urlscan.io logo urlscan.io
SecurityTrails logo

ww4.1337x.buzz Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ww3.1337x.buzz/tor?id=56978636
Effective URL: https://ww4.1337x.buzz/tor?id=56978636
Submission Tags: falconsandbox
Submission: On September 19 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 12 domains to perform 32 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ww4.1337x.buzz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 8th 2022. Valid for: a year.
This is the only time ww4.1337x.buzz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
13 104.31.16.118 13335 (CLOUDFLAR...)
2 4 2606:4700:10:... 13335 (CLOUDFLAR...)
1 23.109.82.184 7979 (SERVERS-COM)
5 104.75.88.126 16625 (AKAMAI-AS)
2 192.243.59.13 39572 (ADVANCEDH...)
1 35.158.153.212 16509 (AMAZON-02)
1 23.35.237.151 16625 (AKAMAI-AS)
1 192.243.61.225 39572 (ADVANCEDH...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
32 11
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
ww3.1337x.buzz
ww4.1337x.buzz
13    104.31.16.118 (United States)

ASN13335 (CLOUDFLARENET, US)
1337x.to
4    2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)
whos.amung.us
widgets.amung.us
1    23.109.82.184 (Netherlands)

ASN7979 (SERVERS-COM, US)
roebuckwagged.com
5    104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
2    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
redeemspectacular.com
dismantlepenantiterrorist.com
1    35.158.153.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-153-212.eu-central-1.compute.amazonaws.com
simplewebanalysis.com
1    23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com
z.moatads.com
1    192.243.61.225 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
poshhateful.com
1    2606:4700:3038::6815:eb02 (United States)

ASN13335 (CLOUDFLARENET, US)
addresseepaper.com
Apex Domain
Subdomains		 Transfer
13 1337x.to
1337x.to — Cisco Umbrella Rank: 94605
304 KB
4 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 1571
m.addthis.com — Cisco Umbrella Rank: 1521
217 KB
4 amung.us
whos.amung.us — Cisco Umbrella Rank: 15065
widgets.amung.us — Cisco Umbrella Rank: 16591
3 KB
2 1337x.buzz
ww3.1337x.buzz
ww4.1337x.buzz
27 KB
1 dismantlepenantiterrorist.com
dismantlepenantiterrorist.com — Cisco Umbrella Rank: 184191
425 B
1 addresseepaper.com
addresseepaper.com — Cisco Umbrella Rank: 19530
23 KB
1 poshhateful.com
poshhateful.com — Cisco Umbrella Rank: 256690
329 B
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 1765
713 B
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 403
1 KB
1 simplewebanalysis.com
simplewebanalysis.com — Cisco Umbrella Rank: 15084
288 B
1 redeemspectacular.com
redeemspectacular.com
613 B
1 roebuckwagged.com
roebuckwagged.com — Cisco Umbrella Rank: 945531
32 12
Domain Requested by
13 1337x.to ww4.1337x.buzz
1337x.to
3 s7.addthis.com ww4.1337x.buzz
s7.addthis.com
2 widgets.amung.us ww4.1337x.buzz
2 whos.amung.us 2 redirects
1 dismantlepenantiterrorist.com
1 addresseepaper.com ww4.1337x.buzz
1 poshhateful.com ww4.1337x.buzz
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 z.moatads.com s7.addthis.com
1 simplewebanalysis.com ww4.1337x.buzz
1 redeemspectacular.com ww4.1337x.buzz
1 roebuckwagged.com ww4.1337x.buzz
1 ww4.1337x.buzz
1 ww3.1337x.buzz 1 redirects
32 15

This site contains links to these domains. Also see Links.

Domain
fostereminent.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-08 -
2023-06-08		 a year crt.sh
roebuckwagged.com
R3		 2022-08-16 -
2022-11-14		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
redeemspectacular.com
R3		 2022-08-08 -
2022-11-06		 3 months crt.sh
simplewebanalysis.com
Amazon		 2022-04-01 -
2023-04-30		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
poshhateful.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.addresseepaper.com
E1		 2022-08-23 -
2022-11-21		 3 months crt.sh
dismantlepenantiterrorist.com
R3		 2022-08-29 -
2022-11-27		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://ww4.1337x.buzz/tor?id=56978636
Frame ID: F4007DC2A2DE9287B7494F7AA856A537
Requests: 30 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: D4437CEE7249C66C697E80E3935B8182
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: BDDA4EB7AD982E739EF0B5207C8D8604
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 Not Found

Page URL History Show full URLs

  1. https://ww3.1337x.buzz/tor?id=56978636 HTTP 301
    https://ww4.1337x.buzz/tor?id=56978636 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

32
Requests

81 %
HTTPS

30 %
IPv6

12
Domains

15
Subdomains

11
IPs

3
Countries

578 kB
Transfer

1645 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ww3.1337x.buzz/tor?id=56978636 HTTP 301
    https://ww4.1337x.buzz/tor?id=56978636 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://whos.amung.us/widget/1337xbuzz/ HTTP 307
  • https://widgets.amung.us/classic/00/27.png
Request Chain 2
  • https://whos.amung.us/widget/myallsites/ HTTP 307
  • https://widgets.amung.us/classic/01/195.png

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request tor
ww4.1337x.buzz/
Redirect Chain
  • https://ww3.1337x.buzz/tor?id=56978636
  • https://ww4.1337x.buzz/tor?id=56978636
70 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ww4.1337x.buzz/tor?id=56978636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f27f8ef41f9fac26b6c314b7c7a1ced39990a32a04b73de41e4ff8e97073f5b0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74d07ec5fe4091d7-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 07:09:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JpoxQc8KxQA3ZtzfGb33clD48tw95FSG0VgHMM7dbjn09JVYv2YEzXxsPxlxy9rbQZdY%2BVa56QyPYlQVjPFM3%2B0VfHpa3Q38vR2pw8Wl0e7T3%2BmS97nneJRTvu5G9qBa9QQTCHTz3yzLfd1CnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74d07ec57d9291d7-FRA
content-type
text/html; charset=iso-8859-1
date
Mon, 19 Sep 2022 07:09:19 GMT
location
https://ww4.1337x.buzz/tor?id=56978636
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oL8IlGLT0pfKyNbfeiOg4OK32KyUV0VDYqdLgZ4%2FIVZRTHtQENiMr7LbwvFpceF6cVoE9K3FhwZU6ggiggiqdsGnkFfJj1Rh5uvEzTkzR4zrhKnWzK6D7lPthSWEgQJIAOUn4ByuOe0JXk8g2A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
style.css
1337x.to/css/ 		158 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1337x.to/css/style.css
Requested by
Host: ww4.1337x.buzz
URL: https://ww4.1337x.buzz/tor?id=56978636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.16.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b7601587db2b9e94e258c592d6c1bb14ce5d9f57b6d743fc72ee44b15d40718
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ww4.1337x.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 07:09:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 01 Feb 2021 09:38:25 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"6017cc11-27687"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cIFSesU4eWliDsO9eH0YlTOiPRHDJgb72PiPM2QvnzcySgCSZOVYKa8bcdnUoQngkFgZ5jInSsrowLGD7io0s0OK3LHqaSWiX6kpVvkjWYPmzbP8pbWR6DnYXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d07ec8cad85bf5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
27.png
widgets.amung.us/classic/00/
Redirect Chain
  • https://whos.amung.us/widget/1337xbuzz/
  • https://widgets.amung.us/classic/00/27.png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/classic/00/27.png
Requested by
Host: ww4.1337x.buzz
URL: https://ww4.1337x.buzz/tor?id=56978636
Protocol
H2
Server
2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd3babe333a04fcd729e1cbd940fde8f83cdf27052b1bae9aa28fab1b60c7ba5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ww4.1337x.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 07:09:20 GMT
cf-cache-status
HIT
last-modified
Sun, 13 Jun 2010 09:03:09 GMT
server
cloudflare
age
2239886
etag
"4c149ecd-5ce"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
74d07ec9aa7ebbfd-FRA
content-length
1486
expires
Thu, 25 Aug 2022 08:57:54 GMT

Redirect headers

location
https://widgets.amung.us/classic/00/27.png
date
Mon, 19 Sep 2022 07:09:20 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74d07ec8c8b5bbfd-FRA
content-type
text/html; charset=UTF-8
195.png
widgets.amung.us/classic/01/
Redirect Chain
  • https://whos.amung.us/widget/myallsites/
  • https://widgets.amung.us/classic/01/195.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/classic/01/195.png
Requested by
Host: ww4.1337x.buzz
URL: https://ww4.1337x.buzz/tor?id=56978636
Protocol
H2
Server
2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb41bd14eafe2b031cd047b69602687c19a9b7ab43c6c0dc4454cd139b62d204

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ww4.1337x.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 07:09:20 GMT
cf-cache-status
HIT
last-modified
Sun, 13 Jun 2010 09:03:09 GMT
server
cloudflare
age
2235913
etag
"4c149ecd-627"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
74d07ec9aa7dbbfd-FRA
content-length
1575
expires
Thu, 25 Aug 2022 10:04:07 GMT

Redirect headers

location
https://widgets.amung.us/classic/01/195.png
date
Mon, 19 Sep 2022 07:09:20 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74d07ec8c8bcbbfd-FRA
content-type
text/html; charset=UTF-8
38766
roebuckwagged.com/gVe7ZeRKpxnK/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://roebuckwagged.com/gVe7ZeRKpxnK/38766
Requested by
Host: ww4.1337x.buzz
URL: https://ww4.1337x.buzz/tor?id=56978636
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.82.184 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ww4.1337x.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: ww4.1337x.buzz
URL: https://ww4.1337x.buzz/tor?id=56978636
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ww4.1337x.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
date
Mon, 19 Sep 2022 07:09:20 GMT
x-host
s7.addthis.com
content-length
116535
jquery-1.11.0.min.js
1337x.to/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1337x.to/js/jquery-1.11.0.min.js
Requested by
Host: ww4.1337x.buzz
URL: https://ww4.1337x.buzz/tor?id=56978636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.16.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
746e54e89161118a67bd59103c4ab55e3060735cc85c1d047c2cf04d4b12043d
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ww4.1337x.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 07:09:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 26 May 2016 08:00:43 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"5746ad2b-17881"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cv8h%2Fu9rRaRsdVQ24Wj5szmncf0pf4WFo08tfh1iHgZwI9sA80BZANZJGGksuMXv%2FOuo55R21fhGN1c3zy9Nq%2BO9G2234RTHeRAaCFAfRHT6BKGxYDNhHbidxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d07ec8cae15bf5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-ui.js
1337x.to/js/ 		344 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1337x.to/js/jquery-ui.js
Requested by
Host: ww4.1337x.buzz
URL: https://ww4.1337x.buzz/tor?id=56978636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.16.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b72ea898aca2ca9a3a59b13fe6cf1b175265efce0a61ced6b57438af207e877e
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ww4.1337x.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 07:09:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 27 May 2016 08:10:01 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"574800d9-55fae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cTDGOCePsRhV5z1hAJTPvNch0%2FGPDUXi4y7pbrfB9bBzVM2jHHbS3UIwTDNWdOxkB1n3et%2FRUzFDg7H2x1B8U%2FlvIvtsQDiMjvXz7AC12rxOocRCzkJ1OaBM3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d07ec8cadf5bf5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
auto-searchv2.js
1337x.to/js/ 		1 KB
797 B 		Script
General
Check archive.org
Download Go to
Full URL
https://1337x.to/js/auto-searchv2.js
Requested by
Host: ww4.1337x.buzz
URL: https://ww4.1337x.buzz/tor?id=56978636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.16.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eba2275272a8c001533647b421634791860e63f528cfbbd021481fd7b3866911
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ww4.1337x.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 07:09:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 08 Jun 2017 23:18:16 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"5939db38-442"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NaHzFFGyHXcof8Gxzp%2BL8exsd0FxVgh6bKHZ36ESwbVWMkOtH5hNAPtqsQPyEzdaytMjNRtKgRV9%2BLN%2BSmkEoHPEIulbX4XmIR1pjkNDyJrUjvu4obEHvIFAiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d07ec8cada5bf5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
main.js
1337x.to/js/ 		2 KB
941 B 		Script
General
Check archive.org
Download Go to
Full URL
https://1337x.to/js/main.js
Requested by
Host: ww4.1337x.buzz
URL: https://ww4.1337x.buzz/tor?id=56978636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.16.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f0ce9274b78dc8db36956c34978a431f32b9f818ee6230cfde3c3abd0fba623
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ww4.1337x.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 07:09:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 30 Sep 2016 06:20:31 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"57ee042f-67b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZgRKxeYdy3yKt8kjc2fl9uxA7Pt5CC03cKbbNyCpxBpe1lesN%2Fl%2BAEzhSIQekhI1TLqXoyt3zT1k9WGePofPk8vbTCh%2B%2BycXIha%2FLwmzA5NTswGN76heP5Uccw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d07ec8cadc5bf5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
html5shiv.js
1337x.to/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1337x.to/js/html5shiv.js
Requested by
Host: ww4.1337x.buzz
URL: https://ww4.1337x.buzz/tor?id=56978636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.16.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c7a9c0470563367ab00307b4fb9bb3052d0a27f0b94e63b9dc0bb8c369449cb
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ww4.1337x.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 07:09:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 26 Nov 2013 19:17:01 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"5294f3ad-97d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYXEJx9TVNp%2BKbrtIEwn8F0d6EZ1SI%2FF%2BtQqxyj%2BAuIUuHT8aeXt24FGhhhkCAYQXVZ0wbsDbP3FRb6zthgXiGCBJymugufqA4C%2Bpjrp96YUtth%2BAFH3eyJRLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d07ec8cadb5bf5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
equalheight.js
1337x.to/js/ 		477 B
507 B 		Script
General
Check archive.org
Download Go to
Full URL
https://1337x.to/js/equalheight.js
Requested by
Host: ww4.1337x.buzz
URL: https://ww4.1337x.buzz/tor?id=56978636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.16.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42ecacd920e12f61b636727d32b5127a6e4f32c17208f08fe4d2a6f6c8285bc3
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ww4.1337x.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 07:09:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 15 Apr 2016 09:16:39 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"5710b177-1dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbOjxzvVcXuezpcxrgMd%2F%2BeAt7JpcwrWlpwnDn6GTNOPWlOZaEbk8te%2Ff1ruBTMYzZXLSEXwqK02%2BpQA4O3cN3oASqjD7aQiQKPMkoGOxlPWY%2Fya3NafiwnxKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d07ec91b475bf5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
scrollbar.js
1337x.to/js/ 		58 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1337x.to/js/scrollbar.js
Requested by
Host: ww4.1337x.buzz
URL: https://ww4.1337x.buzz/tor?id=56978636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.16.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb5dc908816190c552fdbb5fe71c6797975ee55025b788058c0e373a0a3e335b
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ww4.1337x.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 07:09:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 03 Mar 2016 06:45:58 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"56d7dda6-e7d1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIXkhtlM6IhH41onuHeET5kF%2FTCR%2F2vka2fOPfTSDumxBhoq3ofHhgb1GFuZLX1FTEgfXtG8%2F56LMcIHGdD%2F51dgOgz%2BSsVnXF%2Bdp9anbma85Fcc1%2BVY0thXow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d07ec91b495bf5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
tab.js
1337x.to/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1337x.to/js/tab.js
Requested by
Host: ww4.1337x.buzz
URL: https://ww4.1337x.buzz/tor?id=56978636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.16.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b44a83c3140140106709bd4a0a8e6500086f01b87b4480fcc0f3cdf196a268bb
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ww4.1337x.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 07:09:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 09 Mar 2016 10:50:48 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"56e00008-71c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzRJirE7T0%2FiY9pSzE3Bhz65r6ZKJzknh23RvSQ2szWgNZhgmQQW4FIKmjlUi9nBkU8v3sVc%2F5HLfrvBvUg2ZrUsC3beRuC7mAh5d9fRhP4ruS3qQMCR%2Fjsh2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d07ec91b4b5bf5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pagination.js
1337x.to/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1337x.to/js/pagination.js
Requested by
Host: ww4.1337x.buzz
URL: https://ww4.1337x.buzz/tor?id=56978636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.16.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be1a851a36499a153ca9578b4f76bab92d737253b444c62276d7e57b82998d39
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ww4.1337x.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 07:09:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 24 May 2016 11:39:23 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"57443d6b-bcc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=poklDheM2FYT5KTW34VrNu2x7LWP5p7HBJCNYOo9mNU2yI0di98fHHh58Y3QYxVCNaUUhlcBTxh%2BmxPpvIK48xf3zcsSr7dNDGBVSYJj7O5luwrSR7xqes3x8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d07ec91b4c5bf5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
modal.js
1337x.to/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1337x.to/js/modal.js
Requested by
Host: ww4.1337x.buzz
URL: https://ww4.1337x.buzz/tor?id=56978636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.16.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2589ffb2fd098b789870f1b48c8d83614c29df22739921ee3347d741b57dd4a
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ww4.1337x.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 07:09:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 01 Jun 2015 09:50:06 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"556c2ace-2857"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1WkIY3F%2FIf%2FJ7Bfm6k7GbU%2BElyWzNmuvoOaBdWqL9bks3fsBm0sf2%2F%2FCNpz8IBVpqcGY%2B7zS4JtJsVY7NukyxNck6p0lm1RZ7c0htNoL4RB%2F7lW%2BIoQP1imzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d07ec91b4d5bf5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
body-bg.jpg
1337x.to/css/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1337x.to/css/images/body-bg.jpg
Requested by
Host: 1337x.to
URL: https://1337x.to/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.16.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44411fdbd6a244c923866126c233c854cae07718591506d315a86e34e159f20b
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1337x.to/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 07:09:20 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 25 Feb 2016 07:18:07 GMT
server
cloudflare
etag
"56ceaaaf-996"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7Jb60azj3Y6gJj6jbbGcvK%2FwRJsziS1JHElsDOMuRX3oue2mJ12ZBEUKZ3kTzcZx1gwEOqTOoM0m4BvOV6A304GXnhLfCC%2Fdc%2BJU5cJvXTLun5g3pay7VbbTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74d07ec9dc2f5bf5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2454
main-bg.png
1337x.to/css/images/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1337x.to/css/images/main-bg.png
Requested by
Host: 1337x.to
URL: https://1337x.to/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.16.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6be2d61547095ffeb30a1fd03fd7d6aba9009edc719144812c5610bd2e27fb97
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1337x.to/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 07:09:20 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 25 Feb 2016 07:05:52 GMT
server
cloudflare
etag
"56cea7d0-1fbc4"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uh3mcawTQAyN%2Bq9PfLDwhVmvfCRxEJfB8shWPmWmXa35WpwOsKEAm2XTsgC9OzJTLUuSeh6d2m6FjKaFMLya0P2LEs2IyqkmkDiC5A28Y9BptazeZiMK01Pllg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74d07ec9dc405bf5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
129988
06444360220cd3121ea71b73847bab58.json
redeemspectacular.com/06/44/43/ 		0
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://redeemspectacular.com/06/44/43/06444360220cd3121ea71b73847bab58.json
Requested by
Host: ww4.1337x.buzz
URL: https://ww4.1337x.buzz/tor?id=56978636
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ww4.1337x.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 07:09:21 GMT
Server
nginx/1.17.6
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
application/javascript
Content-Length
0
stats
simplewebanalysis.com/ 		40 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simplewebanalysis.com/stats
Requested by
Host: ww4.1337x.buzz
URL: https://ww4.1337x.buzz/tor?id=56978636
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.153.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-153-212.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
557371478c3d4b80e109fbc5e5580f6725df20a6b7a5612effc0321c7c9a1ff2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ww4.1337x.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://ww4.1337x.buzz
date
Mon, 19 Sep 2022 07:09:20 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
content-type
text/html; charset=UTF-8
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ww4.1337x.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 07:09:20 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=33745
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-5c520d89126959e8/ 		1 KB
713 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-5c520d89126959e8/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7facb565a46b9d407981a8c3495d979247c0c01b037c3aea3c0dcd70baab39dd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ww4.1337x.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 07:09:20 GMT
content-encoding
gzip
etag
-1849461064--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=46, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
536
300lo.json
m.addthis.com/live/red_lojson/ 		90 B
250 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=632815a0950e6703&bkl=0&bl=1&pdt=541&sid=632815a0950e6703&pub=ra-5c520d89126959e8&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=ww4.1337x.buzz&fp=tor%3Fid%3D56978636&fr=&of=0&pd=0&irt=0&vcl=0&md=2&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1663571360550&jsl=1&uvs=632815a03ade1171000&skipb=1&callback=addthis.cbs.jsonp__220625620327381980
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9bcb303542b11e7abf64ff4e8ae2f5f79520d2c08e3523c728307bffcdea68f4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ww4.1337x.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 07:09:20 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
90
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame D443 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame BDDA 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ww4.1337x.buzz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Mon, 19 Sep 2022 07:09:20 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
opensans-regular.woff
1337x.to/css/webfonts/ 		0
0
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ww4.1337x.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Mon, 19 Sep 2022 07:09:20 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
opensans-regular.ttf
1337x.to/css/webfonts/ 		0
0
advertisers.js
poshhateful.com/ 		0
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://poshhateful.com/advertisers.js
Requested by
Host: ww4.1337x.buzz
URL: https://ww4.1337x.buzz/tor?id=56978636
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ww4.1337x.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 07:09:21 GMT
Server
nginx/1.22.0
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
X-Request-ID
4cb563fd5959f7f125f41dafaf1997aa
Expires
Thu, 01 Jan 1970 00:00:01 GMT
sfp.js
addresseepaper.com/ 		79 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://addresseepaper.com/sfp.js
Requested by
Host: ww4.1337x.buzz
URL: https://ww4.1337x.buzz/tor?id=56978636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec91098ecdf99168e077aa63fb41758d5d89be3165f73a7b6176a6ba4a24291d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ww4.1337x.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 07:09:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
455766aa958eb611955b759fcc7bd8c7
last-modified
Mon, 19 Sep 2022 07:09:21 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cf3jKDU3rxtFjMHtYXaVPdbHUjNTA%2Bn1whpdQ%2B%2BmFFx%2Bk4L1FixYH2HLRLDdiVzunGcfiqjk6cmDDSdkwGBiVeUSohMM%2BZz1omOwQ1Bpn9JDmF5K%2FEMqa%2B2jPBPL6kwZwoX350qoN9%2F6txjaHVAgWk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
74d07ed1bdeb0b3f-AMS
expires
Thu, 01 Jan 1970 00:00:01 GMT
pxf.gif
dismantlepenantiterrorist.com/ 		1 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dismantlepenantiterrorist.com/pxf.gif?uuid=386b2a51-0519-415d-a5cc-324709eb8a01&eb=4889aa96bf9b7a6c56d8f9775c043dd0&te=a75d0333c455cdba51454fe5771865ef&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&dev=r&res=12.31&b_frame=0&pk=06444360220cd3121ea71b73847bab58&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ww4.1337x.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 07:09:21 GMT
Server
nginx/1.17.6
Strict-Transport-Security
max-age=0; includeSubdomains
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
1
X-Request-ID
c761020bdceb33c2a98989c633df776c
Expires
Thu, 01 Jan 1970 00:00:01 GMT
sfp.js
addresseepaper.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
1337x.to
URL
https://1337x.to/css/webfonts/opensans-regular.woff
Domain
1337x.to
URL
https://1337x.to/css/webfonts/opensans-regular.ttf
Domain
addresseepaper.com
URL
https://addresseepaper.com/sfp.js

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| r15 function| w4 function| Q5 object| mm object| LieDetector object| AaDetector function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto function| $ function| jQuery boolean| __@@##MUH number| tablet_width function| list_box object| jQuery111009850382637176898 object| html5 boolean| mCustomScrollbar function| torrent_desc_width function| modal_resize number| window_height object| modal_height number| total_height object| addthis_config object| addthis_share object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks object| _0x2c98 function| _0x5523

11 Cookies

Domain/Path Name / Value
roebuckwagged.com/ Name: GL_UI4
Value: eJw9jUtugzAYhAHzaJSAOhIHyBEMBJouqx6iS2TwH%2BIG7Mi4Qb19rUrtaj7NQxMEQVQWCB8pA%2FsSLY6ik5y3r10zNF1d0cuFS6qlqM5Nexrrc42dWnsnhplcjMNEmqwa%2B9FIyvHsoz%2Fnps2mYySDFVrmSBbfmHNkgzXbSrZkiLVYCOn71RqvySI%2BjQWreOtZac8hR2TWkhU7ZB9KSz8s9ogqXuRpgP19Fu5i7NIrmYZIJiskIXzD0ygcTcZ%2BI5O03py5A2aW%2FX%2F%2F95dtFUcq6aFGf27clewPPexKWg%3D%3D
roebuckwagged.com/ Name: GL_GI10
Value: eJw9jD9PwzAUxFMHmaaQoJNY2PoFsFiq0hVasSC2ltEyyWuxaN6zbPMnfHrUInW60%2F3urigKdd1A%2BYDJzMwXZnFvZncodyRQyxUuW%2FnkHAfLriecP1HsHQ%2FQkXZeuMbFv7GtdITJcnW75g%2BWbz6Bw67GWevzUKM6yLHbjFH6FHDzTC7RK71NXyi%2FU9w77tL0wWwMKqZsUyDqUD1KDBJdJjSn9PijS4x9siHKz6BHuMq%2Bp19hsrLdJspaYfSl1R%2BR30T9
simplewebanalysis.com/ Name: uid_id2
Value: 386b2a51-0519-415d-a5cc-324709eb8a01:1:1
ww4.1337x.buzz/ Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c
Value: 386b2a51-0519-415d-a5cc-324709eb8a01%3A1%3A1
ww4.1337x.buzz/ Name: __atuvc
Value: 1%7C38
ww4.1337x.buzz/ Name: __atuvs
Value: 632815a03ade1171000
.addthis.com/ Name: uvc
Value: 1%7C38
.addthis.com/ Name: loc
Value: MDAwMDBFVU5MTkgyMzI0MTg0OTAwMDAwMDBDSA==
ww4.1337x.buzz/ Name: ppu_show_on_06444360220cd3121ea71b73847bab58
Value: 1
ww4.1337x.buzz/ Name: ppu_main_06444360220cd3121ea71b73847bab58
Value: 1
ww4.1337x.buzz/ Name: ppu_exp_06444360220cd3121ea71b73847bab58
Value: 1663573162001

5 Console Messages

Source Level URL
Text
javascript error URL: https://ww4.1337x.buzz/tor?id=56978636
Message:
Access to font at 'https://1337x.to/css/webfonts/opensans-regular.woff' from origin 'https://ww4.1337x.buzz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://1337x.to/css/webfonts/opensans-regular.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://ww4.1337x.buzz/tor?id=56978636
Message:
Access to font at 'https://1337x.to/css/webfonts/opensans-regular.ttf' from origin 'https://ww4.1337x.buzz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://1337x.to/css/webfonts/opensans-regular.ttf
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://redeemspectacular.com/06/44/43/06444360220cd3121ea71b73847bab58.json
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1337x.to
addresseepaper.com
dismantlepenantiterrorist.com
m.addthis.com
poshhateful.com
redeemspectacular.com
roebuckwagged.com
s7.addthis.com
simplewebanalysis.com
v1.addthisedge.com
whos.amung.us
widgets.amung.us
ww3.1337x.buzz
ww4.1337x.buzz
z.moatads.com
1337x.to
addresseepaper.com
s7.addthis.com
104.31.16.118
104.75.88.126
192.243.59.13
192.243.61.225
23.109.82.184
23.35.237.151
2606:4700:10::6816:4aab
2606:4700:3038::6815:eb02
2a06:98c1:3121::3
35.158.153.212
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
42ecacd920e12f61b636727d32b5127a6e4f32c17208f08fe4d2a6f6c8285bc3
44411fdbd6a244c923866126c233c854cae07718591506d315a86e34e159f20b
557371478c3d4b80e109fbc5e5580f6725df20a6b7a5612effc0321c7c9a1ff2
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6be2d61547095ffeb30a1fd03fd7d6aba9009edc719144812c5610bd2e27fb97
6f0ce9274b78dc8db36956c34978a431f32b9f818ee6230cfde3c3abd0fba623
746e54e89161118a67bd59103c4ab55e3060735cc85c1d047c2cf04d4b12043d
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7facb565a46b9d407981a8c3495d979247c0c01b037c3aea3c0dcd70baab39dd
8b7601587db2b9e94e258c592d6c1bb14ce5d9f57b6d743fc72ee44b15d40718
8c7a9c0470563367ab00307b4fb9bb3052d0a27f0b94e63b9dc0bb8c369449cb
9bcb303542b11e7abf64ff4e8ae2f5f79520d2c08e3523c728307bffcdea68f4
a2589ffb2fd098b789870f1b48c8d83614c29df22739921ee3347d741b57dd4a
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b44a83c3140140106709bd4a0a8e6500086f01b87b4480fcc0f3cdf196a268bb
b72ea898aca2ca9a3a59b13fe6cf1b175265efce0a61ced6b57438af207e877e
be1a851a36499a153ca9578b4f76bab92d737253b444c62276d7e57b82998d39
cb5dc908816190c552fdbb5fe71c6797975ee55025b788058c0e373a0a3e335b
cd3babe333a04fcd729e1cbd940fde8f83cdf27052b1bae9aa28fab1b60c7ba5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb41bd14eafe2b031cd047b69602687c19a9b7ab43c6c0dc4454cd139b62d204
eba2275272a8c001533647b421634791860e63f528cfbbd021481fd7b3866911
ec91098ecdf99168e077aa63fb41758d5d89be3165f73a7b6176a6ba4a24291d
f27f8ef41f9fac26b6c314b7c7a1ced39990a32a04b73de41e4ff8e97073f5b0