl_FVZ4YZatvTgXIDBPD_3L6m3qd8_M3IgymPV0uj3qu8g_AN32X0Rhr8oZx2c1RScU3.VfUzqxzSIj2TD8DBtJu5L7OmDQP_ulfgyiH7MVDh4IIBBBjSLzZ2vGUjNDizIeUZBgwVMG5joTsmSYQlCPR2.4RiTEo0jag
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:14 GMT
content-type: font/woff2
content-length: 77160
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 21:22:29 GMT
last-modified: Sun, 10 Jan 2021 03:13:32 GMT
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
age: 128145
cf-cache-status: HIT
cf-ray: 941a26d32bb71c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TkcnKmxJJYzlZ%2FjxFSmmPYLuxBfokGGLwJvkwhzsUsYR%2FHTo%2F%2FuQ0j5tvl0MVXgRX2n96uHEHrqF6EnQbyLaToNjS1xNwO4%2BXrIgFuG1yCqDpp0kqEn1ljpBd2e3C3elXE0LzXV%2Fj9G0SQs%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2084&min_rtt=597&rtt_var=1004&sent=747&recv=221&lost=0&retrans=0&sent_bytes=699420&recv_bytes=40832&delivery_rate=29555&cwnd=268200&unsent_bytes=0&cid=368ce31e545f4529&ts=3191&x=16"

GET www.1tamilblasters.earth/uploads/javascript_core/global_global_core.js.dcc5776d4949d5147ce2337240a36c86.js?v=4e52a1ea3c

104.21.9.212

200 OK

35 kB

URL GET
www.1tamilblasters.earth/uploads/javascript_core/global_global_core.js.dcc5776d4949d5147ce2337240a36c86.js?v=4e52a1ea3c
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
JavaScript source, ASCII text, with very long lines (1619)
Size
35 kB (34909 bytes)
Hash
b985d97f08a746a9e640e13b84153ac6
7a9542ba202375c9e5be922b44bd71f6d2985708
c451e968e926da4739ed2dd2a66a18f7b7c072235da7db7bce15a8ddb7acfaf8

HTTP Headers

GET /uploads/javascript_core/global_global_core.js.dcc5776d4949d5147ce2337240a36c86.js?v=4e52a1ea3c HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:11 GMT
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a8CsT8Y5VnjHEKucublbT4PDOAGiUiFYRALFv8IcnfpjqXWWUjSV%2Bbpjkmh3bk2GkIGiC93v7raXaYJ6qocfw%2Be59RqE18JhQZKb4tprVbF8ji6tShYwift6l6Z7ro75nwUwHt1kP2%2FCSg4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Fri, 16 May 2025 20:04:28 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
age: 790
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 941a26c0d9161c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2497&min_rtt=597&rtt_var=979&sent=147&recv=168&lost=0&retrans=0&sent_bytes=44821&recv_bytes=15628&delivery_rate=378108&cwnd=24000&unsent_bytes=0&cid=368ce31e545f4529&ts=258&x=16"

GET www.1tamilblasters.spa/se1/applications/core/interface/font/fontawesome-webfont.woff?v=4.7.0

172.67.218.238

404 Not Found

1.3 kB

URL GET
www.1tamilblasters.spa/se1/applications/core/interface/font/fontawesome-webfont.woff?v=4.7.0
IP
172.67.218.238:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.spa
FingerprintED:6D:01:D8:6F:DA:22:61:F6:D8:EE:94:F1:04:37:60:D1:10:9E:17
ValidityThu, 15 May 2025 11:22:21 GMT - Wed, 13 Aug 2025 12:20:54 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
1.3 kB (1251 bytes)
Hash
8150f458ed6fb9b1db4e5cfa57a1a281
6e5726854d28687b560d7fdcb5c782c425c7dfb9
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

HTTP Headers

GET /se1/applications/core/interface/font/fontawesome-webfont.woff?v=4.7.0 HTTP/1.1
Host: www.1tamilblasters.spa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sun, 18 May 2025 08:58:14 GMT
content-type: text/html
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Me5MncV24w5Bc0wkJ%2BnbishTPJce%2BK5RL8bzrp9AA6YWqwrUZOdNPD1wlZRDCiTOXftyFon9Xcb%2FgDemW9cu7Slgmb2jOVokGx%2B1JViWk64Qs4dTcSLx03lAUyo%2FNRm%2B4Q8b4I0XIawt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
cf-ray: 941a26cfbb551c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5955&min_rtt=1767&rtt_var=4018&sent=18&recv=12&lost=0&retrans=0&sent_bytes=5305&recv_bytes=1819&delivery_rate=19443&cwnd=12000&unsent_bytes=0&cid=709dd1adf76c1e67&ts=271&x=16"

GET www.1tamilblasters.earth/uploads/javascript_global/root_map.js.59badda12ea710e0a55c03d949d55afa.js?v=4e52a1ea3c

104.21.9.212

200 OK

2.2 kB

URL GET
www.1tamilblasters.earth/uploads/javascript_global/root_map.js.59badda12ea710e0a55c03d949d55afa.js?v=4e52a1ea3c
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
ASCII text, with very long lines (2222), with no line terminators
Size
2.2 kB (2222 bytes)
Hash
46bf94af825337703ace622a0bce3a7a
ef15b6d17be0066e9db676f3a3a8568111954353
456cd5a9cc4be16a0951c19236af64b82f2ebedbd97c4e5664e84b5d55444866

HTTP Headers

GET /uploads/javascript_global/root_map.js.59badda12ea710e0a55c03d949d55afa.js?v=4e52a1ea3c HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F8jKgdNzmvXcbk67zrZcf%2F7TSbQHCCwKZRvy4JCWRyMiUaEhrv8DyFF5WSp%2F5AN0Z0Kk8WOKPPIdbTy8xQ6erR1m1vbNKo%2BTrU%2Fh%2FI9GQj2raMxYfd1dWY6rcRHJcp3DxGuyZ6xftNtJ7ZA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Sat, 17 May 2025 17:54:31 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
age: 790
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 941a26c109241c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3288&min_rtt=597&rtt_var=1565&sent=614&recv=181&lost=0&retrans=0&sent_bytes=581272&recv_bytes=19732&delivery_rate=17120664&cwnd=268200&unsent_bytes=0&cid=368ce31e545f4529&ts=303&x=16"

GET www.1tamilblasters.earth/uploads/javascript_chatbox/front_front_chatbox.js.2c9c60eb8bff035a501a07c037bbebba.js?v=4e52a1ea3c

104.21.9.212

200 OK

81 kB

URL GET
www.1tamilblasters.earth/uploads/javascript_chatbox/front_front_chatbox.js.2c9c60eb8bff035a501a07c037bbebba.js?v=4e52a1ea3c
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (26811)
Size
81 kB (80710 bytes)
Hash
b438634ffcedca974461014b4fca7990
d3ff1ebcd36aedfec97fb6892134686609a69b4f
371f132695cf947a3d85a8a46215141980be44c58f50c5464a907c9d49c27ab0

HTTP Headers

GET /uploads/javascript_chatbox/front_front_chatbox.js.2c9c60eb8bff035a501a07c037bbebba.js?v=4e52a1ea3c HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:11 GMT
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eOMABcpS3QI50wrGrMK3yvqd%2F5S5ClAR0b%2B0vlbzSFwbTrYcrVhbxZ52enT1nJw0lpochVcBR0I36AjOL7uxRicmtQ4H6FsvEzaVjW2%2BBX%2FRXVyPtOQqURUZKa1ctE6jFV87QdUgYxppi7M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Fri, 16 May 2025 20:04:28 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
age: 790
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 941a26c0e91d1c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2954&min_rtt=597&rtt_var=1649&sent=188&recv=169&lost=0&retrans=0&sent_bytes=92821&recv_bytes=15673&delivery_rate=2487463&cwnd=48000&unsent_bytes=0&cid=368ce31e545f4529&ts=269&x=16"

GET www.1tamilblasters.earth/uploads/set_resources_3/005d20f304c7929cbfdb3fe61d088022_basicScroll.min.js

104.21.9.212

200 OK

18 kB

URL GET
www.1tamilblasters.earth/uploads/set_resources_3/005d20f304c7929cbfdb3fe61d088022_basicScroll.min.js
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
JavaScript source, ASCII text, with very long lines (18391), with no line terminators
Size
18 kB (18391 bytes)
Hash
6404938d12cd8599cf971ad0f0c29a0b
b947ed12c1133eff26b8d26b414428a7b1aa0ea5
322778da5015b940313c5ac83e520224e155d69ae6211471d3c7a3729085d82a

HTTP Headers

GET /uploads/set_resources_3/005d20f304c7929cbfdb3fe61d088022_basicScroll.min.js HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uzzs8ALpQIP5PBJhvtg0PoQI9rYzE%2FHmqgSo2pXIq9t8bNElvfutCFIrBNsYXt4vVfssoeQwXKT4D%2BtbSJjotrxUkeWbhdAJm6aAGrmj%2Bcg2SJmu3d2gIXPgnK35IMzjnUoqcJScwdd8V8I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Sun, 26 Nov 2023 16:04:48 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: HIT
age: 790
content-encoding: br
cf-ray: 941a26c2e9891c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2087&min_rtt=597&rtt_var=1115&sent=712&recv=200&lost=0&retrans=0&sent_bytes=680085&recv_bytes=24623&delivery_rate=1447130&cwnd=268200&unsent_bytes=0&cid=368ce31e545f4529&ts=587&x=16"

GET recordedthereby.com/sfp.js

185.196.197.71

200 OK

85 kB

URL GET
recordedthereby.com/sfp.js
IP
185.196.197.71:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerLet's Encrypt
Subjectrecordedthereby.com
Fingerprint43:76:D8:56:43:66:8A:49:51:DC:E6:8E:5A:E9:35:93:29:07:37:C1
ValidityMon, 05 May 2025 21:20:39 GMT - Sun, 03 Aug 2025 21:20:38 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
85 kB (85380 bytes)
Hash
108625937affa4b38bb17cea65510d72
2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee
c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 18 May 2025 08:58:13 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28255
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 9a396f19feed27db046ab3f6aa641219
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET shotgunchancecruel.com/ren.gif?sid=H4sIAAAAAAAC_1RSz4scRRuunuzhg-8gBvEiwhwEDbiz3TM9vTMGCcYYCcYkJJEFBaGqq3q23Oqutqp7ena8LC7I4mkUBI89z-xmUYOod0FmBQ8LwYynOWQv-Q8UchOkJwOjL9T7o5634Hmfej8b52fER07nt97VQ6kU3Wg33PorWzLhurD1G3frnttwL9a3ZBL4F-uDypn-a17Lb7gX6m-LcEdvNF3PdT3Xq1-VRkR6sLFAIdP7Xa_RdRt-s-G1fQzMf2ubO7DUAe-fkfOQfPbM4-gDyHCKJP7hirA7mU5ffSvOFc20QZ8fv5fsJLpIEK_SyDiIkuNlN7SdEfJ1DTo5Xk4A3T-sJgCTM1J7_hFYcrykCdY_esqUKYgEjP8fRX8KoaaQdIpQ70PyhwQIOW7cRBLfu6FNQXeforRCZ2TtyV-QxYysPXoOSfz9ZSUH9Tta5ZnUicUgKiEHU8jeFGl-gmxYgyxOEGafQvIHZOPJdSTx4U2rNCSfv8RCEQUd5q97kcfWfS9srXdZ1FkPXC9suu3NluvxhUQymkKJEah1kFdHOsgjB3nqIObzuu92_NCjrSDq8nDT9anvc8HcbqfpurQbbiIPK_4jZOkIoRohNHtIzR525BcP2-dh8l9gt0tY7sBmBH1eohAEhSUoKEEhCYqMoOiXR1zZpi3vcWVz5i1jcxlb5URnvTE90llPJATUjGB4eSjTj-0-wuzcZBhZPtGVoywrJ5TxcpyekWcrdR394AQ7Yl73uOtF3VAEwm_7m5wGlDc7PqVeIAQNWAQrS0hbW-gxlDPy-ld_I5Uzsva_38HoCaw6QSgd0PxF0KIE3S4xTH7KaCwVU9RmwthGqnILrkuk2RqyXWeszsgLi19-_5PPIcLTS49bC0NoSqSmxEfyV4KeOpjc1gU5vK0LS368mWYylkNabcCdjGbi3LfviN1CG37tih1980ZYAVV6_66w2XWacJn0LPnusuRcmKvahIL8fM1uCXYrt9uXc5Pk6fVbb169FqdGWCt1MgWVM-L8aRDKGTn_23yx3a31DyHNFCYvEeenZGmQeoow3YNNV_ytJjBq1cNSB0VeTkyTrS6VJFBiVVNWwv6rZqt8Ymj1mspybA_QMzXQbB9JXKJvSvRVCapGsPm5SZaa00t_LGkwVZswZWqHTBn15ULmyh3Aynm93WStoNMJRBTwqMVbzRbvtl3R9Wk38Lt-G5mdbV8Yv_xPAAAA__8YjO9vxAQAAA==

192.243.61.225

200 OK

0 B

URL GET
shotgunchancecruel.com/ren.gif?sid=H4sIAAAAAAAC_1RSz4scRRuunuzhg-8gBvEiwhwEDbiz3TM9vTMGCcYYCcYkJJEFBaGqq3q23Oqutqp7ena8LC7I4mkUBI89z-xmUYOod0FmBQ8LwYynOWQv-Q8UchOkJwOjL9T7o5634Hmfej8b52fER07nt97VQ6kU3Wg33PorWzLhurD1G3frnttwL9a3ZBL4F-uDypn-a17Lb7gX6m-LcEdvNF3PdT3Xq1-VRkR6sLFAIdP7Xa_RdRt-s-G1fQzMf2ubO7DUAe-fkfOQfPbM4-gDyHCKJP7hirA7mU5ffSvOFc20QZ8fv5fsJLpIEK_SyDiIkuNlN7SdEfJ1DTo5Xk4A3T-sJgCTM1J7_hFYcrykCdY_esqUKYgEjP8fRX8KoaaQdIpQ70PyhwQIOW7cRBLfu6FNQXeforRCZ2TtyV-QxYysPXoOSfz9ZSUH9Tta5ZnUicUgKiEHU8jeFGl-gmxYgyxOEGafQvIHZOPJdSTx4U2rNCSfv8RCEQUd5q97kcfWfS9srXdZ1FkPXC9suu3NluvxhUQymkKJEah1kFdHOsgjB3nqIObzuu92_NCjrSDq8nDT9anvc8HcbqfpurQbbiIPK_4jZOkIoRohNHtIzR525BcP2-dh8l9gt0tY7sBmBH1eohAEhSUoKEEhCYqMoOiXR1zZpi3vcWVz5i1jcxlb5URnvTE90llPJATUjGB4eSjTj-0-wuzcZBhZPtGVoywrJ5TxcpyekWcrdR394AQ7Yl73uOtF3VAEwm_7m5wGlDc7PqVeIAQNWAQrS0hbW-gxlDPy-ld_I5Uzsva_38HoCaw6QSgd0PxF0KIE3S4xTH7KaCwVU9RmwthGqnILrkuk2RqyXWeszsgLi19-_5PPIcLTS49bC0NoSqSmxEfyV4KeOpjc1gU5vK0LS368mWYylkNabcCdjGbi3LfviN1CG37tih1980ZYAVV6_66w2XWacJn0LPnusuRcmKvahIL8fM1uCXYrt9uXc5Pk6fVbb169FqdGWCt1MgWVM-L8aRDKGTn_23yx3a31DyHNFCYvEeenZGmQeoow3YNNV_ytJjBq1cNSB0VeTkyTrS6VJFBiVVNWwv6rZqt8Ymj1mspybA_QMzXQbB9JXKJvSvRVCapGsPm5SZaa00t_LGkwVZswZWqHTBn15ULmyh3Aynm93WStoNMJRBTwqMVbzRbvtl3R9Wk38Lt-G5mdbV8Yv_xPAAAA__8YjO9vxAQAAA==
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerLet's Encrypt
Subjectshotgunchancecruel.com
Fingerprint57:F1:91:12:31:BB:80:19:FF:41:09:D0:8D:7B:40:3F:77:DF:B2:B3
ValiditySun, 20 Apr 2025 02:16:11 GMT - Sat, 19 Jul 2025 02:16:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC_1RSz4scRRuunuzhg-8gBvEiwhwEDbiz3TM9vTMGCcYYCcYkJJEFBaGqq3q23Oqutqp7ena8LC7I4mkUBI89z-xmUYOod0FmBQ8LwYynOWQv-Q8UchOkJwOjL9T7o5634Hmfej8b52fER07nt97VQ6kU3Wg33PorWzLhurD1G3frnttwL9a3ZBL4F-uDypn-a17Lb7gX6m-LcEdvNF3PdT3Xq1-VRkR6sLFAIdP7Xa_RdRt-s-G1fQzMf2ubO7DUAe-fkfOQfPbM4-gDyHCKJP7hirA7mU5ffSvOFc20QZ8fv5fsJLpIEK_SyDiIkuNlN7SdEfJ1DTo5Xk4A3T-sJgCTM1J7_hFYcrykCdY_esqUKYgEjP8fRX8KoaaQdIpQ70PyhwQIOW7cRBLfu6FNQXeforRCZ2TtyV-QxYysPXoOSfz9ZSUH9Tta5ZnUicUgKiEHU8jeFGl-gmxYgyxOEGafQvIHZOPJdSTx4U2rNCSfv8RCEQUd5q97kcfWfS9srXdZ1FkPXC9suu3NluvxhUQymkKJEah1kFdHOsgjB3nqIObzuu92_NCjrSDq8nDT9anvc8HcbqfpurQbbiIPK_4jZOkIoRohNHtIzR525BcP2-dh8l9gt0tY7sBmBH1eohAEhSUoKEEhCYqMoOiXR1zZpi3vcWVz5i1jcxlb5URnvTE90llPJATUjGB4eSjTj-0-wuzcZBhZPtGVoywrJ5TxcpyekWcrdR394AQ7Yl73uOtF3VAEwm_7m5wGlDc7PqVeIAQNWAQrS0hbW-gxlDPy-ld_I5Uzsva_38HoCaw6QSgd0PxF0KIE3S4xTH7KaCwVU9RmwthGqnILrkuk2RqyXWeszsgLi19-_5PPIcLTS49bC0NoSqSmxEfyV4KeOpjc1gU5vK0LS368mWYylkNabcCdjGbi3LfviN1CG37tih1980ZYAVV6_66w2XWacJn0LPnusuRcmKvahIL8fM1uCXYrt9uXc5Pk6fVbb169FqdGWCt1MgWVM-L8aRDKGTn_23yx3a31DyHNFCYvEeenZGmQeoow3YNNV_ytJjBq1cNSB0VeTkyTrS6VJFBiVVNWwv6rZqt8Ymj1mspybA_QMzXQbB9JXKJvSvRVCapGsPm5SZaa00t_LGkwVZswZWqHTBn15ULmyh3Aynm93WStoNMJRBTwqMVbzRbvtl3R9Wk38Lt-G5mdbV8Yv_xPAAAA__8YjO9vxAQAAA== HTTP/1.1
Host: shotgunchancecruel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 18 May 2025 08:58:16 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: shotgunchancecruel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: f0f7ea3e3441d15e0ca7ba6a200931ab
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET www.1tamilblasters.earth/uploads/css_built_3/90eb5adf50a8c640f633d47fd7eb1778_core.css.5caebc34406f047e72de643305d30710.css?v=4e52a1ea3c

104.21.9.212

200 OK

18 kB

URL GET
www.1tamilblasters.earth/uploads/css_built_3/90eb5adf50a8c640f633d47fd7eb1778_core.css.5caebc34406f047e72de643305d30710.css?v=4e52a1ea3c
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
ASCII text, with very long lines (17905), with no line terminators
Size
18 kB (17905 bytes)
Hash
9d59c097f3f303365b1dbb553882e495
3eb44234d7bd5ff5e7652491893b79d16f631b36
fe5161d4adfff7cf03018b1fc37ea52ad0ffdca0cb8ad8ad78b7ab05a9e2ad7f

HTTP Headers

GET /uploads/css_built_3/90eb5adf50a8c640f633d47fd7eb1778_core.css.5caebc34406f047e72de643305d30710.css?v=4e52a1ea3c HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:11 GMT
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2F9gdlzMntrN2GP8SOem%2FFRKgQ9p%2FGZ3hPs%2FWdV0JJXoLr64UZmxm1BnIDt7gZyP%2FxAOVAfAjfAbOjXE6XgcO9MAPfyREdYL6Q01l5doDBBQ4VP%2FdC3t2pwdwmnGx0xJSiBYubCyOh%2FoSno%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 20:24:50 GMT
last-modified: Fri, 16 May 2025 20:04:25 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 131601
content-encoding: br
cf-ray: 941a26c0b9031c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2518&min_rtt=597&rtt_var=1248&sent=122&recv=166&lost=0&retrans=0&sent_bytes=18756&recv_bytes=14506&delivery_rate=2416&cwnd=12000&unsent_bytes=0&cid=368ce31e545f4529&ts=245&x=16"

GET www.1tamilblasters.earth/se1/_appcss/framework1.css

104.21.9.212

200 OK

248 kB

URL GET
www.1tamilblasters.earth/se1/_appcss/framework1.css
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
248 kB (247706 bytes)
Hash
9809be8685ba8745b96ae62b123f2399
28bf2861064ed42cded6ff80007664d1d58ca3c9
5e026c097899daf4c79edb3d328514e47b4801584353d6cc6e14f00ee71ac112

HTTP Headers

GET /se1/_appcss/framework1.css HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u028znGjjsy6Caa%2FT8H35fabxjyd%2F0BmqKWH4z2N0ezh50FEvwZ5TtGbo8Q9duz7Z8kydXBx54kGaq3E1bNhnK7mmYCr0wThZBDw23s9rOyRpxupdGEerUsYRBC%2BBpzfgLBLEhTzjcy3zJg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 19:59:59 GMT
last-modified: Thu, 15 May 2025 13:01:15 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
age: 133092
cf-cache-status: HIT
content-encoding: br
cf-ray: 941a26c109261c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3288&min_rtt=597&rtt_var=1565&sent=571&recv=180&lost=0&retrans=0&sent_bytes=532720&recv_bytes=19377&delivery_rate=17120664&cwnd=268200&unsent_bytes=0&cid=368ce31e545f4529&ts=299&x=16"

GET fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.178.106

200 OK

17 kB

URL GET
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.178.106:443
ASN
#15169 GOOGLE

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7A:29:E6:A8:BE:59:2C:AE:82:2D:CA:8E:15:89:41:BE:EC:D2:0D:EA
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
ASCII text, with very long lines (1572)
Size
17 kB (16755 bytes)
Hash
079d175a37af415fe31b05b4ee3f0c6d
e14b499ae075d1437a3d19c061ce5c47e70ebaf9
9407ac88551e3046045786d43d427ded47b0133ac0acb85f8604743885d06d4b

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 18 May 2025 08:58:17 GMT
date: Sun, 18 May 2025 08:58:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.1tamilblasters.earth/uploads/css_built_3/05e81b71abe4f22d6eb8d1a929494829_responsive.css.fdd06e5ec05c7395022c1b91f48e3cef.css?v=4e52a1ea3c

104.21.9.212

200 OK

40 kB

URL GET
www.1tamilblasters.earth/uploads/css_built_3/05e81b71abe4f22d6eb8d1a929494829_responsive.css.fdd06e5ec05c7395022c1b91f48e3cef.css?v=4e52a1ea3c
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
ASCII text, with very long lines (39960), with no line terminators
Size
40 kB (39960 bytes)
Hash
63aebb3c749278bb21ccb2f79fff79dc
e78cc623d028d0c856cddaf91d720af3da4e93d0
b640d3479b844216cf003d9ebf30747d193ce1117c8ab2a71e89cd978587c239

HTTP Headers

GET /uploads/css_built_3/05e81b71abe4f22d6eb8d1a929494829_responsive.css.fdd06e5ec05c7395022c1b91f48e3cef.css?v=4e52a1ea3c HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:11 GMT
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TyLTwzpEzn0VbGJQryMe0zN5xboN%2F6bhGP3NG2uSPbBYhqecCJQEH2oXwfm7Oo9Yitk%2FNM55LAK3s%2BaYFhj7rdh86lzp1nqMnU9VZeheqbfXgxiOu1sXb67O6aGh7QJmxDWx7WXdIxX1niE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 20:24:50 GMT
last-modified: Fri, 16 May 2025 20:04:25 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
age: 131601
cf-cache-status: HIT
content-encoding: br
cf-ray: 941a26c0b8ff1c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2518&min_rtt=597&rtt_var=1248&sent=113&recv=166&lost=0&retrans=0&sent_bytes=10423&recv_bytes=14506&delivery_rate=2416&cwnd=12000&unsent_bytes=0&cid=368ce31e545f4529&ts=242&x=16"

GET www.1tamilblasters.earth/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

104.21.9.212

200 OK

1.2 kB

URL GET
www.1tamilblasters.earth/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
JavaScript source, ASCII text, with very long lines (1238)
Size
1.2 kB (1239 bytes)
Hash
9e8f56e8e1806253ba01a95cfc3d392c
a8af90d7482e1e99d03de6bf88fed2315c5dd728
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: application/javascript
last-modified: Tue, 13 May 2025 17:14:08 GMT
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"68237de0-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LjKoOy%2BGOYzGRWoshPUc%2FI0N6ePAHjxhxgeF5Un7NH6JH2N0V9k%2FrkRC33v%2Fo1elpy4wfS%2F4Ua7L2bgtcQS3Ggrn1CjKuj%2B8r5wt782IAFOeNyT9hP91Q1NBiomwfIyeYXgEjz3jY%2BXN5UI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 941a26c2e9881c02-OSL
x-frame-options: DENY
expires: Tue, 20 May 2025 08:58:12 GMT

GET experttrafficcounter.com/stats

52.29.222.230

200 OK

40 B

URL GET
experttrafficcounter.com/stats
IP
52.29.222.230:443
ASN
#16509 AMAZON-02

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerAmazon
Subjectexperttrafficcounter.com
FingerprintCE:93:F6:82:20:C2:20:51:6E:53:85:EC:03:9C:48:F0:13:0B:67:D7
ValidityTue, 29 Apr 2025 00:00:00 GMT - Thu, 28 May 2026 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
255457083809a94cd92071259aebb7b2
4deea4b36db1bb9da3bac11782b001d90423df3d
b9148b629485c030989800e98a84e0f9d42c1ae796accc02e3077ddaf1c8c35e

HTTP Headers

GET /stats HTTP/1.1
Host: experttrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 08:58:13 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.1tamilblasters.earth
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=bcef68b4-1f1b-41c3-9bf8-601c2057301d:1:1; expires=Wed, 16 May 2035 08:58:13 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET www.1tamilblasters.earth/applications/core/interface/font/icomoon.woff?v=-29n77j

104.21.9.212

200 OK

2.7 kB

URL GET
www.1tamilblasters.earth/applications/core/interface/font/icomoon.woff?v=-29n77j
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
Web Open Font Format, TrueType, length 2676, version 1.0
Size
2.7 kB (2676 bytes)
Hash
dc94334c15a8cbd727b10c1b6246a0c1
1c5545f5bfc1b0f3ebc8bf0630ce5cec98aee031
c4dc92b008688c213242cfaf0cbe2bfd0fc689326a7b878cbc1cfa8afd87b763

HTTP Headers

GET /applications/core/interface/font/icomoon.woff?v=-29n77j HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/uploads/css_built_3/341e4a57816af3ba440d891ca87450ff_framework.css.ef38b4ed8ac528889503986f0347a9c2.css?v=4e52a1ea3c
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691; _ga_VVY9CWDB5S=GS2.1.s1747558692$o1$g0$t1747558692$j0$l0$h0; _ga=GA1.1.1679180738.1747558693; ips4_ipsTimezone=UTC; ips4_hasJS=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:14 GMT
content-type: font/woff
content-length: 2676
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 21:22:29 GMT
last-modified: Sun, 10 Jan 2021 03:13:32 GMT
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
age: 128145
cf-cache-status: HIT
cf-ray: 941a26d1db9e1c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2BDWh9jN9znHyqF9MowDMRZHGeaZsKFCZHRdASSBCU1E4t0bEw4zvcbkJ6kpqaogBaISFYNm2EIhGGriNVpo7wg7G%2BxeDRCPN3PztXPxJm%2FeOGf7Y46IMgbuWwVUClqjNA6c96EvvFEfVGg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1771&min_rtt=597&rtt_var=783&sent=732&recv=208&lost=0&retrans=0&sent_bytes=694578&recv_bytes=26721&delivery_rate=512862&cwnd=268200&unsent_bytes=0&cid=368ce31e545f4529&ts=2972&x=16"

GET cdn.creative-stat1.com/sb/chat/mob/ssp/1/img/close.png

172.67.133.15

200 OK

6.0 kB

URL GET
cdn.creative-stat1.com/sb/chat/mob/ssp/1/img/close.png
IP
172.67.133.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
Fingerprint0B:D7:09:43:6C:42:76:92:3B:8C:0E:15:43:A3:A3:AC:94:B2:C2:CB
ValiditySun, 13 Apr 2025 21:34:38 GMT - Sat, 12 Jul 2025 22:33:20 GMT

File type
PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced
Size
6.0 kB (5982 bytes)
Hash
c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd

HTTP Headers

GET /sb/chat/mob/ssp/1/img/close.png HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:17 GMT
content-type: image/png
content-length: 5982
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IyXaQ5qvYu0skpRE%2F7pmHMF49RkI8uxRDUPJYQWGuKNYzX5FAj0Xm5LQ1FgNgxU7qqFKL%2BMcsaUPCE%2FrOtpMwuOETxshvbAF5FSitodc2GnkmLI0KarnPYDYebDzq%2FlpEysQ9kN2PaCT"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 07 May 2022 04:02:16 GMT
etag: "6275ef48-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
accept-ranges: bytes
age: 1519928
cf-cache-status: HIT
cf-ray: 941a26e08d4e0b69-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8284&min_rtt=2804&rtt_var=6286&sent=21&recv=23&lost=0&retrans=0&sent_bytes=4226&recv_bytes=2160&delivery_rate=1904&cwnd=12000&unsent_bytes=0&cid=2f65e3c67948f3b4&ts=161&x=16"

GET shotgunchancecruel.com/pixel/sbs?c=1

192.243.61.227

200 OK

0 B

URL GET
shotgunchancecruel.com/pixel/sbs?c=1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerLet's Encrypt
Subjectshotgunchancecruel.com
Fingerprint57:F1:91:12:31:BB:80:19:FF:41:09:D0:8D:7B:40:3F:77:DF:B2:B3
ValiditySun, 20 Apr 2025 02:16:11 GMT - Sat, 19 Jul 2025 02:16:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: shotgunchancecruel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 18 May 2025 08:58:17 GMT
Content-Length: 0
Connection: keep-alive
Host: shotgunchancecruel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET www.1tamilblasters.earth/uploads/css_built_3/258adbb6e4f3e83cd3b355f84e3fa002_custom.css.19e73b6ad4a852436ef39d9bb83c7c2a.css?v=4e52a1ea3c

104.21.9.212

200 OK

178 kB

URL GET
www.1tamilblasters.earth/uploads/css_built_3/258adbb6e4f3e83cd3b355f84e3fa002_custom.css.19e73b6ad4a852436ef39d9bb83c7c2a.css?v=4e52a1ea3c
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
178 kB (178079 bytes)
Hash
68a38ebb92752982b1092ac8a1f0f872
9b851c4464e402455c8d4aa76989b63abb3a5c0e
bea6b8b87c126c84fa6e8bca652f8ec4905f871e29723ade76fcb676e807d9ab

HTTP Headers

GET /uploads/css_built_3/258adbb6e4f3e83cd3b355f84e3fa002_custom.css.19e73b6ad4a852436ef39d9bb83c7c2a.css?v=4e52a1ea3c HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:11 GMT
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O6O3PDAXAvrBmBCFbtwgC9kHHnLM0xRg5%2FOtQLeE53l0HpnnpCQskgv9b6XemD%2BJdGqizk4gZK%2BffRm47PQqqSqXIffqe1HB14vwAXPMzIhhWw6By8oGrPA6iiTTJpqWoOEHfULFqgS5ioA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 20:24:50 GMT
last-modified: Fri, 16 May 2025 20:04:26 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 131601
content-encoding: br
cf-ray: 941a26c0c9081c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2518&min_rtt=597&rtt_var=1248&sent=124&recv=166&lost=0&retrans=0&sent_bytes=20795&recv_bytes=14506&delivery_rate=2416&cwnd=12000&unsent_bytes=0&cid=368ce31e545f4529&ts=248&x=16"

GET jauntyhatredeighty.com/ce/d0/50/ced0506a5584c90299ec188b96fad1c4.js

192.243.59.12

200 OK

104 kB

URL GET
jauntyhatredeighty.com/ce/d0/50/ced0506a5584c90299ec188b96fad1c4.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerLet's Encrypt
Subjectjauntyhatredeighty.com
Fingerprint28:8D:F8:8E:40:C6:65:E3:DE:9C:09:44:8E:66:64:0D:98:DA:3C:B6
ValiditySat, 26 Apr 2025 21:30:59 GMT - Fri, 25 Jul 2025 21:30:58 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
104 kB (104467 bytes)
Hash
bc1178db7dc5071c2a34d08796bb3ade
4f252a6c10845dd9705387cb95519995733c0f2a
54b02ef0cc9e8de95535da51c74d969f7aec12d2c57c56c607abb4201dde0f89

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ce/d0/50/ced0506a5584c90299ec188b96fad1c4.js HTTP/1.1
Host: jauntyhatredeighty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 18 May 2025 08:58:12 GMT
Content-Type: application/javascript
Content-Length: 32756
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: jauntyhatredeighty.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 6a95adaee1788fbcfdf6574e5efbb3f6
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET shotgunchancecruel.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=188

192.243.61.225

200 OK

0 B

URL GET
shotgunchancecruel.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=188
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerLet's Encrypt
Subjectshotgunchancecruel.com
Fingerprint57:F1:91:12:31:BB:80:19:FF:41:09:D0:8D:7B:40:3F:77:DF:B2:B3
ValiditySun, 20 Apr 2025 02:16:11 GMT - Sat, 19 Jul 2025 02:16:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=188 HTTP/1.1
Host: shotgunchancecruel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 18 May 2025 08:58:16 GMT
Content-Length: 0
Connection: keep-alive
Host: shotgunchancecruel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET www.1tamilblasters.earth/uploads/javascript_global/root_framework.js.d44ec8a5048a9bda5f302ddf96cb5159.js?v=4e52a1ea3c

104.21.9.212

200 OK

402 kB

URL GET
www.1tamilblasters.earth/uploads/javascript_global/root_framework.js.d44ec8a5048a9bda5f302ddf96cb5159.js?v=4e52a1ea3c
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (19006)
Size
402 kB (402344 bytes)
Hash
12f84a3bebd926e6b393700fc134f7a6
e1b3a3baa95328617d15de1c1a11458786ddcaf1
0a3854371b69cee51a3529ff60be1471b7b9a6965c7a05b2f99712376c1ec15d

HTTP Headers

GET /uploads/javascript_global/root_framework.js.d44ec8a5048a9bda5f302ddf96cb5159.js?v=4e52a1ea3c HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:11 GMT
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NAwYgeNGEe6jyXmO7OsFuPrVcm6MCvuKYLRlLGuPw13DYwPijlGJ4%2FIqYhQeq5fOZaSxO20lHkDGdAzoZK6YvFA%2FxcQUDqgbRYCL5NISSH06HhjBL9a1YQoozqdi1%2F41SzOaL0QeDlNAdR8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Fri, 16 May 2025 20:04:29 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: HIT
age: 790
content-encoding: br
cf-ray: 941a26c0c9141c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2954&min_rtt=597&rtt_var=1649&sent=188&recv=169&lost=0&retrans=0&sent_bytes=92821&recv_bytes=15673&delivery_rate=2487463&cwnd=48000&unsent_bytes=0&cid=368ce31e545f4529&ts=262&x=16"

GET www.1tamilblasters.earth/_hp/icon/Attention.png

104.21.9.212

200 OK

2.7 kB

URL GET
www.1tamilblasters.earth/_hp/icon/Attention.png
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
PNG image data, 35 x 35, 8-bit colormap, non-interlaced
Size
2.7 kB (2660 bytes)
Hash
974c4a4ca8d9e2d71203556b0b6c5469
a1098f54ac2bdbfcf411b1cfb0777c0ed8ed95cb
170781c5255c47e5b54b0dac1b4b85e5ce3232823448156f11ca80c752b8fb17

HTTP Headers

GET /_hp/icon/Attention.png HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: image/png
content-length: 2660
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 19:59:59 GMT
last-modified: Fri, 11 Apr 2025 07:57:24 GMT
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
age: 133092
cf-cache-status: HIT
cf-ray: 941a26c169491c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vrIsak9Z45FlPSLkeOmHTO9wd0mKzhSi%2F0D%2FG4pK7kdmRbjFsQAFPW9aaTI3zoNXv8rpS%2Fs4yP%2BSsFC5lzUcDM5EaLoSkSxRUeMstdnvp7Cl5TCH5R17JHBeXeyHtgq3%2BhsPYELKa5QlcTQ%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2412&min_rtt=597&rtt_var=2101&sent=660&recv=191&lost=0&retrans=0&sent_bytes=627852&recv_bytes=22486&delivery_rate=1531987&cwnd=268200&unsent_bytes=0&cid=368ce31e545f4529&ts=362&x=16"

GET www.1tamilblasters.earth/_hp/icon/Telegram1.png

104.21.9.212

200 OK

1.4 kB

URL GET
www.1tamilblasters.earth/_hp/icon/Telegram1.png
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
PNG image data, 30 x 30, 8-bit colormap, non-interlaced
Size
1.4 kB (1373 bytes)
Hash
598a8f347d735fcbfdbabd9a2bc27e40
19fb47db3974b83fae6f89a3ca9af8a0d1a7d427
7a440d2f6f7c826063d4190a3d3ca91aee4cbfe01857f8bdeed693199fb010d8

HTTP Headers

GET /_hp/icon/Telegram1.png HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: image/png
content-length: 1373
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 19:59:59 GMT
last-modified: Fri, 11 Apr 2025 08:06:56 GMT
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
age: 133092
cf-cache-status: HIT
cf-ray: 941a26c1694b1c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VR2x9VCPToJ1ghe7qFhElVhtxNVQxUw9k4yxFH7dNUTHgvTx2MJa80H1yGGn8ZIBY1Y3pUOWCEQ3drSVzR5bGTOgrMo%2Bpbe4BRqgVmk3YAAzOkvmo%2BJQFPoCDpzjr%2B2FhBDuPoqFrFr62XY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2611&min_rtt=597&rtt_var=2272&sent=658&recv=190&lost=0&retrans=0&sent_bytes=625708&recv_bytes=22439&delivery_rate=21599174&cwnd=268200&unsent_bytes=0&cid=368ce31e545f4529&ts=360&x=16"

GET www.1tamilblasters.earth/_hp/icon/Android.png

104.21.9.212

200 OK

1.5 kB

URL GET
www.1tamilblasters.earth/_hp/icon/Android.png
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
PNG image data, 40 x 30, 8-bit colormap, non-interlaced
Size
1.5 kB (1535 bytes)
Hash
75d98194d3cb651d68d32444b2e2dba0
600da7655be970ec720b874a217bcbacc6ced288
1c41a46b2ffd503ed3beb666059f4e6ed1a412147f59e88a8a3ff62ea742b789

HTTP Headers

GET /_hp/icon/Android.png HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: image/png
content-length: 1535
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 19:59:59 GMT
last-modified: Fri, 11 Apr 2025 08:05:25 GMT
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
age: 133092
cf-cache-status: HIT
cf-ray: 941a26c1694d1c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o9qihNnDmptVNtVj%2BqAttAE%2BUSrFkTVdczvSbF%2BwbSlLsx46A47Ow14QS%2FUm5VWMtym28A31nUEoJYrueP1l26TAt96b1Y0Ogyndxl2j7ULznAVhDO4ptgi0NOJk1Vz1qEBGz39wL2VzUvw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3092&min_rtt=597&rtt_var=2561&sent=627&recv=188&lost=0&retrans=0&sent_bytes=589010&recv_bytes=22345&delivery_rate=279806&cwnd=268200&unsent_bytes=0&cid=368ce31e545f4529&ts=355&x=16"

GET capaciousdrewreligion.com/advertisers.js

185.196.197.72

200 OK

0 B

URL GET
capaciousdrewreligion.com/advertisers.js
IP
185.196.197.72:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
Fingerprint4C:9A:D1:39:AD:B4:C8:D5:6E:A1:5A:54:6F:88:D5:0F:D1:C6:5A:06
ValidityFri, 02 May 2025 21:09:09 GMT - Thu, 31 Jul 2025 21:09:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 18 May 2025 08:58:14 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: ace1976ec58c9a115859c2526bea0f21
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET cdn.creative-stat1.com/sb/chat/mob/ssp/1/css/animate.css

172.67.133.15

200 OK

79 kB

URL GET
cdn.creative-stat1.com/sb/chat/mob/ssp/1/css/animate.css
IP
172.67.133.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
Fingerprint0B:D7:09:43:6C:42:76:92:3B:8C:0E:15:43:A3:A3:AC:94:B2:C2:CB
ValiditySun, 13 Apr 2025 21:34:38 GMT - Sat, 12 Jul 2025 22:33:20 GMT

File type
ASCII text
Size
79 kB (79313 bytes)
Hash
fc638645a938f69e69360c75335ffd1a
143132fb8361c3ad0acf88cb70bf0b07c0ecc2d4
7ef76aab275d0221c68602d18f81b4285b280756f0f71d535ed8b5b889bc2f90

HTTP Headers

GET /sb/chat/mob/ssp/1/css/animate.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 08:58:16 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Sat, 07 May 2022 03:21:31 GMT
etag: W/"6275e5bb-135d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: HIT
age: 115136
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ysa8l9lURHozGpNe5v0YlLY9jDpRdzxOp4fnZovpnUruJQGpTJbDEZO6KwZl1hdFVMF8c6R5ZK4u9RDsZAzXaV4NFyZbFRdy09Cv72d7yl7ytGsf"}]}
cf-ray: 941a26df99c27128-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.1tamilblasters.earth/cdn-cgi/challenge-platform/h/g/scripts/jsd/6fab0cec561d/main.js?

104.21.9.212

200 OK

8.4 kB

URL GET
www.1tamilblasters.earth/cdn-cgi/challenge-platform/h/g/scripts/jsd/6fab0cec561d/main.js?
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
JavaScript source, ASCII text, with very long lines (8423), with no line terminators
Size
8.4 kB (8423 bytes)
Hash
64ebfcf21cfd99b2d856d1f123601a03
e49ba00e92ecbfd4ff66b214e9a8f07d4f196ede
1f857f24baf072dcc9186d59ea2811567dd5b2d69bedc522f2fb8cc057e9a462

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/6fab0cec561d/main.js? HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691; _ga_VVY9CWDB5S=GS2.1.s1747558692$o1$g0$t1747558692$j0$l0$h0; _ga=GA1.1.1679180738.1747558693; ips4_ipsTimezone=UTC; ips4_hasJS=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:14 GMT
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VR3V5%2BHlM5mUdOJhvzHg2UNU6%2FF0E2bWqPG26erCmoPUw%2FqZ9giyh6uuRqxvYUICy%2FrI2xoLWg8SdX%2BD5%2BDaQ%2B%2FPipFvsxYqaPMM7tKQPwYbMJgI9%2FwJizOCpkUPnE9oLWkzUptz6pF4zyo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
x-content-type-options: nosniff
content-encoding: br
cf-ray: 941a26d00b601c02-OSL
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1888&min_rtt=597&rtt_var=732&sent=726&recv=206&lost=0&retrans=0&sent_bytes=689800&recv_bytes=26070&delivery_rate=21236&cwnd=268200&unsent_bytes=0&cid=368ce31e545f4529&ts=2678&x=16"

GET www.1tamilblasters.earth/uploads/css_built_3/24bd4821c74747f952801a16eb6c868a_main.css.7b805223c43a61ac8d2dd051455d5701.css?v=4e52a1ea3c

104.21.9.212

200 OK

12 kB

URL GET
www.1tamilblasters.earth/uploads/css_built_3/24bd4821c74747f952801a16eb6c868a_main.css.7b805223c43a61ac8d2dd051455d5701.css?v=4e52a1ea3c
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
ASCII text, with very long lines (12403), with no line terminators
Size
12 kB (12403 bytes)
Hash
72a2e3c9ddb75eef27df3eef2f1f6158
032fac857072da4ee58349c3d7e81763f369daff
b725e0bb5e963f9a67b303cc07e3a9fbefcf6deedec7a9c5655980aef4f3dbbb

HTTP Headers

GET /uploads/css_built_3/24bd4821c74747f952801a16eb6c868a_main.css.7b805223c43a61ac8d2dd051455d5701.css?v=4e52a1ea3c HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:11 GMT
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CYYrdf2%2BTP6WC1iSunpr4vMcVxCfdZQOrd79uGpe3ok6NgbyXgqD3ByhrjLhNubjK8EjNotk1QzOoU6yfEJANxtY8TBBYsY66OI9BkGdgTRqrmVq4n3oeODSNyYkjDe9fsSEcR5NtsRfJGw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 20:24:50 GMT
last-modified: Fri, 16 May 2025 20:04:25 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
age: 131601
cf-cache-status: HIT
content-encoding: br
cf-ray: 941a26c0b9011c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2518&min_rtt=597&rtt_var=1248&sent=124&recv=166&lost=0&retrans=0&sent_bytes=20795&recv_bytes=14506&delivery_rate=2416&cwnd=12000&unsent_bytes=0&cid=368ce31e545f4529&ts=247&x=16"

GET www.1tamilblasters.earth/uploads/css_built_3/341e4a57816af3ba440d891ca87450ff_framework.css.ef38b4ed8ac528889503986f0347a9c2.css?v=4e52a1ea3c

104.21.9.212

200 OK

248 kB

URL GET
www.1tamilblasters.earth/uploads/css_built_3/341e4a57816af3ba440d891ca87450ff_framework.css.ef38b4ed8ac528889503986f0347a9c2.css?v=4e52a1ea3c
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
248 kB (247586 bytes)
Hash
dd70dc8915f983b3a3d1b95bc215cdb6
50658c3fe87e511b803c29786735113589ddc29d
ff4ee0fefb313d0cb6bbd753957f732b0f86b1e128feea2636b8a3775fe72b64

HTTP Headers

GET /uploads/css_built_3/341e4a57816af3ba440d891ca87450ff_framework.css.ef38b4ed8ac528889503986f0347a9c2.css?v=4e52a1ea3c HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:11 GMT
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t40TdeJpP%2BmPHB3dcJj18bFXtyoLM%2BVxmD%2FC7IRL5yq0vDoPc9eetNEHFtzF5IxoKgFy0%2BwY1WGqkQPmn3bPsDtAzTs9Xrp7dhEcy976kgaEYPHw%2B%2FXhtLF100GtTZPvNhTh29%2FPt4wFqjs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 20:24:50 GMT
last-modified: Fri, 16 May 2025 20:04:25 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 131601
content-encoding: br
cf-ray: 941a26c0b8fe1c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2518&min_rtt=597&rtt_var=1248&sent=124&recv=166&lost=0&retrans=0&sent_bytes=20795&recv_bytes=14506&delivery_rate=2416&cwnd=12000&unsent_bytes=0&cid=368ce31e545f4529&ts=247&x=16"

GET www.1tamilblasters.earth/uploads/monthly_2024_11/TBLORG.png.5d115934200bd80966cffb24d5094c5b.png

104.21.9.212

200 OK

15 kB

URL GET
www.1tamilblasters.earth/uploads/monthly_2024_11/TBLORG.png.5d115934200bd80966cffb24d5094c5b.png
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
PNG image data, 201 x 85, 8-bit/color RGBA, non-interlaced
Size
15 kB (15239 bytes)
Hash
1dde1b44c7c9febb37e754034ff22772
1738a5d7484a31bebcf606636293f838ffdb3289
d1229fd1b0588451d5f5a501badc895391616c88f1d1bb3f6166fb467d22a446

HTTP Headers

GET /uploads/monthly_2024_11/TBLORG.png.5d115934200bd80966cffb24d5094c5b.png HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: image/png
content-length: 15239
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 19:59:59 GMT
last-modified: Mon, 04 Nov 2024 12:57:39 GMT
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
age: 133092
cf-cache-status: HIT
cf-ray: 941a26c1694a1c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PWIvzBMmkb0KqWN8BVQt5jMHm8EOzJiz5TjLruv2awXjf9Pel%2FQ7ZAvlcruKzd7zWPHX3v0BLbJ7KManrfIqT0D0D9VKokA6D2HIYPhIEVO5xrz3%2B38sgEbo03di0QzNlFfag1IpHOXtkwQ%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2247&min_rtt=597&rtt_var=1907&sent=663&recv=192&lost=0&retrans=0&sent_bytes=631311&recv_bytes=22534&delivery_rate=2141433&cwnd=268200&unsent_bytes=0&cid=368ce31e545f4529&ts=366&x=16"

GET 1tamilblasters.party/

104.21.36.131

301 Moved Permanently

1.7 MB

URL User Request GET
1tamilblasters.party/
IP
104.21.36.131:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.party
FingerprintD8:79:48:01:D7:D9:92:13:2B:F5:02:F6:19:1F:CF:AC:B9:46:F3:86
ValidityThu, 24 Apr 2025 18:03:36 GMT - Wed, 23 Jul 2025 19:01:14 GMT

File type

Size
1.7 MB (1728347 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: 1tamilblasters.party
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sun, 18 May 2025 08:58:11 GMT
content-type: text/html; charset=iso-8859-1
location: https://www.1tamilblasters.earth/
server: cloudflare
x-content-type-options: nosniff
cf-ray: 941a26bdaa00b4ee-OSL
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i5bWj9ZplgUORA33GxR9s8pgnGylP9x4BWI5L2iprwa%2B5UDzohvykw%2F9zWb6gb%2BbtnnR8YdGSLlVOQgw5CrCQvedP7BfBEIYkucEggMIKMturd0N%2FDJYAHFR8tt7s5DjfBIRUGkxxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5568&min_rtt=477&rtt_var=10188&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3302&recv_bytes=1261&delivery_rate=6983922&cwnd=254&unsent_bytes=0&cid=cdfcb0d99222c16f&ts=96&x=0"
X-Firefox-Spdy: h2

GET www.1tamilblasters.earth/se1/_appcss/page.css

104.21.9.212

200 OK

308 B

URL GET
www.1tamilblasters.earth/se1/_appcss/page.css
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
ASCII text, with very long lines (308), with no line terminators
Size
308 B (308 bytes)
Hash
ad2328c81b674931fd4ec4727fb24c60
6c74aead05a49439da959a070d83d3642390ad87
331e60e6ff80485bf1c45e985db28bc82fb0ea993683040890cf48e17867c78b

HTTP Headers

GET /se1/_appcss/page.css HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6BSNSUfhmqdZYSrLeXwQrJDdm1Dy2PPAbiHZA0HB4WQ0N9Ny71zW%2B96YRP6LrGph1nznk%2FKb33Na5UAfDacQhr4dV0UAWvWab0oMaqKqfjXBSik6NFe1x3RWloSTgQKjz5ap%2FISnBCHOCuM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 19:59:59 GMT
last-modified: Tue, 22 Oct 2024 15:43:42 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
age: 133092
cf-cache-status: HIT
content-encoding: br
cf-ray: 941a26c1192d1c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3288&min_rtt=597&rtt_var=2087&sent=466&recv=179&lost=0&retrans=0&sent_bytes=415169&recv_bytes=19331&delivery_rate=2691747&cwnd=208800&unsent_bytes=0&cid=368ce31e545f4529&ts=294&x=16"

GET www.1tamilblasters.earth/se1/_appcss/custom2.css

104.21.9.212

200 OK

178 kB

URL GET
www.1tamilblasters.earth/se1/_appcss/custom2.css
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
178 kB (178091 bytes)
Hash
6fdbace0264ed28b12df55028707f19f
118129c3a045a57005ae09fd931dabf1d7c6dbf6
0a95fb25ecd03da1cc8481a1fd143b8aea885104fa2a05a721129934d0ae303a

HTTP Headers

GET /se1/_appcss/custom2.css HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mHD8eWXzP90Vt9JwQ6gqtu5uo3p2vaXz67OMdsdx4wqv%2FushzPkAf35BdzS2gdi5kkp3ZJOgCVn12mCPZDYt37rmLGiCl6EKcweR%2FWnnnjxWrM3lzlQcr9yQiNQvFMnEzpg18OUTQ8xr%2Bik%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 19:59:59 GMT
last-modified: Thu, 15 May 2025 13:01:16 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 133093
content-encoding: br
cf-ray: 941a26c169481c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2831&min_rtt=597&rtt_var=2443&sent=629&recv=189&lost=0&retrans=0&sent_bytes=591313&recv_bytes=22392&delivery_rate=1554998&cwnd=268200&unsent_bytes=0&cid=368ce31e545f4529&ts=358&x=16"

GET 6.adsco.re/

104.17.166.186

200 OK

45 B

URL GET
6.adsco.re/
IP
104.17.166.186:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerSectigo Limited
Subject*.adsco.re
Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B
ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
45 B (45 bytes)
Hash
5b41cb22f84f645a103acc7bfbf084ff
bac3967b26d5ec4a0d09a580714e8219796816bd
709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc

HTTP Headers

GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 08:58:16 GMT
content-type: text/plain;charset=UTF-8
content-length: 45
access-control-allow-origin: https://www.1tamilblasters.earth
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 941a26dfece40afa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

POST vgnk2nrvyyke.l4.adsco.re/

185.200.118.62

200 OK

0 B

URL POST
vgnk2nrvyyke.l4.adsco.re/
IP
185.200.118.62:443
ASN
#9009 M247 Europe SRL

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerLet's Encrypt
Subject*.l4.adsco.re
Fingerprint76:AD:98:EA:A8:8F:6F:6D:58:92:36:07:6D:91:B6:67:41:97:C1:4E
ValiditySat, 19 Apr 2025 09:14:33 GMT - Fri, 18 Jul 2025 09:14:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST / HTTP/1.1
Host: vgnk2nrvyyke.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 18 May 2025 08:58:17 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 02 Jun 2023 14:03:32 GMT
etag: "6479f6b4-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2

POST adsco.re/p

162.252.214.5

200 OK

1.2 kB

URL POST
adsco.re/p
IP
162.252.214.5:443
ASN
#53334 TUT-AS

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerSectigo Limited
Subject*.adsco.re
Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B
ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

File type
ASCII text, with very long lines (1212), with no line terminators
Size
1.2 kB (1212 bytes)
Hash
478ae2e1ee0523efe5c14d763ae17d7b
cf9a968216610630e015e1123852e66ea914bdd6
4896063b1fd14045581fa176892fb31c5180d0f50a37f3b0fdd9990420fe378c

HTTP Headers

POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2330
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 18 May 2025 08:58:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK nyc123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Access-Control-Allow-Origin: https://www.1tamilblasters.earth
Access-Control-Allow-Credentials: true
Content-Encoding: gzip

OPTIONS nannyirrationalacquainted.com/pixel/pure

192.243.59.20

204 No Content

0 B

URL OPTIONS
nannyirrationalacquainted.com/pixel/pure
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerLet's Encrypt
Subjectnannyirrationalacquainted.com
Fingerprint02:A2:15:3C:6C:15:16:0E:78:8F:56:09:21:EA:27:04:2D:EC:D5:E2
ValiditySun, 20 Apr 2025 00:43:48 GMT - Sat, 19 Jul 2025 00:43:47 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /pixel/pure HTTP/1.1
Host: nannyirrationalacquainted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.1tamilblasters.earth/
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.19.5
Date: Sun, 18 May 2025 08:58:15 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET www.1tamilblasters.earth/se1/_appcss/chatbox.css

104.21.9.212

200 OK

2.6 kB

URL GET
www.1tamilblasters.earth/se1/_appcss/chatbox.css
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
ASCII text, with very long lines (2636), with no line terminators
Size
2.6 kB (2636 bytes)
Hash
715ca39dbf6d1fda3ea51925da1a35b4
f6a30051fa5b773d925f289fc4459b7c9916bf53
4033d3f4dfea92c804970bb30ecaca34822d4f3cb4ddf9cf0cd9d4514d3c70b2

HTTP Headers

GET /se1/_appcss/chatbox.css HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=db5sSsbIBYK41XNOz%2BJIl%2FivglJ1bGJqfXFBhVE4G%2B5pYVyMEo4PYvO7nhc2oj6V9BXfHjeOUaIiCPN%2B%2F2XJ%2BfXncwTI%2FeJj5FrG31v9Wmia6XIXOebiOdguJyGhfh2U1mAlCFizckDOEfk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 19:59:59 GMT
last-modified: Tue, 22 Oct 2024 15:39:13 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
age: 133092
cf-cache-status: HIT
content-encoding: br
cf-ray: 941a26c109271c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3288&min_rtt=597&rtt_var=2087&sent=466&recv=179&lost=0&retrans=0&sent_bytes=415169&recv_bytes=19331&delivery_rate=2691747&cwnd=208800&unsent_bytes=0&cid=368ce31e545f4529&ts=286&x=16"

GET www.1tamilblasters.earth/se1/_appcss/main.css

104.21.9.212

200 OK

12 kB

URL GET
www.1tamilblasters.earth/se1/_appcss/main.css
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
ASCII text, with very long lines (12403), with no line terminators
Size
12 kB (12403 bytes)
Hash
72a2e3c9ddb75eef27df3eef2f1f6158
032fac857072da4ee58349c3d7e81763f369daff
b725e0bb5e963f9a67b303cc07e3a9fbefcf6deedec7a9c5655980aef4f3dbbb

HTTP Headers

GET /se1/_appcss/main.css HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CeBel%2B7naojmlrq0q0QN3dFGDAz9Yivx%2Bvyi%2FPR4tgDOALf3IuF1wI%2F7k5hxU2Tcf%2FUyZOuofnVZ1PfuifZJB%2Fu8MPB9shyamhpaVE%2Bj5vDyY9%2Bn2O6WO0TcyZsnFHTVYm511pIx2PqLV9U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 19:59:59 GMT
last-modified: Tue, 22 Oct 2024 15:40:07 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 133093
content-encoding: br
cf-ray: 941a26c119291c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3288&min_rtt=597&rtt_var=2087&sent=466&recv=179&lost=0&retrans=0&sent_bytes=415169&recv_bytes=19331&delivery_rate=2691747&cwnd=208800&unsent_bytes=0&cid=368ce31e545f4529&ts=289&x=16"

GET www.1tamilblasters.earth/uploads/monthly_2025_05/8a36df2c8411b9c61e9e42fb7e04e909.thumb.jpg.34c864d24b8b0e2164902a2b7f2849a8.jpg

104.21.9.212

200 OK

6.6 kB

URL GET
www.1tamilblasters.earth/uploads/monthly_2025_05/8a36df2c8411b9c61e9e42fb7e04e909.thumb.jpg.34c864d24b8b0e2164902a2b7f2849a8.jpg
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 159x159, components 3
Size
6.6 kB (6557 bytes)
Hash
6e202ffc08603ae3ea4ca07475be13d5
cae30a61fc34304533233f9fe799d251a50c0fa7
454eafddf04c6e89af393ba436a6d034143c870f31f49ad9e82f40ca94092143

HTTP Headers

GET /uploads/monthly_2025_05/8a36df2c8411b9c61e9e42fb7e04e909.thumb.jpg.34c864d24b8b0e2164902a2b7f2849a8.jpg HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: image/jpeg
content-length: 6557
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 20:24:51 GMT
last-modified: Fri, 09 May 2025 15:36:45 GMT
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
age: 131601
cf-cache-status: HIT
cf-ray: 941a26c2d9841c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tOVdl5teySlw0Wng%2BdpStXBjqZg4zeinm51y9VwmNyiq6JFEiqX5RXnzgqUeg5G5Z8rCRgaXWVoe64%2BKx0X6y8vy89vRRs7qA8ty95po%2FeB16Vi%2BzupJ9PU6x91TwNOkPhz5mXZKN%2BaLLYs%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2179&min_rtt=597&rtt_var=1566&sent=682&recv=198&lost=0&retrans=0&sent_bytes=647787&recv_bytes=24531&delivery_rate=5868629&cwnd=268200&unsent_bytes=0&cid=368ce31e545f4529&ts=579&x=16"

GET www.displayvertising.com/YCS/watrament.min.js

95.173.205.15

200 OK

37 kB

URL GET
www.displayvertising.com/YCS/watrament.min.js
IP
95.173.205.15:443
ASN
#60068 Datacamp Limited

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerLet's Encrypt
Subject1503693843.rsc.cdn77.org
Fingerprint3C:DB:39:6A:85:67:AD:AF:B7:D7:E3:C2:D4:81:88:5E:17:C8:21:52
ValidityWed, 16 Apr 2025 02:51:45 GMT - Tue, 15 Jul 2025 02:51:44 GMT

File type
JavaScript source, ASCII text, with very long lines (1568)
Size
37 kB (37184 bytes)
Hash
af3e5428b7b8ce9c636d56d5350f628d
9eef8388d9fc7e4305a005ad2205dce3fbd1179a
1e2b0f9325834100f327857b5cc8935b2b25dfe2ffe7b38fe0a5fee9ae3cc0d0

HTTP Headers

GET /YCS/watrament.min.js HTTP/1.1
Host: www.displayvertising.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: application/x-javascript
popads-node: wb9
expires: Fri, 23 May 2025 20:07:13 GMT
access-control-allow-origin: https://www.1tamilblasters.earth
link: <https://displayvertising.com/>;rel=preconnect
cache-control: public, max-age=604800
x-77-nzt: EwwBX63NDQHXx6oBAAwBuUwKEwH3VlsAAAwBw7WvBgG3FQAAAA
x-77-nzt-ray: 2a494a157b72fb0e49a12968792ce731
x-77-cache: HIT
x-77-age: 109255
vary: Accept-Encoding, Origin
content-encoding: gzip
server: CDN77-Turbo
x-77-pop: osloNO
X-Firefox-Spdy: h2

GET youradexchange.com/script/suurl5.php?r=6662570&cbur=0.9782767416426369&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=1TamilBlasters%20Latest%20Tamil%20Malayalam%20Telugu%20Kannada%20Hindi%20HD%20Movies%20Download&cbpage=https%3A%2F%2Fwww.1tamilblasters.earth%2F&cbref=&cbdescription=1TamilBlasters%20is%20a%20movie%20download%20website%20where%20you%20can%20download%20the%20latest%20movies.%20In%201TamilBlasters%20you%20can%20download%20Tamil%2C%20Malayalam%2C%20Telugu%2C%20Kannada%2C%20and%20Hindi%20movies.&cbkeywords=TamilBlasters%2C%20Tamil%20Blasters%2C%201TamilBlasters%2C%20TamilBlasters%20latest%20domain%2C%201TamilBlasters%20latest%20domain%2C%20TamilBlasters%20new%20link%2C%201TamilBlasters%20new%20link%2C%20TamilBlasters%20official%20website%2C%201TamilBlasters%20official%20website%2C%20TamilBlasters%20proxy%20sites%2C%201TamilBlasters%20proxy%20sites&cbcdn=acscdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1747558694191&srs=b30690d49f8092406e288d0813120ad0&atv=60.1

172.67.177.214

200 OK

1.1 kB

URL GET
youradexchange.com/script/suurl5.php?r=6662570&cbur=0.9782767416426369&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=1TamilBlasters%20Latest%20Tamil%20Malayalam%20Telugu%20Kannada%20Hindi%20HD%20Movies%20Download&cbpage=https%3A%2F%2Fwww.1tamilblasters.earth%2F&cbref=&cbdescription=1TamilBlasters%20is%20a%20movie%20download%20website%20where%20you%20can%20download%20the%20latest%20movies.%20In%201TamilBlasters%20you%20can%20download%20Tamil%2C%20Malayalam%2C%20Telugu%2C%20Kannada%2C%20and%20Hindi%20movies.&cbkeywords=TamilBlasters%2C%20Tamil%20Blasters%2C%201TamilBlasters%2C%20TamilBlasters%20latest%20domain%2C%201TamilBlasters%20latest%20domain%2C%20TamilBlasters%20new%20link%2C%201TamilBlasters%20new%20link%2C%20TamilBlasters%20official%20website%2C%201TamilBlasters%20official%20website%2C%20TamilBlasters%20proxy%20sites%2C%201TamilBlasters%20proxy%20sites&cbcdn=acscdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1747558694191&srs=b30690d49f8092406e288d0813120ad0&atv=60.1
IP
172.67.177.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subjectyouradexchange.com
Fingerprint15:B3:64:96:16:B0:F4:77:6F:50:C1:66:99:8E:A6:A8:90:64:AD:7E
ValidityThu, 03 Apr 2025 15:59:56 GMT - Wed, 02 Jul 2025 16:56:55 GMT

File type
JSON text data
Size
1.1 kB (1098 bytes)
Hash
935c963f9cc20542d04ce1f43d06bdc8
731b2c7df9d8ca5039278c1f0c81537109594be7
e66af36c16c124f926edacfab90e2f7b0c52ddd3836fec6cb4c6773820414136

HTTP Headers

GET /script/suurl5.php?r=6662570&cbur=0.9782767416426369&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=1TamilBlasters%20Latest%20Tamil%20Malayalam%20Telugu%20Kannada%20Hindi%20HD%20Movies%20Download&cbpage=https%3A%2F%2Fwww.1tamilblasters.earth%2F&cbref=&cbdescription=1TamilBlasters%20is%20a%20movie%20download%20website%20where%20you%20can%20download%20the%20latest%20movies.%20In%201TamilBlasters%20you%20can%20download%20Tamil%2C%20Malayalam%2C%20Telugu%2C%20Kannada%2C%20and%20Hindi%20movies.&cbkeywords=TamilBlasters%2C%20Tamil%20Blasters%2C%201TamilBlasters%2C%20TamilBlasters%20latest%20domain%2C%201TamilBlasters%20latest%20domain%2C%20TamilBlasters%20new%20link%2C%201TamilBlasters%20new%20link%2C%20TamilBlasters%20official%20website%2C%201TamilBlasters%20official%20website%2C%20TamilBlasters%20proxy%20sites%2C%201TamilBlasters%20proxy%20sites&cbcdn=acscdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1747558694191&srs=b30690d49f8092406e288d0813120ad0&atv=60.1 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.1tamilblasters.earth/
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 08:58:14 GMT
content-type: application/json; charset=utf-8
server: cloudflare
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
vary: accept-encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=tYY5%2BRIXHIyR3rYaT82RwzLlojZcsrNKoOdbSh1mLZrAOqsSY76WBC%2BXvO6nx0VRd0zfFxiPbv9BkzFSEmk%2BMY%2Fig0L4Rf3WQMTQDBxp"}]}
cf-ray: 941a26ceeecd56be-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.1tamilblasters.spa/se1/applications/core/interface/font/icomoon.ttf?v=-29n77j

172.67.218.238

404 Not Found

1.3 kB

URL GET
www.1tamilblasters.spa/se1/applications/core/interface/font/icomoon.ttf?v=-29n77j
IP
172.67.218.238:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.spa
FingerprintED:6D:01:D8:6F:DA:22:61:F6:D8:EE:94:F1:04:37:60:D1:10:9E:17
ValidityThu, 15 May 2025 11:22:21 GMT - Wed, 13 Aug 2025 12:20:54 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
1.3 kB (1251 bytes)
Hash
8150f458ed6fb9b1db4e5cfa57a1a281
6e5726854d28687b560d7fdcb5c782c425c7dfb9
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

HTTP Headers

GET /se1/applications/core/interface/font/icomoon.ttf?v=-29n77j HTTP/1.1
Host: www.1tamilblasters.spa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sun, 18 May 2025 08:58:14 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
content-encoding: br
cf-ray: 941a26cfcb581c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CnpHXehNZUC6ccj4v1cwUNKU8IFRWZaPcVvL3lUwWHZJDtnRs%2Fp%2FEghupBsMrwsPOSo6oMc5BzrqM8MKYt6Jp6AsphMi5E93o92JiDk6b4NG0IJQRgQ9MVhm%2Ff8GjhpnpOLpWE4yJZOd"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6502&min_rtt=1767&rtt_var=3901&sent=15&recv=11&lost=0&retrans=0&sent_bytes=3861&recv_bytes=1775&delivery_rate=2156&cwnd=12000&unsent_bytes=0&cid=709dd1adf76c1e67&ts=263&x=16"

POST www.1tamilblasters.earth/cdn-cgi/challenge-platform/h/g/jsd/r/0.35563261189571344:1747556108:jNY9kphM7HZHD6H3xnTESfQ_U0BLUd5wrwbrGsSPvrc/941a26be9decb529

104.21.9.212

200 OK

0 B

URL POST
www.1tamilblasters.earth/cdn-cgi/challenge-platform/h/g/jsd/r/0.35563261189571344:1747556108:jNY9kphM7HZHD6H3xnTESfQ_U0BLUd5wrwbrGsSPvrc/941a26be9decb529
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/jsd/r/0.35563261189571344:1747556108:jNY9kphM7HZHD6H3xnTESfQ_U0BLUd5wrwbrGsSPvrc/941a26be9decb529 HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 12098
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691; _ga_VVY9CWDB5S=GS2.1.s1747558692$o1$g0$t1747558692$j0$l0$h0; _ga=GA1.1.1679180738.1747558693; ips4_ipsTimezone=UTC; ips4_hasJS=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:14 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K0gVFnlTKDBtEuKngvlUduHS43KgpcNeuGm46LAVf1PiyIRa6DiclLIHRL1oAqZc3J9HBtlAMgNbUgQPNOyl6DBBcWNgMff4s4q5L8iaSDd%2Fbw0xIISfnk%2FJlXHx5hXokIJ%2Bb8rQJjIhBhk%3D"}],"group":"cf-nel","max_age":604800}
set-cookie: cf_clearance=Q0YDG2fVjgsmvHiDFvlBU_EF4ynsqSEZ0u5T3C4qZng-1747558694-1.2.1.1-5LqqiyNd6ZsgnDN.0iKbm44XhV2jL0hvP6e0d42CaRErQYkjWN3S1ZbjpUCo4KVbKUnyxoi480nIghElLYyMHw7Dvh_6HuFZj3sCEdZJvysAsTGJ5A1o6XuXPp0d6MWPDgh8nv02UBKVUHemZP.2CdIazV49v0UF_e.7LaW3qEKcWAw6Y.ofXF_hUVnydUwEG7RnyZ_Pl_FVZ4YZatvTgXIDBPD_3L6m3qd8_M3IgymPV0uj3qu8g_AN32X0Rhr8oZx2c1RScU3.VfUzqxzSIj2TD8DBtJu5L7OmDQP_ulfgyiH7MVDh4IIBBBjSLzZ2vGUjNDizIeUZBgwVMG5joTsmSYQlCPR2.4RiTEo0jag; HttpOnly; SameSite=None; Partitioned; Secure; Path=/; Domain=1tamilblasters.earth; Expires=Mon, 18 May 2026 08:58:14 GMT
cf-ray: 941a26d2ebb11c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1896&min_rtt=597&rtt_var=838&sent=745&recv=219&lost=0&retrans=0&sent_bytes=698329&recv_bytes=39820&delivery_rate=249680&cwnd=268200&unsent_bytes=0&cid=368ce31e545f4529&ts=3148&x=16"

GET cdn.creative-stat1.com/sb/chat/mob/ssp/1/css/style.css

172.67.133.15

200 OK

4.6 kB

URL GET
cdn.creative-stat1.com/sb/chat/mob/ssp/1/css/style.css
IP
172.67.133.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
Fingerprint0B:D7:09:43:6C:42:76:92:3B:8C:0E:15:43:A3:A3:AC:94:B2:C2:CB
ValiditySun, 13 Apr 2025 21:34:38 GMT - Sat, 12 Jul 2025 22:33:20 GMT

File type
ASCII text
Size
4.6 kB (4617 bytes)
Hash
630f303dfe147dec2c4a226287393b69
3e9f8270b84e09595181bd55de6785a89f53ba10
967d085a33a12064d83cb38f582c3e418e021a2d523dd9597bb75dc00589fec7

HTTP Headers

GET /sb/chat/mob/ssp/1/css/style.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 08:58:16 GMT
content-type: text/css
server: cloudflare
last-modified: Mon, 21 Feb 2022 08:25:04 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"62134c60-1209"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
age: 115135
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=1Bg3vUOH58r8AOUGCXXllXK%2FT%2FweP9lkIanxvhk6H4%2FM5B0o7z5utSkiBRBeQnQ5182ShjVaCWc5Gq9QbV0PKW2Y9DOIqLQScur6GNHogdXFM49e"}]}
cf-ray: 941a26df89b57128-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint15:8B:D4:EA:7E:CB:34:1B:6F:2E:20:9E:39:44:7A:D6:D7:30:26:AB
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 May 2025 10:03:46 GMT
expires: Fri, 15 May 2026 10:03:46 GMT
cache-control: public, max-age=31536000
age: 255271
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET cdn.storageimagedisplay.com/si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png

45.133.44.1

200 OK

14 kB

URL GET
cdn.storageimagedisplay.com/si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png
IP
45.133.44.1:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
Fingerprint7C:BD:B0:48:37:0F:A4:22:46:5F:09:F9:77:FA:07:FF:25:25:52:76
ValiditySun, 11 May 2025 02:32:51 GMT - Sat, 09 Aug 2025 02:32:50 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
14 kB (14496 bytes)
Hash
962ac416cce3fad636d4904386c8d3d4
811166fceb971353dc6a9ea3a153367f20b47592
ec6c8e1c030499a846897265d0c1f66dedc6ece17c1ea6006b700faf37e73555

HTTP Headers

GET /si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 08:58:17 GMT
content-type: image/png
content-length: 14496
server: nginx/1.21.6
last-modified: Mon, 04 Dec 2023 01:05:10 GMT
etag: "656d25c6-38a0"
expires: Tue, 20 May 2025 08:58:17 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET cdn.creative-stat1.com/sb/chat/mob/ssp/1/js/jquery.min.js

172.67.133.15

200 OK

90 kB

URL GET
cdn.creative-stat1.com/sb/chat/mob/ssp/1/js/jquery.min.js
IP
172.67.133.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
Fingerprint0B:D7:09:43:6C:42:76:92:3B:8C:0E:15:43:A3:A3:AC:94:B2:C2:CB
ValiditySun, 13 Apr 2025 21:34:38 GMT - Sat, 12 Jul 2025 22:33:20 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
90 kB (89492 bytes)
Hash
561acb3e541133bbdd2c0c19f8ee35a1
ffd1353cf3f77d25f801c84d8208613eb0d3d548
9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc

HTTP Headers

GET /sb/chat/mob/ssp/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:17 GMT
content-type: application/javascript
content-length: 89492
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=psBHlCkKcmOfb92aWNB0GXv0HnLMSodRbqiUmLJwDBbKfqohx6cEmks%2B6YGC2zF829nNkEj%2BO7Jot3MR5vmMqYe5gjpdwEbHTOg5%2FnpyD3HhSeq3KvG0tKu0d6AseQ%2BJv2HcO8KVmMRd"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 07 May 2022 05:43:05 GMT
etag: "627606e9-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 466488
accept-ranges: bytes
cf-ray: 941a26e09d4f0b69-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8284&min_rtt=2804&rtt_var=6286&sent=27&recv=23&lost=0&retrans=0&sent_bytes=11074&recv_bytes=2160&delivery_rate=1904&cwnd=12000&unsent_bytes=0&cid=2f65e3c67948f3b4&ts=162&x=16"

GET www.1tamilblasters.earth/uploads/javascript_global/root_library.js.c4436661c63e41c7340b9bb9db31b550.js?v=4e52a1ea3c

104.21.9.212

200 OK

374 kB

URL GET
www.1tamilblasters.earth/uploads/javascript_global/root_library.js.c4436661c63e41c7340b9bb9db31b550.js?v=4e52a1ea3c
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
JavaScript source, ASCII text, with very long lines (49340)
Size
374 kB (373596 bytes)
Hash
46963bd221ad819a26b91b6d5b9ac7a5
6db502e39de3d3a548ce2c3fac661f8166d7a417
6a1f8f243c85f0023dcf30a77a626a1885076cbcc5e268129f6e1f978713df3f

HTTP Headers

GET /uploads/javascript_global/root_library.js.c4436661c63e41c7340b9bb9db31b550.js?v=4e52a1ea3c HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:11 GMT
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UtC9iAh2n4Np00Po2Qwx98nygaDRtfYR3grt%2BJkLLUXoajs%2FCT4oXI6%2BriFzqS9fn79QTRJuF2o8OcLeVSvoPMpdGLVRF%2FD4fjpCVNZId37VEXW6V4ouyYOo%2BfQoO84WPeRsuVdpM5Cs1Hs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Fri, 16 May 2025 20:04:28 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: HIT
age: 790
content-encoding: br
cf-ray: 941a26c0c9091c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2497&min_rtt=597&rtt_var=979&sent=147&recv=168&lost=0&retrans=0&sent_bytes=44821&recv_bytes=15628&delivery_rate=378108&cwnd=24000&unsent_bytes=0&cid=368ce31e545f4529&ts=256&x=16"

GET experttrafficcounter.com/stats

52.29.222.230

200 OK

40 B

URL GET
experttrafficcounter.com/stats
IP
52.29.222.230:443
ASN
#16509 AMAZON-02

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerAmazon
Subjectexperttrafficcounter.com
FingerprintCE:93:F6:82:20:C2:20:51:6E:53:85:EC:03:9C:48:F0:13:0B:67:D7
ValidityTue, 29 Apr 2025 00:00:00 GMT - Thu, 28 May 2026 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
4932461df8d9539ad9ae781db99c64da
7e8196d59c29cc3ab18dcf12bab2b3d1c4fe8e25
52fdde21b31158361aade3ba53ec502194975b1401905428d74172f102b7a829

HTTP Headers

GET /stats HTTP/1.1
Host: experttrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 08:58:13 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.1tamilblasters.earth
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=30da44ba-4092-4ad1-b245-d8576ff70c5a:2:1; expires=Wed, 16 May 2035 08:58:13 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET experttrafficcounter.com/stats

52.29.222.230

200 OK

40 B

URL GET
experttrafficcounter.com/stats
IP
52.29.222.230:443
ASN
#16509 AMAZON-02

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerAmazon
Subjectexperttrafficcounter.com
FingerprintCE:93:F6:82:20:C2:20:51:6E:53:85:EC:03:9C:48:F0:13:0B:67:D7
ValidityTue, 29 Apr 2025 00:00:00 GMT - Thu, 28 May 2026 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
4932461df8d9539ad9ae781db99c64da
7e8196d59c29cc3ab18dcf12bab2b3d1c4fe8e25
52fdde21b31158361aade3ba53ec502194975b1401905428d74172f102b7a829

HTTP Headers

GET /stats HTTP/1.1
Host: experttrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: uid_id2=30da44ba-4092-4ad1-b245-d8576ff70c5a:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 08:58:15 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.1tamilblasters.earth
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

GET shotgunchancecruel.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=72

192.243.61.225

200 OK

0 B

URL GET
shotgunchancecruel.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=72
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerLet's Encrypt
Subjectshotgunchancecruel.com
Fingerprint57:F1:91:12:31:BB:80:19:FF:41:09:D0:8D:7B:40:3F:77:DF:B2:B3
ValiditySun, 20 Apr 2025 02:16:11 GMT - Sat, 19 Jul 2025 02:16:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=72 HTTP/1.1
Host: shotgunchancecruel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 18 May 2025 08:58:17 GMT
Content-Length: 0
Connection: keep-alive
Host: shotgunchancecruel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET unseenreport.com/pxf.gif?uuid=30da44ba-4092-4ad1-b245-d8576ff70c5a&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=ced0506a5584c90299ec188b96fad1c4&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8

192.243.61.227

200 OK

0 B

URL GET
unseenreport.com/pxf.gif?uuid=30da44ba-4092-4ad1-b245-d8576ff70c5a&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=ced0506a5584c90299ec188b96fad1c4&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint70:62:DC:6C:0A:F4:AA:56:4E:74:DC:EF:DA:CC:60:5A:C4:34:CE:F2
ValiditySat, 17 May 2025 22:34:21 GMT - Fri, 15 Aug 2025 22:34:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=30da44ba-4092-4ad1-b245-d8576ff70c5a&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=ced0506a5584c90299ec188b96fad1c4&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 18 May 2025 08:58:17 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 75ac105e6976064689b72e0a6d76f630
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET unseenreport.com/pxf.gif?uuid=30da44ba-4092-4ad1-b245-d8576ff70c5a&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=1d01f9ce6e4547da6ad284aa16eea6bf&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8

192.243.61.227

200 OK

0 B

URL GET
unseenreport.com/pxf.gif?uuid=30da44ba-4092-4ad1-b245-d8576ff70c5a&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=1d01f9ce6e4547da6ad284aa16eea6bf&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint70:62:DC:6C:0A:F4:AA:56:4E:74:DC:EF:DA:CC:60:5A:C4:34:CE:F2
ValiditySat, 17 May 2025 22:34:21 GMT - Fri, 15 Aug 2025 22:34:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=30da44ba-4092-4ad1-b245-d8576ff70c5a&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=1d01f9ce6e4547da6ad284aa16eea6bf&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 18 May 2025 08:58:17 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: efa8ee937ebe27bcf5539856eee05c36
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET www.1tamilblasters.earth/uploads/javascript_global/root_js_lang_1.js.c5092d64f590d18b74b3689e0151034a.js?v=4e52a1ea3c

104.21.9.212

200 OK

98 kB

URL GET
www.1tamilblasters.earth/uploads/javascript_global/root_js_lang_1.js.c5092d64f590d18b74b3689e0151034a.js?v=4e52a1ea3c
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
98 kB (97935 bytes)
Hash
6febbd23d416d415c4fd4fc56b9247e5
c3816e817f4e5562c5456061058c586f5dad60fb
bb00b8c630ba631167e65baea9c1a9b086328c2dcf50e761d7ab6cb6abd32723

HTTP Headers

GET /uploads/javascript_global/root_js_lang_1.js.c5092d64f590d18b74b3689e0151034a.js?v=4e52a1ea3c HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:11 GMT
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hyGzlleqfVNYmOo0yh9NGsSpM5jL%2BQRTxue0qPYhtQ3XVkNZJdE9g4GXygAuiBQDfLPS9a2wkegtJMMQdNNSJH1PKY9oeCak%2BQf8E5meTZq8xtfa8ICdZUFtzAJk8ih7txwBQJRHy52OpH8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Fri, 16 May 2025 20:04:28 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: HIT
age: 790
content-encoding: br
cf-ray: 941a26c0c90f1c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2497&min_rtt=597&rtt_var=979&sent=147&recv=168&lost=0&retrans=0&sent_bytes=44821&recv_bytes=15628&delivery_rate=378108&cwnd=24000&unsent_bytes=0&cid=368ce31e545f4529&ts=258&x=16"

GET www.1tamilblasters.earth/uploads/javascript_cms/front_app.js.beafb2de185a01f905cb1950589f0ed7.js?v=4e52a1ea3c

104.21.9.212

200 OK

3.1 kB

URL GET
www.1tamilblasters.earth/uploads/javascript_cms/front_app.js.beafb2de185a01f905cb1950589f0ed7.js?v=4e52a1ea3c
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
JavaScript source, ASCII text, with very long lines (995)
Size
3.1 kB (3105 bytes)
Hash
034012e999eecd926cbf9a5f5eb84463
86a9c8fe8c6c5bdf3aa3d6f8d0d48696c1b1aeb6
7727a5560890b1fb5e041288ba47aeea77965919a56c5a68522861a2c6924980

HTTP Headers

GET /uploads/javascript_cms/front_app.js.beafb2de185a01f905cb1950589f0ed7.js?v=4e52a1ea3c HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W4nnZUUQKhH4lGO%2BDrg3%2FXmgJH8xiuobZENUn7cXhRluFHt9UN0XyWkq5zfYnraRIK8Un0jZshrDzLeIo9ux9GVfLiC3SKs20KUXRNhuylWq8LWSp%2BxFR6dQodmCZ4Na2sceTLgsMD0XexM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Fri, 16 May 2025 20:04:37 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: HIT
age: 791
content-encoding: br
cf-ray: 941a26c109251c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3288&min_rtt=597&rtt_var=2087&sent=466&recv=179&lost=0&retrans=0&sent_bytes=415169&recv_bytes=19331&delivery_rate=2691747&cwnd=208800&unsent_bytes=0&cid=368ce31e545f4529&ts=291&x=16"

GET acscdn.com/script/aclib.js

104.18.16.201

200 OK

141 kB

URL GET
acscdn.com/script/aclib.js
IP
104.18.16.201:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subjectacscdn.com
FingerprintE8:04:28:CD:40:56:EF:C8:19:07:48:1D:8F:83:82:58:38:D8:61:A1
ValidityTue, 13 May 2025 15:22:09 GMT - Mon, 11 Aug 2025 16:21:52 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65493), with no line terminators
Size
141 kB (141415 bytes)
Hash
8f8105e049e8586067d7dd2ee8043319
44b582dca2cc906137fbb6f5b1b9b68b41b8bb09
db44a91c57e0e5c8b6b9239f371feb4ad11c427f07e0efc662f3c27f62144434

HTTP Headers

GET /script/aclib.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: text/javascript
x-guploader-uploadid: AAO2Vwq_NK57fukiSNR7uM6Tx5KpPQJ_3YmLVYjcO97bwItnWZ_G4Ui77FDl0ElMvVMClUyy
x-goog-generation: 1747151179744582
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 141415
x-goog-hash: crc32c=LGQWIg==, md5=j4EF4EnoWGBn190u6AQzGQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sun, 18 May 2025 09:58:12 GMT
cache-control: public, max-age=3600
last-modified: Tue, 13 May 2025 15:46:19 GMT
etag: W/"8f8105e049e8586067d7dd2ee8043319"
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 2209
vary: Accept-Encoding
server: cloudflare
cf-ray: 941a26c1882256ae-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=G-VVY9CWDB5S

142.250.74.136

200 OK

384 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-VVY9CWDB5S
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint02:7D:56:C0:B9:20:0C:27:A4:AC:B9:8F:9D:45:1D:85:2A:30:50:AD
ValidityMon, 21 Apr 2025 08:40:41 GMT - Mon, 14 Jul 2025 08:40:40 GMT

File type
JavaScript source, ASCII text, with very long lines (6125)
Size
384 kB (384108 bytes)
Hash
84887de58fe5d37c8b63f4cb8f7f7a2d
46610beb8a9f5e263d27366cc6d9befce33dc576
456139026035d7281ae1cf32b55cb46d9bcf13633ed9098eb4e0d8dd3bd99790

HTTP Headers

GET /gtag/js?id=G-VVY9CWDB5S HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 18 May 2025 08:58:12 GMT
expires: Sun, 18 May 2025 08:58:12 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
server: Google Tag Manager
content-length: 128490
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.1tamilblasters.earth/uploads/css_built_3/97c0a48072ce601c9764cb6b00a6588a_page.css.11deda5de61f4ffab454f64d327ee4f6.css?v=4e52a1ea3c

104.21.9.212

200 OK

308 B

URL GET
www.1tamilblasters.earth/uploads/css_built_3/97c0a48072ce601c9764cb6b00a6588a_page.css.11deda5de61f4ffab454f64d327ee4f6.css?v=4e52a1ea3c
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
ASCII text, with very long lines (308), with no line terminators
Size
308 B (308 bytes)
Hash
ad2328c81b674931fd4ec4727fb24c60
6c74aead05a49439da959a070d83d3642390ad87
331e60e6ff80485bf1c45e985db28bc82fb0ea993683040890cf48e17867c78b

HTTP Headers

GET /uploads/css_built_3/97c0a48072ce601c9764cb6b00a6588a_page.css.11deda5de61f4ffab454f64d327ee4f6.css?v=4e52a1ea3c HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:11 GMT
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J685XYla6Zu9t4OzV2on8CwqDjCB46lpRAqKCSDuLozFmzIwbHX6pbXVRDJBLSDVdEs10RojD%2FrdfoQHu%2BC60%2FaCliN7ZD2ICvA6d2aViFxV8fhmui%2BqZehSKaHi%2F3PDvTjhzVVhViCNr6U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 20:24:50 GMT
last-modified: Fri, 16 May 2025 20:04:37 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
age: 131601
cf-cache-status: HIT
content-encoding: br
cf-ray: 941a26c0c9071c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2497&min_rtt=597&rtt_var=979&sent=147&recv=168&lost=0&retrans=0&sent_bytes=44821&recv_bytes=15628&delivery_rate=378108&cwnd=24000&unsent_bytes=0&cid=368ce31e545f4529&ts=258&x=16"

GET www.1tamilblasters.earth/se1/_appcss/core_responsive.css

104.21.9.212

200 OK

3.0 kB

URL GET
www.1tamilblasters.earth/se1/_appcss/core_responsive.css
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
ASCII text, with very long lines (2982), with no line terminators
Size
3.0 kB (2982 bytes)
Hash
f3ee93beae20db676f54c725d0621a49
4cd53f9159b57baf2359d49df811796f7b102048
159308ebb6cd30326aa68872f9a327c7b99ec1a2d167d509ff333bec2e098b79

HTTP Headers

GET /se1/_appcss/core_responsive.css HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x9351yhh9fyxovKH9pI5Fboft9wK7Q2wZgvnZaMuUYVGd3ZHRgpNKDZMxv8iy%2Bjqdpnr030SPJ0FevDRL8w%2FkpFLwQkfCGcZxso%2BcFVfq%2FTaNbSCOXf0ZYZl2tRYAQ%2Fj0AUkFhEhvM4dGYY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 19:59:59 GMT
last-modified: Tue, 22 Oct 2024 15:40:58 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
age: 133092
cf-cache-status: HIT
content-encoding: br
cf-ray: 941a26c1192c1c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3288&min_rtt=597&rtt_var=2087&sent=466&recv=179&lost=0&retrans=0&sent_bytes=415169&recv_bytes=19331&delivery_rate=2691747&cwnd=208800&unsent_bytes=0&cid=368ce31e545f4529&ts=295&x=16"

GET cdn.show-sb.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html

172.67.170.115

200 OK

3.0 kB

URL GET
cdn.show-sb.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html
IP
172.67.170.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subjectshow-sb.com
Fingerprint1D:98:CF:D5:11:E1:60:97:76:85:27:F9:55:AF:5E:13:60:3F:67:B7
ValidityMon, 14 Apr 2025 03:51:48 GMT - Sun, 13 Jul 2025 04:50:09 GMT

File type
HTML document, ASCII text
Size
3.0 kB (2977 bytes)
Hash
027fddd0d322239ada2f2b8b93934fda
6f99560bca5c6d8d747c802f26058344eb179cec
a5b2073d8f57ef0469b777f73d6c3f4a85cc17b4c2ed2a53aa3f1acb2273dbd5

HTTP Headers

GET /sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html HTTP/1.1
Host: cdn.show-sb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 08:58:16 GMT
content-type: text/html
server: cloudflare
last-modified: Tue, 29 Mar 2022 08:27:42 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-expose-headers: Date
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=2Nx5%2FB5uwcbHjvMMe%2BtYReEUtPMbCxRuoiWouHyJBPwJk%2BfqPbqCmdrJgFM0nMEmTcFXIcC9OpstHJV62NC4%2FF9ovqLmVbXCiroVOZ0%3D"}]}
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 941a26dd7fb156b9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET shotgunchancecruel.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=16

192.243.61.225

200 OK

0 B

URL GET
shotgunchancecruel.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=16
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerLet's Encrypt
Subjectshotgunchancecruel.com
Fingerprint57:F1:91:12:31:BB:80:19:FF:41:09:D0:8D:7B:40:3F:77:DF:B2:B3
ValiditySun, 20 Apr 2025 02:16:11 GMT - Sat, 19 Jul 2025 02:16:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=16 HTTP/1.1
Host: shotgunchancecruel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 18 May 2025 08:58:17 GMT
Content-Length: 0
Connection: keep-alive
Host: shotgunchancecruel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET www.1tamilblasters.earth/se1/_appcss/forums.css

104.21.9.212

200 OK

9.6 kB

URL GET
www.1tamilblasters.earth/se1/_appcss/forums.css
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
ASCII text, with very long lines (9555), with no line terminators
Size
9.6 kB (9555 bytes)
Hash
b2d27ffc11efc8653125bfe0af59a3df
9be571fcc58e185ee33e6201ef561f7b25adb2cd
54623f9af3d4a016b43ad04c1789d51ab90faae28bc70f456ea90d934cdeee1a

HTTP Headers

GET /se1/_appcss/forums.css HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7SkyWl%2FhQMENRmQF4%2BQ8ndfMhKGF60E25pctd9Uhc4DSCjTXeawA4MNJ%2Fa6iU6SwaV5pDk4%2FTSmsnTc9axnG%2FTLoBSFV4CE7I2orlQUz733tyzU4h60K3zCQEQIJjOnXYQHuxrPBLDny3sc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 19:59:59 GMT
last-modified: Tue, 22 Oct 2024 15:41:57 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
age: 133092
cf-cache-status: HIT
content-encoding: br
cf-ray: 941a26c139351c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3288&min_rtt=597&rtt_var=1565&sent=616&recv=181&lost=0&retrans=0&sent_bytes=582667&recv_bytes=19732&delivery_rate=17120664&cwnd=268200&unsent_bytes=0&cid=368ce31e545f4529&ts=314&x=16"

GET jauntyhatredeighty.com/sbar.json?key=1d01f9ce6e4547da6ad284aa16eea6bf&uuid=bcef68b4-1f1b-41c3-9bf8-601c2057301d%3A1%3A1

192.243.59.12

200 OK

13 kB

URL GET
jauntyhatredeighty.com/sbar.json?key=1d01f9ce6e4547da6ad284aa16eea6bf&uuid=bcef68b4-1f1b-41c3-9bf8-601c2057301d%3A1%3A1
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerLet's Encrypt
Subjectjauntyhatredeighty.com
Fingerprint28:8D:F8:8E:40:C6:65:E3:DE:9C:09:44:8E:66:64:0D:98:DA:3C:B6
ValiditySat, 26 Apr 2025 21:30:59 GMT - Fri, 25 Jul 2025 21:30:58 GMT

File type
JSON text data
Size
13 kB (12905 bytes)
Hash
ec948f8e2384b3b75268f5576aa2ccb6
4d0cdf80fa433431ca0d79b21a85e8a454e00b5d
a292941e4df2c87191f79a87c83702da64404b3307716e2c43213ffb42d2690c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=1d01f9ce6e4547da6ad284aa16eea6bf&uuid=bcef68b4-1f1b-41c3-9bf8-601c2057301d%3A1%3A1 HTTP/1.1
Host: jauntyhatredeighty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 18 May 2025 08:58:15 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.1tamilblasters.earth
Access-Control-Allow-Origin: https://www.1tamilblasters.earth
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=bcef68b4-1f1b-41c3-9bf8-601c2057301d:1:1; expires=Sun, 25 May 2025 08:58:15 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Mon, 19 May 2025 08:58:15 GMT; path=/; secure; SameSite=None
uncs=1; expires=Mon, 19 May 2025 08:58:15 GMT; path=/; secure; SameSite=None
pdhtkv29=true; expires=Mon, 19 May 2025 08:58:15 GMT; path=/; secure; SameSite=None
uncs29=1; expires=Mon, 19 May 2025 08:58:15 GMT; path=/; secure; SameSite=None
u_pl24104643=1; expires=Mon, 19 May 2025 08:58:15 GMT; path=/; secure; SameSite=None
Host: jauntyhatredeighty.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 2f44b3c65eea2dc924abeaeba173ac0a
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET www.1tamilblasters.earth/

104.21.9.212

200 OK

1.7 MB

URL User Request GET
www.1tamilblasters.earth/
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5975), with CRLF, LF line terminators
Size
1.7 MB (1728347 bytes)
Hash
8e77a46df4079dfd08dd0458eba69a68
69349ed31c2e53042eed3f586589107013ff06ef
fb0e84b6492df2d9954027f608d72f70a5c5090879e0aea5f893ea9f3c2e9f4d

HTTP Headers

GET / HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 08:58:11 GMT
content-type: text/html;charset=UTF-8
server: cloudflare
x-content-type-options: nosniff
cf-ray: 941a26be9decb529-OSL
content-encoding: br
x-ips-loggedin: 0
vary: cookie, Accept-Encoding
x-xss-protection: 0
x-frame-options: sameorigin
x-ips-cached-response: Sun, 18 May 2025 08:58:11 GMT
last-modified: Sun, 18 May 2025 08:58:11 GMT
expires: Sun, 18 May 2025 08:58:41 GMT
cache-control: max-age=30, public
pragma: public
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hoU%2BXSKnG2xsvuWGO1%2BgaT3fYFf5ciOWSA4kQEaDiVff%2Fy3fkb22w29Cs7wB%2F9BTmQ2my6lfEsW9dPVHLg%2FIaDdNksKGFkZNPr7rnOTi9jqiVpuhQjB1WcQNpk9Fi4Jja%2BVZ7WYi78Ol25o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
set-cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; HttpOnly; Secure; Path=/
ips4_guestTime=1747558691; HttpOnly; Secure; Path=/
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6068&min_rtt=491&rtt_var=11155&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3301&recv_bytes=1268&delivery_rate=6126939&cwnd=254&unsent_bytes=0&cid=75697626b2562f70&ts=129&x=0"
X-Firefox-Spdy: h2

GET www.1tamilblasters.earth/se1/_appcss/responsive.css

104.21.9.212

200 OK

40 kB

URL GET
www.1tamilblasters.earth/se1/_appcss/responsive.css
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
ASCII text, with very long lines (39960), with no line terminators
Size
40 kB (39960 bytes)
Hash
63aebb3c749278bb21ccb2f79fff79dc
e78cc623d028d0c856cddaf91d720af3da4e93d0
b640d3479b844216cf003d9ebf30747d193ce1117c8ab2a71e89cd978587c239

HTTP Headers

GET /se1/_appcss/responsive.css HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DfjIaGIg5vKYkoTXyRtfTw1OjOsVzDu3Ott1WhatXcDQzAfa2bzXG5qgjS3xQM9HRSeTrICMTsF66rjTYmp%2BHmcKTcXdFV%2BlEnLxt0hcI4i3e7Rk8FwJ18jXr6oXt4JhFraF1P5j9%2FLXxgM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 19:59:59 GMT
last-modified: Tue, 22 Oct 2024 15:39:56 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
age: 133092
cf-cache-status: HIT
content-encoding: br
cf-ray: 941a26c109231c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3288&min_rtt=597&rtt_var=2087&sent=466&recv=179&lost=0&retrans=0&sent_bytes=415169&recv_bytes=19331&delivery_rate=2691747&cwnd=208800&unsent_bytes=0&cid=368ce31e545f4529&ts=286&x=16"

GET www.1tamilblasters.earth/se1/_appcss/skins.css

104.21.9.212

200 OK

30 kB

URL GET
www.1tamilblasters.earth/se1/_appcss/skins.css
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
ASCII text, with very long lines (29596), with no line terminators
Size
30 kB (29596 bytes)
Hash
7b15be7d2f686f22418dbd07aeb26175
4f083fdb8ef41aae762179949b1ded548ca9a066
44908c6bab2dfbef28876444263a4dffea1cbc6694c3894324b826a705012132

HTTP Headers

GET /se1/_appcss/skins.css HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B7zJd6DLWyUphAFVFbYifsyE2WVD2Fvqow1cbFQDZ4O4QvcF%2BPr1RQDrPGQdmULmhcVdYbEYtX11SNdmylDKtE%2Ff4F6xwnXfmBj9E7DhhxVpAZxnPxJG3zUhq%2FwDiyImQbvlAgGMSLVRC7k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 19:59:59 GMT
last-modified: Tue, 22 Oct 2024 15:40:22 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 133093
content-encoding: br
cf-ray: 941a26c1192a1c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3288&min_rtt=597&rtt_var=2087&sent=466&recv=179&lost=0&retrans=0&sent_bytes=415169&recv_bytes=19331&delivery_rate=2691747&cwnd=208800&unsent_bytes=0&cid=368ce31e545f4529&ts=289&x=16"

GET www.1tamilblasters.earth/applications/core/interface/js/spacer.png

104.21.9.212

200 OK

137 B

URL GET
www.1tamilblasters.earth/applications/core/interface/js/spacer.png
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
PNG image data, 1 x 1, 8-bit colormap, non-interlaced
Size
137 B (137 bytes)
Hash
a41d6e3396dc05c78cc77b2d2466534d
0ed5c70f6c2012837adc192b1570cdc8551defbe
dc1b146a3d93548cfd8893783085c4d22a389d361f6b0816643b67f19233000d

HTTP Headers

GET /applications/core/interface/js/spacer.png HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: image/png
content-length: 137
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 19:59:59 GMT
last-modified: Sun, 10 Jan 2021 03:13:40 GMT
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
age: 133092
cf-cache-status: HIT
cf-ray: 941a26c1694e1c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yfspd6EeW2GvWt0FvcNUDz2YIxmeNO%2FRwEkghAFyvAuBUNYZUKqyLA5xh4zAh9tj6ci%2BTvhDpQV6zXvPK%2BQsDnNIcRsK82MZxO8Cc6a9k39o1NKN7Uo7tNBl400EvEhQr7q5A%2FCUapUBuho%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3423&min_rtt=597&rtt_var=2533&sent=626&recv=187&lost=0&retrans=0&sent_bytes=588132&recv_bytes=22297&delivery_rate=998675&cwnd=268200&unsent_bytes=0&cid=368ce31e545f4529&ts=353&x=16"

GET fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint15:8B:D4:EA:7E:CB:34:1B:6F:2E:20:9E:39:44:7A:D6:D7:30:26:AB
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 May 2025 10:03:46 GMT
expires: Fri, 15 May 2026 10:03:46 GMT
cache-control: public, max-age=31536000
age: 255267
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.1tamilblasters.earth/uploads/css_built_3/13136374e1b49ed2a6386fef2a59fb0c_skins.css.8a24218054c01095b22f83742808761d.css?v=4e52a1ea3c

104.21.9.212

200 OK

30 kB

URL GET
www.1tamilblasters.earth/uploads/css_built_3/13136374e1b49ed2a6386fef2a59fb0c_skins.css.8a24218054c01095b22f83742808761d.css?v=4e52a1ea3c
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
ASCII text, with very long lines (29596), with no line terminators
Size
30 kB (29596 bytes)
Hash
7b15be7d2f686f22418dbd07aeb26175
4f083fdb8ef41aae762179949b1ded548ca9a066
44908c6bab2dfbef28876444263a4dffea1cbc6694c3894324b826a705012132

HTTP Headers

GET /uploads/css_built_3/13136374e1b49ed2a6386fef2a59fb0c_skins.css.8a24218054c01095b22f83742808761d.css?v=4e52a1ea3c HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:11 GMT
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=veiNvhZxAoMvNjaXZG2gxetaIaE3VPZfTTEGG0LI8qJ3i0CqJ99KP7DIgT3UO0TYolrS7HhpG%2Bd2ceWOJfOPptjqFlKaS43cJFWBvR7x1pJLxUtnSkY3TLz3%2FNTyp1JAr%2Ffg9AbtleA9598%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 20:24:50 GMT
last-modified: Fri, 16 May 2025 20:04:25 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
age: 131601
cf-cache-status: HIT
content-encoding: br
cf-ray: 941a26c0b9021c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2518&min_rtt=597&rtt_var=1248&sent=124&recv=166&lost=0&retrans=0&sent_bytes=20795&recv_bytes=14506&delivery_rate=2416&cwnd=12000&unsent_bytes=0&cid=368ce31e545f4529&ts=247&x=16"

GET www.1tamilblasters.earth/uploads/css_built_3/5a0da001ccc2200dc5625c3f3934497d_core_responsive.css.7d1ca433ef948981be40fd16b7de3747.css?v=4e52a1ea3c

104.21.9.212

200 OK

3.0 kB

URL GET
www.1tamilblasters.earth/uploads/css_built_3/5a0da001ccc2200dc5625c3f3934497d_core_responsive.css.7d1ca433ef948981be40fd16b7de3747.css?v=4e52a1ea3c
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
ASCII text, with very long lines (2982), with no line terminators
Size
3.0 kB (2982 bytes)
Hash
f3ee93beae20db676f54c725d0621a49
4cd53f9159b57baf2359d49df811796f7b102048
159308ebb6cd30326aa68872f9a327c7b99ec1a2d167d509ff333bec2e098b79

HTTP Headers

GET /uploads/css_built_3/5a0da001ccc2200dc5625c3f3934497d_core_responsive.css.7d1ca433ef948981be40fd16b7de3747.css?v=4e52a1ea3c HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:11 GMT
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WcQx63oY1GhLBW9%2F0x1ogSKXJZHydJCN3N0XP30CL8IeZeq9oFeRy8LqAPoOphlt2Az5H%2BWpNJTxdxzQJ9bomQkLgsnhX0gsBDJjPnkVa9XgLhhJ6t8gNGdVeEu%2F8MQ9cgLo4BVaZW2ZbK0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 20:24:50 GMT
last-modified: Fri, 16 May 2025 20:04:25 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 131601
content-encoding: br
cf-ray: 941a26c0c9061c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2518&min_rtt=597&rtt_var=1248&sent=110&recv=164&lost=0&retrans=0&sent_bytes=8769&recv_bytes=13392&delivery_rate=2416&cwnd=12000&unsent_bytes=0&cid=368ce31e545f4529&ts=242&x=16"

GET www.1tamilblasters.earth/uploads/javascript_bimchatbox/front_front_chatbox.js.c61fe1a6cdb6fa99caec1f574e8573f8.js?v=4e52a1ea3c

104.21.9.212

200 OK

64 kB

URL GET
www.1tamilblasters.earth/uploads/javascript_bimchatbox/front_front_chatbox.js.c61fe1a6cdb6fa99caec1f574e8573f8.js?v=4e52a1ea3c
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
ASCII text, with very long lines (64068), with no line terminators
Size
64 kB (64068 bytes)
Hash
5e9a0816c0d2431dfb005bdf359be0ea
34d124e79c2c345bd04bb466054fc1357d10c5d4
6829fbeb4fa4793781812ff45da8b1a5c464a9c709caab261bb7187b735f2972

HTTP Headers

GET /uploads/javascript_bimchatbox/front_front_chatbox.js.c61fe1a6cdb6fa99caec1f574e8573f8.js?v=4e52a1ea3c HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:11 GMT
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hiL9c6%2FRDog2f0d2VSf%2BvzGMkIWUo4ce%2FJfKA4hLyh4kMxiJmaRaRPvs3A0gdHAyWxyvKfEEQzJkV5XBAmD3vGRhzRZf4alkpbFwsASEZ797VaU73n5QOLRCzKCLz5gWrKBWatEypacxDAo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Fri, 16 May 2025 20:04:28 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
age: 790
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 941a26c0d9151c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2497&min_rtt=597&rtt_var=979&sent=147&recv=168&lost=0&retrans=0&sent_bytes=44821&recv_bytes=15628&delivery_rate=378108&cwnd=24000&unsent_bytes=0&cid=368ce31e545f4529&ts=256&x=16"

GET www.1tamilblasters.earth/applications/chatbox/interface/livestamp/moment.js?v=4e52a1ea3c

104.21.9.212

200 OK

336 kB

URL GET
www.1tamilblasters.earth/applications/chatbox/interface/livestamp/moment.js?v=4e52a1ea3c
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
336 kB (336453 bytes)
Hash
c741de861d86c1afc0544b28c92ab9ff
b8415c7c614987c760917e59e01f00c5f59768ea
a1aa4afb56406d1395a2fcb23caf6bff467744bd4956fdd48507506e44abca24

HTTP Headers

GET /applications/chatbox/interface/livestamp/moment.js?v=4e52a1ea3c HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:11 GMT
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3kWT8bwjRvS6C0ZXgBQHmCHesJJxe9DiamNCcYvKNYGFbWMu%2B8QdMESFy3N9sWRKF5QQ9Ijqt%2Fjp0WW5m%2FJoS1wtAg5b61H3RdXJDXTRUe%2B4V09nubmOXxpKLkoSL0%2FAPTEZjutmEsrEbv8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Sun, 26 Nov 2023 16:04:25 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: HIT
age: 790
content-encoding: br
cf-ray: 941a26c0d9181c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2954&min_rtt=597&rtt_var=1649&sent=188&recv=169&lost=0&retrans=0&sent_bytes=92821&recv_bytes=15673&delivery_rate=2487463&cwnd=48000&unsent_bytes=0&cid=368ce31e545f4529&ts=263&x=16"

GET www.1tamilblasters.earth/uploads/monthly_2025_03/IMG_20250318_183336_088.thumb.jpg.a0adff2adebddcb81f55ec92d048eabc.jpg

104.21.9.212

200 OK

12 kB

URL GET
www.1tamilblasters.earth/uploads/monthly_2025_03/IMG_20250318_183336_088.thumb.jpg.a0adff2adebddcb81f55ec92d048eabc.jpg
IP
104.21.9.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerGoogle Trust Services
Subject1tamilblasters.earth
Fingerprint87:15:90:61:3A:CA:76:FF:36:3D:7C:2B:1B:20:08:FA:E0:BA:D5:59
ValidityFri, 16 May 2025 18:25:18 GMT - Thu, 14 Aug 2025 19:23:36 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 240x240, components 3
Size
12 kB (11654 bytes)
Hash
574014a16afe4386a1089215b96bf263
2dc97fd989ec0f5cdd574c619d9f6d6b65d5a90f
3dfd442d816052d6fe02df13bfa87382a654bbe30fc9651e90a0342544634fea

HTTP Headers

GET /uploads/monthly_2025_03/IMG_20250318_183336_088.thumb.jpg.a0adff2adebddcb81f55ec92d048eabc.jpg HTTP/1.1
Host: www.1tamilblasters.earth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: ips4_IPSSessionFront=8fb7df136242cb40b4b7001db1c4ad28; ips4_guestTime=1747558691
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 08:58:12 GMT
content-type: image/jpeg
content-length: 11654
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Fri, 23 May 2025 20:24:51 GMT
last-modified: Tue, 18 Mar 2025 13:04:23 GMT
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
age: 131600
cf-cache-status: HIT
cf-ray: 941a26c2d9821c02-OSL
server: cloudflare
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cuwaOzxhaVY%2FB0Y3xkHatzDHlhquEPKLQUjzx6oyi2W9bCMn7o1pPITMgYKjw7WofB2AagitYhRIuZDHtAoFIS3L1lDQBYuHVcf7lbi7TtjSJX81hCCKx28ayCn7YBkcgWhANwyosRZyjO8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2179&min_rtt=597&rtt_var=1566&sent=689&recv=198&lost=0&retrans=0&sent_bytes=655255&recv_bytes=24531&delivery_rate=5868629&cwnd=268200&unsent_bytes=0&cid=368ce31e545f4529&ts=579&x=16"

GET experttrafficcounter.com/stats

52.29.222.230

200 OK

40 B

URL GET
experttrafficcounter.com/stats
IP
52.29.222.230:443
ASN
#16509 AMAZON-02

Requested by
https://www.1tamilblasters.earth/
Certificate
IssuerAmazon
Subjectexperttrafficcounter.com
FingerprintCE:93:F6:82:20:C2:20:51:6E:53:85:EC:03:9C:48:F0:13:0B:67:D7
ValidityTue, 29 Apr 2025 00:00:00 GMT - Thu, 28 May 2026 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
4932461df8d9539ad9ae781db99c64da
7e8196d59c29cc3ab18dcf12bab2b3d1c4fe8e25
52fdde21b31158361aade3ba53ec502194975b1401905428d74172f102b7a829

HTTP Headers

GET /stats HTTP/1.1
Host: experttrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1tamilblasters.earth
DNT: 1
Connection: keep-alive
Referer: https://www.1tamilblasters.earth/
Cookie: uid_id2=30da44ba-4092-4ad1-b245-d8576ff70c5a:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 08:58:15 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.1tamilblasters.earth
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (33)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML