Report - book.dypics.com/search/naho%20hazuki

Report Overview

Submitted URL
book.dypics.com/search/naho%20hazuki
IP
104.21.61.235
ASN
#13335 CLOUDFLARENET
Submitted
2022-12-29 03:00:59
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
3
Threat Detection Systems
40

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	488 B	17 kB	216.58.207.227
www.torrentkitty.lol	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	477 B	774 B	172.67.217.107
www.cloudflare.com	6775	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	325 B	104.16.124.96
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.4 kB	32 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
get.geojs.io	17418	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	365 B	2.5 kB	172.67.70.233
imprintmake.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	447 B	467 B	173.233.137.60
banquetunarmedgrater.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	379 B	333 B	192.243.61.225
temperrunnersdale.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	5.7 kB	192.243.61.225
centeredfailinghotline.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	10 kB	14 kB	192.243.59.13
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	746 B	142.250.74.106
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
charmshoist.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	800 B	36 kB	173.233.139.164
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	3.0 kB	143.204.42.158
book.dypics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	857 B	104.21.61.235
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	58 kB	34.120.237.76
accentneglectporter.com	384931	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	13 kB	173.233.137.52
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.9 kB	23.36.77.32
cdn.barscreative1.com	25648	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	437 B	835 B	45.133.44.4
crrepo.com	82002	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	423 B	690 B	104.21.235.113
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.42.185.162
cdn.creative-bars1.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	12 kB	172.64.109.13
adexchangegate.com	139707	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	954 B	130 B	35.208.56.33
unseenreport.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	846 B	192.243.61.225
c.statcounter.com	7772	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	791 B	721 B	104.20.219.77
secure.statcounter.com	14835	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	380 B	104.20.219.77
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.0 kB	93.184.220.29
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	1.5 kB	52.59.105.91
cdn.cloudimagesb.com	23099	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	25 kB	45.133.44.10
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2022-12-29 03:00:44	medium	Client IP	Internal IP	ET INFO External IP Address Lookup Domain (get .geojs .io) in DNS Lookup
2022-12-29 03:00:44	medium	Client IP	Internal IP	ET INFO External IP Address Lookup Domain (get .geojs .io) in DNS Lookup
2022-12-29 03:00:44	medium	Client IP	172.67.70.233	ET INFO External IP Address Lookup Domain (get .geojs .io) in TLS SNI

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-29	medium	book.dypics.com/search/naho%20hazuki	Phishing
2022-12-29	medium	simplewebanalysis.com/stats	Malware
2022-12-29	medium	simplewebanalysis.com/stats	Malware
2022-12-29	medium	simplewebanalysis.com/stats	Malware
2022-12-29	medium	simplewebanalysis.com/stats	Malware
2022-12-29	medium	cdn.barscreative1.com/sb/notifications/rtb/windows/2/index.html	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-29	medium	charmshoist.com	Sinkholed
2022-12-29	medium	charmshoist.com	Sinkholed
2022-12-29	medium	accentneglectporter.com	Sinkholed
2022-12-29	medium	imprintmake.com	Sinkholed
2022-12-29	medium	unseenreport.com	Sinkholed
2022-12-29	medium	unseenreport.com	Sinkholed
2022-12-29	medium	banquetunarmedgrater.com	Sinkholed
2022-12-29	medium	temperrunnersdale.com	Sinkholed
2022-12-29	medium	temperrunnersdale.com	Sinkholed
2022-12-29	medium	centeredfailinghotline.com	Sinkholed
2022-12-29	medium	centeredfailinghotline.com	Sinkholed
2022-12-29	medium	centeredfailinghotline.com	Sinkholed
2022-12-29	medium	centeredfailinghotline.com	Sinkholed
2022-12-29	medium	centeredfailinghotline.com	Sinkholed

JavaScript (30)

	URL	Size	First Seen	Last Seen
	www.torrentkitty.lol/js/modernizr.custom.80028.js	7.6 kB	2023-03-07	2024-02-23
Pretty URL www.torrentkitty.lol/js/modernizr.custom.80028.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:59:51 Last Seen2024-02-23 20:06:49 Times Seen125 Hash bfb3b10c6c39acc1468e4f3c79a717dd 994acdcb649199d9af63d0f328d70b7f55983c92 21438338c0557545825919a19f29515cd3f37d8db6765e6d1767b7afe29bb726 Loading...

	www.torrentkitty.lol/search/search/naho%20hazuki	49 B	2023-03-07	2024-02-23
Pretty URL www.torrentkitty.lol/search/search/naho%20hazuki IP 172.67.217.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:59:51 Last Seen2024-02-23 20:06:48 Times Seen101 Hash 6f6b2b739239664842d5a67841394b4d cb1e3270e1df9e443cca50b0174fd900982939f1 6b4e06d1482f6e53d88e093315a60b846ea4087fa47e78bc212302b32525c313 Loading...

	www.torrentkitty.lol/search/search/naho%20hazuki	341 B	2023-03-07	2023-03-26
Pretty URL www.torrentkitty.lol/search/search/naho%20hazuki IP 172.67.217.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:59:51 Last Seen2023-03-26 06:43:23 Times Seen26 Hash 33ddfdc2ece6ac32c4e1a4d27a7156f2 92ca7ff067ff5f98b1a0cdd5d256aefa6a9d3548 5a78cc6fbfb80ef25996578ba1111aa3280d588aa2e5f42c9319e14b35c4cac1 Loading...

	accentneglectporter.com/80497e49a2c17fe3a1aff4077eee1810/invoke.js	27 kB	2023-03-09	2023-03-12
Pretty URL accentneglectporter.com/80497e49a2c17fe3a1aff4077eee1810/invoke.js IP 173.233.137.52 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:33:25 Last Seen2023-03-12 20:41:23 Times Seen1 Hash b974c317703f3f05345baf9b7114c403 2a64090e317ac002e6c0c88751c4dce1bd067831 ffc4e651148fd7df6d5e86fed167370cd63da8a804618c6c835bc09964b30864 Loading...

	www.torrentkitty.lol/nordvpn/autoptimize_single_3337feef8ce995afd68827399d65ce4e.js?ver=1.3	1.4 kB	2023-03-07	2024-02-23
Pretty URL www.torrentkitty.lol/nordvpn/autoptimize_single_3337feef8ce995afd68827399d65ce4e.js?ver=1.3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:59:51 Last Seen2024-02-23 20:06:49 Times Seen115 Hash 3f94063202eb739db6f705f2f78d1bb1 db5fb85864cab9163ac0212a249176f3c407782a 3d275fbae1cf16ddf4b401e5fc7467d4d06f7847dbfb7c0c6749b00487ab4065 Loading...

	www.torrentkitty.lol/search/search/naho%20hazuki	956 B	2023-03-07	2023-12-03
Pretty URL www.torrentkitty.lol/search/search/naho%20hazuki IP 172.67.217.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:59:51 Last Seen2023-12-03 21:14:11 Times Seen73 Hash 53335715b1e939a465b33a0824c75b2b 16c3c97044b68119a4ab63ec5b68674cdf86051f e57f2e534e992e9ab154f965a7d1fe7b0cdfaf1c23d3d6356a122518347d9bff Loading...

	http:blank	145 B	2023-03-07	2023-04-05
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:59:51 Last Seen2023-04-05 01:57:10 Times Seen26 Hash 85727229d1dd642c8942f72a0ae01166 908770e5e5437ccabeb70b1e265afef57d52194c 2b087f3b7db9a1c91774ba47e08bd851210c7180dd494d4992061d6c41e5ad69 Loading...

	www.torrentkitty.lol/search/search/naho%20hazuki	192 B	2023-03-07	2023-04-05
Pretty URL www.torrentkitty.lol/search/search/naho%20hazuki IP 172.67.217.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:59:51 Last Seen2023-04-05 01:57:10 Times Seen26 Hash 395c6ca83521ff8530479889284e2869 50c44d36dabd165e3b92d5dc18704108bb1dde24 340001ea854afc9ad5e6f68ce754d64cd8676401df60637d9dc1a97666c5b5b9 Loading...

	www.torrentkitty.lol/search/search/naho%20hazuki	395 B	2023-03-07	2024-02-23
Pretty URL www.torrentkitty.lol/search/search/naho%20hazuki IP 172.67.217.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:59:51 Last Seen2024-02-23 20:06:48 Times Seen101 Hash f93cc8270047de24396802f1ec147f8d f9e83d2f4d8b839724b2a13ee9b6f737e1cf3b0a 31ae8faccd0ce389aefe638bb8d49398d44e35859304df412c1d0e957cea606e Loading...

	www.torrentkitty.lol/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1672272000	37 kB	2023-03-12	2023-03-12
Pretty URL www.torrentkitty.lol/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1672272000 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:25:54 Last Seen2023-03-12 10:25:54 Times Seen1 Hash 7ddf442914356dc05ca66251781db18b 9a4a434d21bb2e3c157c6c5e9e8ae08b95286104 037e71be6c651d7b6bcada00024769ad02c2bcae7b73c6ed01df1bd4800c6ba4 Loading...

	www.torrentkitty.lol/search/search/naho%20hazuki	42 B	2023-03-07	2024-02-23
Pretty URL www.torrentkitty.lol/search/search/naho%20hazuki IP 172.67.217.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:59:51 Last Seen2024-02-23 20:06:48 Times Seen117 Hash ca50237bb73276b9844f955478000529 e8537e9f308bb54226dcb92a8358ed153cf54670 7d13554961d7591398d8700b00a8920e3ae195a605d55a20ef05a97755b0eaba Loading...

	www.torrentkitty.lol/js/script.js	9.0 kB	2023-03-07	2024-02-23
Pretty URL www.torrentkitty.lol/js/script.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:59:51 Last Seen2024-02-23 20:06:49 Times Seen114 Hash 0990efb2c5089c5095fabf265acabbe3 4f1d3fcea09687efb1cc5c6d98f7d60838d69a38 98f0bd738fb0af1f1e53509f885cb06e7eb31fbf80625f43fa56daac4086badc Loading...

	www.torrentkitty.lol/js/jquery.bpopup.min.js	5.2 kB	2023-03-07	2024-02-23
Pretty URL www.torrentkitty.lol/js/jquery.bpopup.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:59:51 Last Seen2024-02-23 20:06:49 Times Seen108 Hash 149acced054a9550bfc2ce7058725dbf 1ea11add67d47d4632237091cfe39609d8d17a17 5fdac37973f48250dd3e01197376316d7866852359174b893901142a42955f59 Loading...

	www.torrentkitty.lol/js/libs/jquery-1.7.1.min.js	94 kB	2023-03-07	2024-02-23
Pretty URL www.torrentkitty.lol/js/libs/jquery-1.7.1.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:59:51 Last Seen2024-02-23 20:06:49 Times Seen126 Hash 69e9edb32340c72a95b174dee04a036e 7f505c75eee4cf8edb5b4d1fb45c5a11cc95612e c9581eef80c064beb8d1457f69a692ad7e70d7d5bc05cde58e27ea9ac0d04103 Loading...

	charmshoist.com/90/56/63/90566380a88c4f754ae2676c3e590ba1.js	60 kB	2023-03-12	2023-03-12
Pretty URL charmshoist.com/90/56/63/90566380a88c4f754ae2676c3e590ba1.js IP 173.233.139.164 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:25:54 Last Seen2023-03-12 10:25:54 Times Seen1 Hash 6af534e66838728cb59ce585ad0f8808 01e2bc291c1e9455af65dbd2d45f38ac3bd6ccab 18c63f1d22b9e6d622038e02bd3d6b393c417e22abf8e1b6876484cd7ff5cc24 Loading...

	charmshoist.com/26/ca/06/26ca065a5fb871c74739646a26f0622b.js	37 kB	2023-03-12	2023-03-12
Pretty URL charmshoist.com/26/ca/06/26ca065a5fb871c74739646a26f0622b.js IP 173.233.139.164 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:25:54 Last Seen2023-03-12 11:42:54 Times Seen1 Hash 5ebf0f141dd9b946da9b0efb1a4905af ae0447823c43fcf181c4979448f2d92d756f84b9 3bd4f8f6b321c91d22a7f047192a5bb9f8e03e85b8aa9aad33225abe3cd7eeea Loading...

	www.torrentkitty.lol/search/search/naho%20hazuki	88 B	2023-03-07	2024-02-23
Pretty URL www.torrentkitty.lol/search/search/naho%20hazuki IP 172.67.217.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:59:51 Last Seen2024-02-23 20:06:48 Times Seen101 Hash c79d86d09856e0c24812d93634dc88b0 210bb5eb1351634b65aa538ec7f7a20669d77ec5 8d622ed69aaf6b1ba2b37615025acb5564259899e7066b723519c425657da390 Loading...

	www.torrentkitty.lol/search/search/naho%20hazuki	138 B	2023-03-07	2024-02-23
Pretty URL www.torrentkitty.lol/search/search/naho%20hazuki IP 172.67.217.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:59:51 Last Seen2024-02-23 20:06:48 Times Seen101 Hash 5c6dae58111948e6ac535d9729e762d2 5ee427b5cd7c87ae51b28d5ee611033a98a983f6 7866f4522ebfee6f9ea51d471bb843e69fb5e0fdb0371ccd086e1b15ff766cad Loading...

	www.torrentkitty.lol/search/search/naho%20hazuki	1.4 kB	2023-03-12	2023-03-12
Pretty URL www.torrentkitty.lol/search/search/naho%20hazuki IP 172.67.217.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:25:54 Last Seen2023-03-12 10:25:54 Times Seen1 Hash 6d36ce9011caf8f56b31e882b94c2850 961ad2c288684aeb9a34ee81df9a9ab88310eb8f 6fe46ea937f80e3c643de0d2e6a6a528aa3448e4967466b5402368a80fd6b83a Loading...

	http:blank	3.3 kB	2023-03-12	2023-03-12
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:25:54 Last Seen2023-03-12 10:25:54 Times Seen1 Hash fe601ed13f9160a690279064571bd302 b8e07d4514af7fce64e9d9b6d57a00281b31102d 7525c21b6decf6db7e7550b6da759b5e663c2749e25940a15c1548a2a7c803ce Loading...

	http:blank	562 B	2023-03-08	2023-03-13
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:58:00 Last Seen2023-03-13 13:57:17 Times Seen1 Hash 064d8d9036e809d776ed57107f906b19 c666b45be68b97d78939745fed4cf775296a68be ed79f272e4be6852e8727347d0494843fde93844f3d4036d7279f6814fe8af51 Loading...

	www.torrentkitty.lol/search/search/naho%20hazuki	334 B	2023-03-07	2024-02-23
Pretty URL www.torrentkitty.lol/search/search/naho%20hazuki IP 172.67.217.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:59:51 Last Seen2024-02-23 20:06:48 Times Seen101 Hash ca78263dc74ac437c06aff0bf39b058b a04cc0fdb633fc2dfb3cc07406a75bc197d75f35 7d9704feba9522fde1c98cd0c370cd6cbd7eb27c46d146cd7f18ab55eb797e02 Loading...

	secure.statcounter.com/counter/counter.js	44 kB	2023-03-07	2024-03-30
Pretty URL secure.statcounter.com/counter/counter.js IP 104.20.219.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:55 Last Seen2024-03-30 16:46:15 Times Seen13 Hash 366890db672c87ff79dd22a7534643d2 e7b0da6b49f35363f125deb595ff67ccb0dc222c 38773f599cca495f0904c3d5a9981fc081b743a8d9aa106ed17e0d9b03ae6598 Loading...

	http:blank	600 B	2023-03-12	2023-03-12
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:25:54 Last Seen2023-03-12 10:25:54 Times Seen1 Hash 4bc790a39c56d5ae29b14246fc4cbe6a 0c27bf095cf8401c2d709af22405b0f05fb40367 35d84cece7d2919a3d17004f0d59edeffb1538bed85c365b7b9955f00b8a5d12 Loading...

	www.torrentkitty.lol/search/search/naho%20hazuki	764 B	2023-03-07	2024-02-23
Pretty URL www.torrentkitty.lol/search/search/naho%20hazuki IP 172.67.217.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:59:51 Last Seen2024-02-23 20:06:48 Times Seen101 Hash f132ac0027aa3e808066b5adbb50d166 31aef32e10b109e6939e9195a92253492bb45ed7 9180cbd8be5b5ead3cfc3b39eb791db831a209453eee9466317331091a37a6ce Loading...

	get.geojs.io/v1/ip/geo.js	307 B	2023-03-08	2023-03-12
Pretty URL get.geojs.io/v1/ip/geo.js IP 172.67.70.233 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:58:00 Last Seen2023-03-12 14:35:07 Times Seen1 Hash 4b3c22aa43cd21d718edd00634eeef40 4f4cedb4b29c78093fb1b5fe6c984bd1b83349a8 81f3c5a068552c456452e784dba6368961054cc031dc3428e9b9b7a85e2eb24d Loading...

	banquetunarmedgrater.com/advertisers.js	0 B	2023-03-07	2024-04-26
Pretty URL banquetunarmedgrater.com/advertisers.js IP 192.243.61.225 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 21:32:31 Times Seen37101477 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Eval - c1fa6fd9482b6a966145d878735aa309	2.1 kB	2023-03-12	2023-03-12
Pretty Observations First Seen2023-03-12 10:25:54 Last Seen2023-03-12 10:25:54 Times Seen1 Hash c1fa6fd9482b6a966145d878735aa309 d18a93fff1954f850ce4cf873c1a202cf10bfbba dc621290bb42ae5f3c1162296e44ef6d43726be73fec546faee12b327bf88390 Loading...

		Size	First Seen	Last Seen
	#1 Write - bf5afdafbf84ac84efbadd7ae8056699	121 B	2023-03-07	2023-03-26
Pretty Observations First Seen2023-03-07 17:59:51 Last Seen2023-03-26 06:43:24 Times Seen13 Hash bf5afdafbf84ac84efbadd7ae8056699 68ca3e1d64b0f46c9f50f6db19849d7bb2128a89 04d5b4796d47f7a7704efb0c0e257b8b89b76475998327c91b27865db943f1c8 Loading...

	#2 Write - 23a9a19532d4d11d0162f8ff47f66385	96 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:06:56 Last Seen2024-04-26 04:41:28 Times Seen17083 Hash 23a9a19532d4d11d0162f8ff47f66385 39255a9f75cf85a5ce76383bab628291a9626f00 63fbe184fbb505dfd393d0292e5d1ee5f55922728fe59eef5b3d73818d6a9384 Loading...

HTTP Transactions (83)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e717435470c9f4f06b174d7100c6a98f
292150251495b243c384e0c676a258597ba7f4d8
91ce8257662cb8cea9cc3c74cda1d95dba421daa466b0ac231fa433e0c58e6c6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "91CE8257662CB8CEA9CC3C74CDA1D95DBA421DAA466B0AC231FA433E0C58E6C6"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11006
Expires: Thu, 29 Dec 2022 06:04:14 GMT
Date: Thu, 29 Dec 2022 03:00:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
259d3eba2ac4ea32f0410a59bd01c18a
ab02cd69e6c04e3842ad1778fb0daa6d0e86fddc
0d6ec941dac6d97a0b24c0cf00a5642a4edda68ae5ec8b3019d1ec05f40d2281

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D6EC941DAC6D97A0B24C0CF00A5642A4EDDA68AE5EC8B3019D1EC05F40D2281"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7989
Expires: Thu, 29 Dec 2022 05:13:57 GMT
Date: Thu, 29 Dec 2022 03:00:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b2d59bdbb1ca6324590988ec031cf1fc
bfd4e25af37dcde4bac38d9b178c5ac8e50f8834
cef2180120ef42ff09d54577229c058d41d2c569d485f5a6dcfadc74bf8aa647

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEF2180120EF42FF09D54577229C058D41D2C569D485F5A6DCFADC74BF8AA647"
Last-Modified: Mon, 26 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2720
Expires: Thu, 29 Dec 2022 03:46:08 GMT
Date: Thu, 29 Dec 2022 03:00:48 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 29 Dec 2022 02:35:24 GMT
content-type: application/json
age: 1524
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 0BOSWTDdTqeIQ2+6PxMSVTdv3Wx9mQWz+p/4vhk2JDoKXtCZHy2l1FI6fwd8TY/yI2FrJjJDnjE0z1n7svjPLw==
x-amz-request-id: KMFZB7030GW7HPTE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 29 Dec 2022 02:56:26 GMT
age: 262
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

book.dypics.com/search/naho%20hazuki

104.21.61.235

301 Moved Permanently

177 B

URL HTTP/1.1
book.dypics.com/search/naho%20hazuki
IP
104.21.61.235:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text
Size
177 B (177 bytes)
Hash
433c7496834b797911984a2b2809496a
991a4cc39d0b34d17b2fd6821e824d389c0a9e4b
c0dfb07d5e58d7479f39f5ecb932a64af9286023ef514115132d0a4d4fe7613b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /search/naho%20hazuki HTTP/1.1
Host: book.dypics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 29 Dec 2022 03:00:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.torrentkitty.lol/search/search/naho hazuki
X-Powered-By: ASP.NET
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HBl0493%2BeEI4FkNK0c%2F%2BVkghq7MMyonxTa85qls7xXZn4cxDUpVWWsb9ZhJHcQ4ifkw8P31hsKvBtbugw7ZgjENikSjveQHSYvS5hEkjTh9dIcxHTV1x%2FEci5uf2VlVhJCU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 780f4998aa8fb517-OSL
alt-svc: h2=":443"; ma=60

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 29 Dec 2022 03:00:48 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
e2036062c2578b7649b23a0cf829feb8
bc82090d09af02d5f99d4e7ca6593a6539227b4a
6c8005a05e49b3c20438340a99e4d93a030d6b102e50a448f9b4d3aa33b27d9f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=90756
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 03:00:48 GMT
Etag: "63abc264-118"
Expires: Fri, 30 Dec 2022 04:13:24 GMT
Last-Modified: Wed, 28 Dec 2022 04:13:24 GMT
Server: nginx
Content-Length: 280

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Pragma, Last-Modified, Expires, Alert, Content-Type, Retry-After, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 29 Dec 2022 02:08:08 GMT
age: 3160
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
125553386d49a0b56facb82deab9bd9f
1a7480b79f4aada477fb5919794f6efd6d44921e
6f3f4223d3c994dd4754df67a11298d736e16f888f301ad2838d0b4db1ac01d7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5847
Cache-Control: max-age=114205
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 03:00:49 GMT
Etag: "63ac0727-1d7"
Expires: Fri, 30 Dec 2022 10:44:14 GMT
Last-Modified: Wed, 28 Dec 2022 09:06:47 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.42.185.162

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.42.185.162:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +e6rsfBUXGpWjcbmcuviGQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Rt2P+bC8SGZ5SOP+0oQaJtidrg8=

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
e2036062c2578b7649b23a0cf829feb8
bc82090d09af02d5f99d4e7ca6593a6539227b4a
6c8005a05e49b3c20438340a99e4d93a030d6b102e50a448f9b4d3aa33b27d9f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=90756
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 03:00:49 GMT
Etag: "63abc264-118"
Expires: Fri, 30 Dec 2022 04:13:25 GMT
Last-Modified: Wed, 28 Dec 2022 04:13:24 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
722a2008a133f6fd26f8f2ce2b8a7831
ad2c42f7f5c927e7b9b3a95dc70459b728eaa4c4
a147138059f937bba96aacc9297f1add040861e788dea92e5eb46c8533aef081

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1951
Cache-Control: max-age=136231
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 03:00:49 GMT
Etag: "63ac6c69-117"
Expires: Fri, 30 Dec 2022 16:51:20 GMT
Last-Modified: Wed, 28 Dec 2022 16:18:49 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
722a2008a133f6fd26f8f2ce2b8a7831
ad2c42f7f5c927e7b9b3a95dc70459b728eaa4c4
a147138059f937bba96aacc9297f1add040861e788dea92e5eb46c8533aef081

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1951
Cache-Control: max-age=136231
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 03:00:49 GMT
Etag: "63ac6c69-117"
Expires: Fri, 30 Dec 2022 16:51:20 GMT
Last-Modified: Wed, 28 Dec 2022 16:18:49 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

get.geojs.io/v1/ip/geo.js

172.67.70.233

200 OK

1.5 kB

URL HTTP/2
get.geojs.io/v1/ip/geo.js
IP
172.67.70.233:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (306)
Size
1.5 kB (1545 bytes)
Hash
1ed8f5ca0c5609e43c5a9a19967eaaf5
5bcf9c9fc99457e32b8b431cbb9235e499554e27
8b5d68114edca94c36f9ca9d3c2154a2fc09b139602ee704a9843c56bf4943b8

HTTP Headers

GET /v1/ip/geo.js HTTP/1.1
Host: get.geojs.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:49 GMT
content-type: application/javascript; charset=utf-8
x-request-id: f372f5c53712d9342d7bed38f957e289-AMS
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-origin: *
access-control-allow-methods: GET
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
x-geojs-location: AMS
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FUSTglPFtddm1DQwubPrvLRnx%2FR3Kf9y1orIIT%2BFsRpGSrLqZg50OaLNPD0kqKk3rQ30JdVVFvaz%2B6Hh%2BveeqTX3%2FokRGpfKszP5udqweGMDND1upCP%2FRJYDFTrAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 780f49a2baccb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2cb8ebdbab03a02c2b51e71b7c322812
79044ad23867ea3f261b91b39cbf153773f09fae
c48ca09b23be4cb854f1561f68b50c67140ab080ba1c25174d0b67d7b64945aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C48CA09B23BE4CB854F1561F68B50C67140AB080BA1C25174D0B67D7B64945AA"
Last-Modified: Tue, 27 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8968
Expires: Thu, 29 Dec 2022 05:30:18 GMT
Date: Thu, 29 Dec 2022 03:00:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2cb8ebdbab03a02c2b51e71b7c322812
79044ad23867ea3f261b91b39cbf153773f09fae
c48ca09b23be4cb854f1561f68b50c67140ab080ba1c25174d0b67d7b64945aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C48CA09B23BE4CB854F1561F68B50C67140AB080BA1C25174D0B67D7B64945AA"
Last-Modified: Tue, 27 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8968
Expires: Thu, 29 Dec 2022 05:30:18 GMT
Date: Thu, 29 Dec 2022 03:00:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a280d27c715997fa6cab1b6603e1355a
3400cfb24025dfd4f5d841b72c4fbc31874ea70f
b1636602f9acf1da821a3c53ca06c153cd7ea0ef3b24c5d94aad3c4c8e888dc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B1636602F9ACF1DA821A3C53CA06C153CD7EA0EF3B24C5D94AAD3C4C8E888DC9"
Last-Modified: Tue, 27 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1577
Expires: Thu, 29 Dec 2022 03:27:07 GMT
Date: Thu, 29 Dec 2022 03:00:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
563a71326245b9544f7051f983f4d897
7293247391520689fb7aeac14ee6c984d82d7de3
17c444592282f17c3eb8a0d8e10ae9b3be096d621bdf2bbd8e12faf13ff4999c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C444592282F17C3EB8A0D8E10AE9B3BE096D621BDF2BBD8E12FAF13FF4999C"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6365
Expires: Thu, 29 Dec 2022 04:46:55 GMT
Date: Thu, 29 Dec 2022 03:00:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
563a71326245b9544f7051f983f4d897
7293247391520689fb7aeac14ee6c984d82d7de3
17c444592282f17c3eb8a0d8e10ae9b3be096d621bdf2bbd8e12faf13ff4999c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C444592282F17C3EB8A0D8E10AE9B3BE096D621BDF2BBD8E12FAF13FF4999C"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6365
Expires: Thu, 29 Dec 2022 04:46:55 GMT
Date: Thu, 29 Dec 2022 03:00:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
563a71326245b9544f7051f983f4d897
7293247391520689fb7aeac14ee6c984d82d7de3
17c444592282f17c3eb8a0d8e10ae9b3be096d621bdf2bbd8e12faf13ff4999c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C444592282F17C3EB8A0D8E10AE9B3BE096D621BDF2BBD8E12FAF13FF4999C"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6365
Expires: Thu, 29 Dec 2022 04:46:55 GMT
Date: Thu, 29 Dec 2022 03:00:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
563a71326245b9544f7051f983f4d897
7293247391520689fb7aeac14ee6c984d82d7de3
17c444592282f17c3eb8a0d8e10ae9b3be096d621bdf2bbd8e12faf13ff4999c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C444592282F17C3EB8A0D8E10AE9B3BE096D621BDF2BBD8E12FAF13FF4999C"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6365
Expires: Thu, 29 Dec 2022 04:46:55 GMT
Date: Thu, 29 Dec 2022 03:00:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
563a71326245b9544f7051f983f4d897
7293247391520689fb7aeac14ee6c984d82d7de3
17c444592282f17c3eb8a0d8e10ae9b3be096d621bdf2bbd8e12faf13ff4999c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C444592282F17C3EB8A0D8E10AE9B3BE096D621BDF2BBD8E12FAF13FF4999C"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6365
Expires: Thu, 29 Dec 2022 04:46:55 GMT
Date: Thu, 29 Dec 2022 03:00:50 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc13649-6a41-40db-8d11-e2627932c821.jpeg

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc13649-6a41-40db-8d11-e2627932c821.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8400 bytes)
Hash
c9dbe1f89bbc715a85f596171692d340
4295dceef5f9089943704f8d0a309e801fd96dd7
cbb7fffdae6a1496d1f28be52b54ae0ea71b6db808ada2ff05f6f9a373454f88

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc13649-6a41-40db-8d11-e2627932c821.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8400
x-amzn-requestid: 00c2f1ce-a9f7-4a18-bf2d-77ca800e38fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: doXwgHftIAMFxWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a66ccf-5854c7133ff12e4f06c4f483;Sampled=0
x-amzn-remapped-date: Sat, 24 Dec 2022 03:06:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T2NKozUvj37A1yxEs0YNA469y6ZtYdphs_4cxgo-0iRtJeyuhIvfEg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Dec 2022 09:21:22 GMT
age: 63568
etag: "4295dceef5f9089943704f8d0a309e801fd96dd7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b05264c-5ed0-4ad4-996c-58fc36048283.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12054 bytes)
Hash
244b2a2a5b176fb3117248a872e2a37a
f451963e96d330a8dcd28ebcf5e63791e90b75ba
c01075e3836684e57b87d1feaf148e5c0dc35e273b8519c342c90e44dfc1e54a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b05264c-5ed0-4ad4-996c-58fc36048283.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12054
x-amzn-requestid: c24868ab-bcf2-4f9c-b7a3-83df6a1fb11a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: do5InGjRIAMFWtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a6a236-539fdd2919bdc153159156ef;Sampled=0
x-amzn-remapped-date: Sat, 24 Dec 2022 06:54:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WQ2TnGkAeLlisFSiN2rI45ImsUR0xjSsEI0pMXBFzl8dMoeVb4EnRw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Dec 2022 09:10:02 GMT
age: 64248
etag: "f451963e96d330a8dcd28ebcf5e63791e90b75ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43aa3e2c-b453-45cc-9c0b-eb1d920eacf1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8259 bytes)
Hash
c0527fed1c04188af2963f337e4611da
44e20435887ecf7b36c239570d75ccfb77d5bb95
f241afd263d965f409b41e1d8059c5401b23312548799c519d7aef17d5b66f13

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43aa3e2c-b453-45cc-9c0b-eb1d920eacf1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8259
x-amzn-requestid: 691c625d-7834-41b8-a238-462cafe5c60e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dyjGXGNmoAMF8zA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa7ef5-2117438f1820e2c3773a90c4;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 05:13:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U7oHbs9lrczNYUsIglipBZm3CB9STpdgLiT5VjRdzSM3ijFXE22_oA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Dec 2022 21:48:03 GMT
age: 18767
etag: "44e20435887ecf7b36c239570d75ccfb77d5bb95"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f065733-5f7b-4113-9f70-8e9738de50f7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (6955 bytes)
Hash
db302f2c47edbbb185af9e4a96741d52
c616108fda3390ebd7f67926ba3e35a73b47135c
cc9e4fdb361624bb32511b195d4a1677e241502ba013b8f8a114ebb4956019ba

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f065733-5f7b-4113-9f70-8e9738de50f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6955
x-amzn-requestid: 59f34964-3642-4190-9edb-c2a1de006606
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dhyXGHe0oAMFfSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a3ca93-4acf45f93b24aebd33be5de1;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 03:10:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L4fg8oLUw2_pKOZNCh2YZi3_asUguQHaCtpPeCrUIYyVoAiwQlNqGg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Dec 2022 21:42:23 GMT
age: 19107
etag: "c616108fda3390ebd7f67926ba3e35a73b47135c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e77cad2-6b0d-46d1-a2e4-ce29f7cc173e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8505 bytes)
Hash
a4adb7268aa0a520dcee9f1d936d16dd
9364105419c6662123999ed11912de21ad32f6ba
6d593122db8b8514db4d3d0d0e6d037f57d39e5aab9a9f493fed359eb4b73b2e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e77cad2-6b0d-46d1-a2e4-ce29f7cc173e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8505
x-amzn-requestid: de8ce29e-7947-4c4f-95f5-14efae45cfda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d4p9MGW9IAMFqdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63acf054-5cf23dcf7bdbd784373222a9;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 01:41:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kEM8R4PYVJN8BQXhr9w-osn4-pAjeVnOtinJu1yfvjc5sTEL6LqTeQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 01:51:39 GMT
age: 4151
etag: "9364105419c6662123999ed11912de21ad32f6ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff495beea-cff9-4016-a188-b0f4b2547a59.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7462 bytes)
Hash
d9592ede9af5f26a2748ba2e1e649ee1
7c99d49f3f6f9d1808bf7f7f17c1c3507838951e
e9b2526f714d4d123b80fca340737b450a3c09058d8f7c7b3b180e3509eb8d27

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff495beea-cff9-4016-a188-b0f4b2547a59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: f433f7ae-20f5-4446-a7ce-4b88ec6d19ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d4GQxFceoAMF5GQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63acb737-509b4ce327ed792719fd2c58;Sampled=0
x-amzn-remapped-date: Wed, 28 Dec 2022 21:37:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vUpx0k9Eg5cG4EGjzp91A274liLuvkmgX7siRALfLiRNIvRmFCI7-g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Dec 2022 21:42:24 GMT
age: 19106
etag: "7c99d49f3f6f9d1808bf7f7f17c1c3507838951e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

charmshoist.com/90/56/63/90566380a88c4f754ae2676c3e590ba1.js

173.233.139.164

200 OK

21 kB

URL HTTP/1.1
charmshoist.com/90/56/63/90566380a88c4f754ae2676c3e590ba1.js
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type
HTML document, ASCII text, with very long lines (60132), with no line terminators
Size
21 kB (20703 bytes)
Hash
04e4bd3fbe45f509ef29df5ab35ede2b
868554af64e49ff4fa9a593636402b3f296ca8d3
c4537d2a2ac36804cd8822a9f0de15f0d6faa0e4704eae5db852282d11e5a0ad

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /90/56/63/90566380a88c4f754ae2676c3e590ba1.js HTTP/1.1
Host: charmshoist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 29 Dec 2022 03:00:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: be89a5e9b256b1ca74653eb1586e9592
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

charmshoist.com/26/ca/06/26ca065a5fb871c74739646a26f0622b.js

173.233.139.164

200 OK

13 kB

URL HTTP/1.1
charmshoist.com/26/ca/06/26ca065a5fb871c74739646a26f0622b.js
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (37147), with no line terminators
Size
13 kB (13403 bytes)
Hash
3b7b14e86700d655aae2624a5c30f6a2
6dc06a64815c14da19f0be4109f61b6db3484d7b
916031204f37ef3c436b87b7022f9cef919b7700ac01d19232fcec48f731df0a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /26/ca/06/26ca065a5fb871c74739646a26f0622b.js HTTP/1.1
Host: charmshoist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 29 Dec 2022 03:00:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 38b411c40bc1344e8fd62d6647d6b2a3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

accentneglectporter.com/80497e49a2c17fe3a1aff4077eee1810/invoke.js

173.233.137.52

200 OK

13 kB

URL HTTP/1.1
accentneglectporter.com/80497e49a2c17fe3a1aff4077eee1810/invoke.js
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type
data
Size
13 kB (12578 bytes)
Hash
883adadb97bfa0cf877d25dda184e9f8
5d2e06a2c6a3afa134d81860e0a49a77ecf904f4
13192686e3fc5ca2bf0bde0afe2f383868ba2d868f0138678b2c35ef05037f05

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /80497e49a2c17fe3a1aff4077eee1810/invoke.js HTTP/1.1
Host: accentneglectporter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 29 Dec 2022 03:00:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ff6c04e22b939fee3d5206fa658d7ae1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
0c7df0202539d8dbcf97fb524ffbc17e
ee765712aa8beb5c1399231d886f64696f3f5186
fc9195c926fedc8b79c213df3c3de105cc2e3b96171774b986205f9117476a24

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1212
Cache-Control: max-age=109957
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 03:00:50 GMT
Etag: "63ac08ab-116"
Expires: Fri, 30 Dec 2022 09:33:27 GMT
Last-Modified: Wed, 28 Dec 2022 09:13:15 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
dd29200bbfd844acb1d486a02ebb87c1
d00c38f1f3ca8e3d1b0a2a8dd3ca6aa6dbd6f927
05985a8df2d32c3239eb49c4e03e1b8c386f18924b6b3ea5b6966e2f88023e95

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=125359
Date: Thu, 29 Dec 2022 03:00:50 GMT
Etag: "63ac4516-1d7"
Expires: Fri, 30 Dec 2022 13:50:09 GMT
Last-Modified: Wed, 28 Dec 2022 13:31:02 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8Ao7QX9L8dSuJ29MrpmcZDx1aLPPbtgjT_1J6DoPJJyo7-FKgQ3azQ==
Age: 1147

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
f9533c9e23df3c0923ca636d763c7ea0
dd2380f78817eed3925e922df8708d4bdd6c8f8e
184ca30a31c1d5a3568ca7767c31b007eeac17560c40c129a069f6fea44b88d8

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "184CA30A31C1D5A3568CA7767C31B007EEAC17560C40C129A069F6FEA44B88D8"
Last-Modified: Mon, 26 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4670
Expires: Thu, 29 Dec 2022 04:18:40 GMT
Date: Thu, 29 Dec 2022 03:00:50 GMT
Connection: keep-alive

simplewebanalysis.com/stats

52.59.105.91

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.59.105.91:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
6d6e58b95629752b585cd32ba83b3e1f
7556873fb99873fc16d9d94a1a83c3979c5d6673
e7fe2014a09e1498ba9f66bd201674fa9e2e55f3d5cf25fc6adb4f95dda0e567

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:50 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.torrentkitty.lol
access-control-allow-credentials: true
set-cookie: uid_id2=2a3a705c-f391-482a-9ec4-6cf258941d2e:1:1; expires=Sun, 26 Dec 2032 03:00:50 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
dd29200bbfd844acb1d486a02ebb87c1
d00c38f1f3ca8e3d1b0a2a8dd3ca6aa6dbd6f927
05985a8df2d32c3239eb49c4e03e1b8c386f18924b6b3ea5b6966e2f88023e95

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=124853
Date: Thu, 29 Dec 2022 03:00:50 GMT
Etag: "63ac4516-1d7"
Expires: Fri, 30 Dec 2022 13:41:43 GMT
Last-Modified: Wed, 28 Dec 2022 13:31:02 GMT
Server: ECS (nyb/1D0C)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Dcuf159tZFQEDguFiPfGP7qN0GkD6LdBcgKDfKmM_PBP_oi2RqcKVw==
Age: 641

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
dd29200bbfd844acb1d486a02ebb87c1
d00c38f1f3ca8e3d1b0a2a8dd3ca6aa6dbd6f927
05985a8df2d32c3239eb49c4e03e1b8c386f18924b6b3ea5b6966e2f88023e95

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=125073
Date: Thu, 29 Dec 2022 03:00:50 GMT
Etag: "63ac4516-1d7"
Expires: Fri, 30 Dec 2022 13:45:23 GMT
Last-Modified: Wed, 28 Dec 2022 13:31:02 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lmklxTe51TUDUknghCTO1TECO1e_8SVLBZ6XTN8ke0VlSrXCNqKusQ==
Age: 861

simplewebanalysis.com/stats

52.59.105.91

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.59.105.91:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
3037afd02b1428ef0d772cac98e949c4
8baf622b006eed035ff812fdaeb7bf7685b6cbc9
153456d88f1053f142e3bc9815b2f19e7de90bdc0e370634d232abfbbaa6b94a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:50 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.torrentkitty.lol
access-control-allow-credentials: true
set-cookie: uid_id2=912daed6-867f-4024-89ae-c66d1d8e7e46:2:1; expires=Sun, 26 Dec 2032 03:00:50 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

52.59.105.91

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.59.105.91:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
3f17b943474ca4447a009e4e7b4e9d4c
7caa0ac90065792dbeeb578812d2fca138e3d2ba
78a6fe3ac8a5ad6d1626790af50b55c4683db0bfcab42e6ea222895e87d303c9

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:50 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.torrentkitty.lol
access-control-allow-credentials: true
set-cookie: uid_id2=89b88108-06e5-4229-bc2f-ec8a4a724289:1:1; expires=Sun, 26 Dec 2032 03:00:50 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
65aae8249897fbf2e8401228c156f5ad
f3a3433f2680282bf1e2b997d90e73f3d06de9dd
055a0253c0d08ecd3e4c76ad75240da3540aba9a0ab16fd8984b2ea2cd0113bf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "055A0253C0D08ECD3E4C76AD75240DA3540ABA9A0AB16FD8984B2EA2CD0113BF"
Last-Modified: Mon, 26 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17092
Expires: Thu, 29 Dec 2022 07:45:42 GMT
Date: Thu, 29 Dec 2022 03:00:50 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
f9533c9e23df3c0923ca636d763c7ea0
dd2380f78817eed3925e922df8708d4bdd6c8f8e
184ca30a31c1d5a3568ca7767c31b007eeac17560c40c129a069f6fea44b88d8

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "184CA30A31C1D5A3568CA7767C31B007EEAC17560C40C129A069F6FEA44B88D8"
Last-Modified: Mon, 26 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4669
Expires: Thu, 29 Dec 2022 04:18:40 GMT
Date: Thu, 29 Dec 2022 03:00:51 GMT
Connection: keep-alive

imprintmake.com/pixel/purst?dl=0&th=0&sc=0&rs=2510&rd=2510&fd=952&bv=22.10.v.9&tmpl=70

173.233.137.60

200 OK

0 B

URL HTTP/1.1
imprintmake.com/pixel/purst?dl=0&th=0&sc=0&rs=2510&rd=2510&fd=952&bv=22.10.v.9&tmpl=70
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2510&rd=2510&fd=952&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: imprintmake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 29 Dec 2022 03:00:51 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

simplewebanalysis.com/stats

52.59.105.91

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.59.105.91:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
3f17b943474ca4447a009e4e7b4e9d4c
7caa0ac90065792dbeeb578812d2fca138e3d2ba
78a6fe3ac8a5ad6d1626790af50b55c4683db0bfcab42e6ea222895e87d303c9

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Cookie: uid_id2=89b88108-06e5-4229-bc2f-ec8a4a724289:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:51 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.torrentkitty.lol
access-control-allow-credentials: true
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
159c6c6adedab0594e478eb59e0690d8
5907b2d3a446691dafd72c14860ad09e8056669d
79f5e214d9566b2d39c48f207ee743ba1908b51aaa89b7af5d7b9cabb8ee6704

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79F5E214D9566B2D39C48F207EE743BA1908B51AAA89B7AF5D7B9CABB8EE6704"
Last-Modified: Tue, 27 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11352
Expires: Thu, 29 Dec 2022 06:10:03 GMT
Date: Thu, 29 Dec 2022 03:00:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

16 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
16 kB (15823 bytes)
Hash
85efa2baaa8a37bde87d8bf488f6ec2c
f76edff819436f1cfe4694825364175464543404
8cb08e0ea0127a4f6b7001511015c903d8251f1c778e471a50a80f173e7bbbce

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0AE90CA1F4C6A5C62A711B71C3BF82F31A0FB1E0FF7536DCC16309831BE5B41E"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11445
Expires: Thu, 29 Dec 2022 06:11:36 GMT
Date: Thu, 29 Dec 2022 03:00:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e33357a83b1e14ac34aeab7a831611b8
238de70a45839052155efa893f5e787f250c5a11
95056bfa6e0871c292709f1824970e0a2ddea311b3cd9a0dab28b93c17d3194b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "95056BFA6E0871C292709F1824970E0A2DDEA311B3CD9A0DAB28B93C17D3194B"
Last-Modified: Wed, 28 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15104
Expires: Thu, 29 Dec 2022 07:12:35 GMT
Date: Thu, 29 Dec 2022 03:00:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e141a61fb05a0ad4cd9e8e7a52f5d4db
2da654421da52a9c28cf3942b414a2e9098deaba
c112b736d77e86c894130fb7d2ab5321a6fb47701979ffcbae932ccc0d30ea7f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C112B736D77E86C894130FB7D2AB5321A6FB47701979FFCBAE932CCC0D30EA7F"
Last-Modified: Tue, 27 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2435
Expires: Thu, 29 Dec 2022 03:41:26 GMT
Date: Thu, 29 Dec 2022 03:00:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e141a61fb05a0ad4cd9e8e7a52f5d4db
2da654421da52a9c28cf3942b414a2e9098deaba
c112b736d77e86c894130fb7d2ab5321a6fb47701979ffcbae932ccc0d30ea7f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C112B736D77E86C894130FB7D2AB5321A6FB47701979FFCBAE932CCC0D30EA7F"
Last-Modified: Tue, 27 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2435
Expires: Thu, 29 Dec 2022 03:41:26 GMT
Date: Thu, 29 Dec 2022 03:00:51 GMT
Connection: keep-alive

unseenreport.com/pxf.gif?uuid=89b88108-06e5-4229-bc2f-ec8a4a724289&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=90566380a88c4f754ae2676c3e590ba1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3

192.243.61.225

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=89b88108-06e5-4229-bc2f-ec8a4a724289&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=90566380a88c4f754ae2676c3e590ba1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=89b88108-06e5-4229-bc2f-ec8a4a724289&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=90566380a88c4f754ae2676c3e590ba1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 29 Dec 2022 03:00:51 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 538b38aa589140219e6e945e73b5d83b
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=89b88108-06e5-4229-bc2f-ec8a4a724289&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=26ca065a5fb871c74739646a26f0622b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3

192.243.61.225

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=89b88108-06e5-4229-bc2f-ec8a4a724289&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=26ca065a5fb871c74739646a26f0622b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=89b88108-06e5-4229-bc2f-ec8a4a724289&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=26ca065a5fb871c74739646a26f0622b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 29 Dec 2022 03:00:51 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7aad48eca8378daabd8691b6b210de45
Strict-Transport-Security: max-age=0; includeSubdomains

banquetunarmedgrater.com/advertisers.js

192.243.61.225

200 OK

6 B

URL HTTP/1.1
banquetunarmedgrater.com/advertisers.js
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
data
Size
6 B (6 bytes)
Hash
7d14c6d06a6075d413d43d381c992eba
49bdfc1145f7c7a7bf870f069b9d23a97966cb30
f48bd14f1f30b485d99a2904d06cbd9fa03ccaa5779105a3d3cf963edb2ac385

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 29 Dec 2022 03:00:51 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 664763f7be5f87ab0ec939948cf36f85
Strict-Transport-Security: max-age=0; includeSubdomains

192.243.61.225

307 Temporary Redirect

0 B

URL HTTP/1.1
temperrunnersdale.com/watch.413938073587.js?key=80497e49a2c17fe3a1aff4077eee1810&kw=%5B%22search%22%2C%22-%22%2C%22torrent%22%2C%22kitty%22%5D&refer=https%3A%2F%2Fwww.torrentkitty.lol%2Fsearch%2Fsearch%2Fnaho%2520hazuki&tz=0&dev=e&res=12.1055&uuid=2a3a705c-f391-482a-9ec4-6cf258941d2e%3A1%3A1
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.413938073587.js?key=80497e49a2c17fe3a1aff4077eee1810&kw=%5B%22search%22%2C%22-%22%2C%22torrent%22%2C%22kitty%22%5D&refer=https%3A%2F%2Fwww.torrentkitty.lol%2Fsearch%2Fsearch%2Fnaho%2520hazuki&tz=0&dev=e&res=12.1055&uuid=2a3a705c-f391-482a-9ec4-6cf258941d2e%3A1%3A1 HTTP/1.1
Host: temperrunnersdale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 29 Dec 2022 03:00:51 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.torrentkitty.lol
Access-Control-Allow-Origin: https://www.torrentkitty.lol
Access-Control-Allow-Credentials: true
Location: https://temperrunnersdale.com/watch.413938073587.js?key=80497e49a2c17fe3a1aff4077eee1810&kw=%5B%22search%22%2C%22-%22%2C%22torrent%22%2C%22kitty%22%5D&refer=https%3A%2F%2Fwww.torrentkitty.lol%2Fsearch%2Fsearch%2Fnaho%2520hazuki&tz=0&dev=e&res=12.1055&uuid=2a3a705c-f391-482a-9ec4-6cf258941d2e%3A1%3A1&shu=aaa3434187e5a292aaf792a8c7bc4345d2533413e10cfb8e4d1a22c263a1a30a750c2e2321f6a3401b7e8cc92aa81d9b280e3fee14d60376ceea63cc960cf33955a4232f54329793344ca9a65266ad1bc7fe64&pst=1672282911&rmtc=t
Set-Cookie: u_pl=17298897; expires=Fri, 30 Dec 2022 03:00:51 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI5ODg5NywiayI6IjgwNDk3ZTQ5YTJjMTdmZTNhMWFmZjQwNzdlZWUxODEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo4MTA0MSwicGlkIjozOTExLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE4LCJhaWQiOjMyLCJwdCI6NCwicGsiOiJ0MzhhMGF3a3oiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudG9ycmVudGtpdHR5LmxvbC9zZWFyY2gvc2VhcmNoL25haG8lMjBoYXp1a2kifX0.dylN-E1RxV3pAvlsl-7-Jr2QpNbURX8PYalLBjXLWMk; expires=Thu, 29 Dec 2022 03:01:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ab797660fcdc4e872361f2f9c9d647a3
Strict-Transport-Security: max-age=0; includeSubdomains

temperrunnersdale.com/watch.413938073587.js?key=80497e49a2c17fe3a1aff4077eee1810&kw=%5B%22search%22%2C%22-%22%2C%22torrent%22%2C%22kitty%22%5D&refer=https%3A%2F%2Fwww.torrentkitty.lol%2Fsearch%2Fsearch%2Fnaho%2520hazuki&tz=0&dev=e&res=12.1055&uuid=2a3a705c-f391-482a-9ec4-6cf258941d2e%3A1%3A1&shu=aaa3434187e5a292aaf792a8c7bc4345d2533413e10cfb8e4d1a22c263a1a30a750c2e2321f6a3401b7e8cc92aa81d9b280e3fee14d60376ceea63cc960cf33955a4232f54329793344ca9a65266ad1bc7fe64&pst=1672282911&rmtc=t

192.243.61.225

200 OK

2.1 kB

URL HTTP/1.1
temperrunnersdale.com/watch.413938073587.js?key=80497e49a2c17fe3a1aff4077eee1810&kw=%5B%22search%22%2C%22-%22%2C%22torrent%22%2C%22kitty%22%5D&refer=https%3A%2F%2Fwww.torrentkitty.lol%2Fsearch%2Fsearch%2Fnaho%2520hazuki&tz=0&dev=e&res=12.1055&uuid=2a3a705c-f391-482a-9ec4-6cf258941d2e%3A1%3A1&shu=aaa3434187e5a292aaf792a8c7bc4345d2533413e10cfb8e4d1a22c263a1a30a750c2e2321f6a3401b7e8cc92aa81d9b280e3fee14d60376ceea63cc960cf33955a4232f54329793344ca9a65266ad1bc7fe64&pst=1672282911&rmtc=t
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document, ASCII text, with very long lines (2626)
Size
2.1 kB (2075 bytes)
Hash
dfb23bd7889acc888a936428377cfb5b
1de473e403545c8cd3ea93b269268a1df6ea1ed7
89a8ddb5eac6ff1a9fad3978426d754b27b767aa7cc05ca363577612b7306df4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.413938073587.js?key=80497e49a2c17fe3a1aff4077eee1810&kw=%5B%22search%22%2C%22-%22%2C%22torrent%22%2C%22kitty%22%5D&refer=https%3A%2F%2Fwww.torrentkitty.lol%2Fsearch%2Fsearch%2Fnaho%2520hazuki&tz=0&dev=e&res=12.1055&uuid=2a3a705c-f391-482a-9ec4-6cf258941d2e%3A1%3A1&shu=aaa3434187e5a292aaf792a8c7bc4345d2533413e10cfb8e4d1a22c263a1a30a750c2e2321f6a3401b7e8cc92aa81d9b280e3fee14d60376ceea63cc960cf33955a4232f54329793344ca9a65266ad1bc7fe64&pst=1672282911&rmtc=t HTTP/1.1
Host: temperrunnersdale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Referer: https://www.torrentkitty.lol/
Connection: keep-alive
Cookie: u_pl=17298897; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI5ODg5NywiayI6IjgwNDk3ZTQ5YTJjMTdmZTNhMWFmZjQwNzdlZWUxODEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo4MTA0MSwicGlkIjozOTExLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE4LCJhaWQiOjMyLCJwdCI6NCwicGsiOiJ0MzhhMGF3a3oiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudG9ycmVudGtpdHR5LmxvbC9zZWFyY2gvc2VhcmNoL25haG8lMjBoYXp1a2kifX0.dylN-E1RxV3pAvlsl-7-Jr2QpNbURX8PYalLBjXLWMk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 29 Dec 2022 03:00:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.torrentkitty.lol
Access-Control-Allow-Origin: https://www.torrentkitty.lol
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=2a3a705c-f391-482a-9ec4-6cf258941d2e:1:1; expires=Thu, 05 Jan 2023 03:00:51 GMT; secure; SameSite=None
iprc3356a76965f67b019e873db5d5292330=3570421; expires=Thu, 29 Dec 2022 07:00:51 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 30 Dec 2022 03:00:51 GMT; secure; SameSite=None
uncs=1; expires=Fri, 30 Dec 2022 03:00:51 GMT; secure; SameSite=None
pdhtkv32=true; expires=Fri, 30 Dec 2022 03:00:51 GMT; secure; SameSite=None
uncs32=1; expires=Fri, 30 Dec 2022 03:00:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8a89ba5ba929e27d77c990b8e77ba156
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

centeredfailinghotline.com/sbar.json?key=26ca065a5fb871c74739646a26f0622b&uuid=89b88108-06e5-4229-bc2f-ec8a4a724289%3A1%3A1

192.243.59.13

200 OK

11 kB

URL HTTP/1.1
centeredfailinghotline.com/sbar.json?key=26ca065a5fb871c74739646a26f0622b&uuid=89b88108-06e5-4229-bc2f-ec8a4a724289%3A1%3A1
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , ASCII text, with very long lines (16625), with no line terminators
Size
11 kB (10709 bytes)
Hash
64669100015c6b856040e6a83e495444
e4abea502f3c966d787350e67eeccca91680a14d
d5311bb92a5a9e619b6d4e3819cfbef6116880d3c0a53fb4c340bfc1a8f2e185

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sbar.json?key=26ca065a5fb871c74739646a26f0622b&uuid=89b88108-06e5-4229-bc2f-ec8a4a724289%3A1%3A1 HTTP/1.1
Host: centeredfailinghotline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 29 Dec 2022 03:00:52 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.torrentkitty.lol
Access-Control-Allow-Origin: https://www.torrentkitty.lol
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17550729; expires=Fri, 30 Dec 2022 03:00:51 GMT; secure; SameSite=None
uid_id2=89b88108-06e5-4229-bc2f-ec8a4a724289:1:1; expires=Thu, 05 Jan 2023 03:00:51 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 30 Dec 2022 03:00:52 GMT; secure; SameSite=None
uncs=1; expires=Fri, 30 Dec 2022 03:00:52 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 30 Dec 2022 03:00:52 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 30 Dec 2022 03:00:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e7fe5d5afa3c971324035464861c992e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0932b1a9126b03fea9aaa40d83c34b1c
b0d7fe760153a0ce86449661351fa73b0da02397
53d17e0d047a116a08efa2465966948ee2ebeefa3cfaea93ebf47d4c681c6d97

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "53D17E0D047A116A08EFA2465966948EE2EBEEFA3CFAEA93EBF47D4C681C6D97"
Last-Modified: Tue, 27 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1989
Expires: Thu, 29 Dec 2022 03:34:01 GMT
Date: Thu, 29 Dec 2022 03:00:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2792e3b03c1a8a283e7207184073aa4b
028f22d0c8e50bedc31ab33d19d1edda79746dfc
6682b021cb244063d6ea14474e5743b62f1e1d61559f0a7111ff4fec621f7676

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6682B021CB244063D6EA14474E5743B62F1E1D61559F0A7111FF4FEC621F7676"
Last-Modified: Tue, 27 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4693
Expires: Thu, 29 Dec 2022 04:19:05 GMT
Date: Thu, 29 Dec 2022 03:00:52 GMT
Connection: keep-alive

cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg

45.133.44.10

200 OK

25 kB

URL HTTP/2
cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg
IP
45.133.44.10:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, baseline, precision 8, 320x50, components 3\012- data
Size
25 kB (24714 bytes)
Hash
d465d02b90e928dfd9d9846e102a9dac
22f7333777bec813bd9a7b870913a2b79b6d2fe4
e393d4f1c6b5d4973e157f0f10764b92037dc18239500f42b72bed8ecef462fd

HTTP Headers

GET /cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:52 GMT
content-type: image/jpeg
content-length: 24714
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 14:06:18 GMT
etag: "62e1465a-608a"
expires: Sat, 31 Dec 2022 03:00:52 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

centeredfailinghotline.com/ren.gif?sid=H4sIAAAAAAAC%2F3RWTagkWVbOrGlBnIXYuFEQHvPsQcF8eeMvI6LbocjIjMz4yZ%2BI%2FH2ZFKY3Im5k3Mz4y%2FjPWA2OyLgQqlcjuHl1q3vacUbHFsSVIK%2FdSCHY5UKrwRZBXOsIriVflfQI3YeIuOfGuYtz7vd9h%2FN7z%2FLPG4Dk8JUxjmrs%2B7DN3YCrX1vj0InK9GqyuKLADXjvao3DDvveVXX5JMW7FOBuwK9fDZF9jNo0oACgAHU1wAlyo6r9ECU4%2FpFI3YjghqVvKI4lVfL%2F92neJClsEqf4vPE2wc7Ln%2FH%2B7mOC7XsSBn%2FeR%2Bkxi%2BLfkIPch1mUkML5aBkew6gMSfCF6yZN4oYfvTlNovRlo%2FGHj0gUfvSmAhIVH1wqIBZ%2B2Wj%2BE0Ws8KM3aRKr%2BPB1ppZPUEgs5%2BukLO4J8u8JhvfEjr5DsPNpgxDbIZMpCYPvT6KkhOfXUXiJvmy89T%2F%2FTXD5svHWv%2FwiCYM%2Fk3xcXc0jP89wFKakcu8Iru4J3t%2BTOP%2BEZHWT4PITYme%2FQ7DTIGFwR7Dz6lcF0RIECggt0EFci6VpsWXZtNtCtgBZyNMsLYgPV4PxPcHuPfHRUwLTJskvL26S3G2SPG6SwHl1BTnRBYB3LZdhBNa2bYaxbU7oOJzDsIILSG5fcn9Ksvgpsf2nxE6%2BTeLk2%2BSI3%2F%2BUe5sk%2Bd%2BQ1LsjqdMkadYghXNHStQgZdogJWyQEjdImTVIWdx96Pgpnd593%2FHT3KLerPSblbl7HmX7Z%2FDDKNujsPEs%2FrzxC5c7a37973%2BfHNGrK7pjQ9DhIOdaAk%2FZPMszYoftQLrjgg5NWyTFdwSnjx4qrS8A%2Fub7JMaf%2FvyQWPCepP49sfHbBOa%2FQmD5nKcBgd5zVgCkDn%2BcRUmCwuyIs%2Bx8kxXEie5InL1FsnPzmf9545cewGO%2B%2BROC7BeP%2F%2BJ7%2F0b%2F5W%2F9hNjJHYmTO3LAf9sge%2F%2B7z2dR2fhgFpVp4%2BNpnOEA1%2FAC7DyDGWr8iY7OZZQ4aj99%2BoOufQlc3B8tUJqNYOjgcJ82fihhx0HJIEps1PhrNV0jy8hTT8qTMI9HRm%2BgBnGC0hRH4T2B%2BFNrRWz8svGzn%2FzcA2V%2F2fkjgpNPSJJ%2F1vwvL8vid9tt6KDK9mC4R3uYoRs7CtpO1LZvYi9%2BnGYwgNm3gnf43jv05dkzOj3B2yQaLhlJE4cKcGRHMZjKuAE8fIfuFUshu915vQ3gxSPr57YHh%2BPT9JYdaZk6lpK9neqY5avx3EnDoj8v0Kqk1jszP1OnXrgyULqsd%2Bv55lCPtPlJT3sr0XSGk9Z2YEL2GFWBsj2vprLV8Vrm4DSrfavsLm636xM%2Br8zOnMMZVjmrjjcJpzJTYbWjKdjHrmXO56VvRHKxuM3Ts5CcZ1NvMJD9wGS7taYttqNpa091hgJNqdXpduMA5jxTF9XZmW01qC344xTo3bWSKpJ%2BW2Rn1AqzNQxXeq3ejk2QDffKsLesWUdJmECAlsJsoYIPSF8myurg3K7UzDxwZqFOC48ZqS4vLsFk4EmnUjunp75dbzs7cYoCl9%2BzHZ0DreMuP9Lieh1ZarzmmVq2DuloDVWjUMKDMhqO6Enat1DMrtUqbKE5lXnSYsUrQXDSl7QctjjkzY3Ixrdp3n0NHgnyF4%2F%2Fs%2FFgBEf3xI5%2F9%2BPra2M6X0jdnr5bzkbz6%2BvPHv3zNx6o8aT95EvIcflXPWlHMQqTzHrSpp%2B0Sxx%2BOVvKg3MQGXn9wBau9dNsoYDwDt3zJucZ7axVW%2B535oPFpk%2FpPf7AViPF4XYbwzkdQVwXY5rrS2JYDipfMlimpa82sm35cagOJ7d21wsdnVltujVSRn4Qp93uIIrhBhaHTT4fHRjEcXo3m%2Fa7I6133E5GHnSGoTxIrN0G%2B2PJS0ZbXue5HrudTU%2Fa1ptrdN3rJQN5voiRVCWjliGiVJEpfgaMZbxis6C1HeRluu2aE7TJQM%2FtcEMqySdHQ4sSxYuj2DssWbThboXTahVq9dQ5CHnJysPzbpxOWY0Z3xb9A4UUnj8hmEywzzvJaYyU023i9MN6os%2BUItsMJrHrecLclCXrePQkfZ6uWbxLfWOU0cx2RZlGTsncmBqPcC8LJHcGN0qZcfPDzC8XGLLFaaloZ2htzO3Q5YIhPqVLOfcOpmPsotPRWAJL2Co9pbU%2FHQcnKeyqyWRmb3X5tBxY3oYK%2B5BfxYU2Yrf1wDCi4bKMB%2FEeMSqmy1Y%2FZJdUtxRGVGIypoe0YB4FwZGVA6RLBUq0zR6dIq%2FK6glXJWVkKYkhLNHYw%2Ftoty7lni5Art5IPZvh5T5olePTTAbKZkTrvrKvoeZvPJgvbG6o7sW1fVrs1dSZKuqgCn1vtzOpcZrX7GgmrKA91HhfAlU8HZ%2FL1%2BT7JnSqXZxgG30L3ACe7jDf%2BOPra7U3nVxfv%2FrtC8PTd9ttO0lQHD10PVRlFgzbDOiItABo0LYTBDNcoLRNMxxLA55tczxknQ4NaCQwLqQtAQCxYyHHQVyH411nx3dYcBOH%2Bx9cXy%2FUxUi%2Bvv7hBCHnCl6tjMnjH19f9%2BV5b6YaC%2FWSx1%2F1oiCGCbrKPHRloTS7nLq5uSFp%2FKLxxkgaNUjif7G34iYp888e%2FcNXN3DoVP%2Bn0Db91fo0D1pLxDr9JfpkkHPp5p3FWM64%2Frju56Lr2ag%2FKCjVDeX9dhi7w5bGMUZVb0wQl9wYyYUUupnp82Jv5joUNeuaHhVSSDHLPh7P8go7PV%2BiQdjJRNUS1zSod2EpubDbQTjWTpnuDnfmcsMlqRFJuhlUxsq0VdxdeawmHZalGYlJKfdlE4ozZ6BwiB%2BO7TMwHLuPh2uPEhGHam%2B7E5YHsDL5up7Iqw0AE%2F5cjKrScG1VXAkSEm7LjFm3lplMj3fK5LTnUhirFFBrYbtrIaeFVlKY4RINEn%2Bv70aIT6aSh8EsToqjkTN%2BNGcn6Xy1memsOtyVPSu%2B1ac%2BFqOlXmecAoZRMFhs%2B265XJhYGubRZCDOcko75iZ3jEqjUEdeeZzzvbEF4Xjf3e4n7uZot2QHLnaScwpFagqc%2FQKotd%2FtplsqkxNRG2exyQpnHS9UPomXEj5ySh8c172eY%2BcnTp3PTCaVMy3TCiHUhvKsiKZCFc3jI5%2FnRsbQLW0%2F1%2Bo0mUZiuiw1%2BxhO9ljpSp3dqa7cgznjVygNBbpT0dIsSMA4WzNneKi6zi21XIin7XDbx8sdr69nUuCVhq4X9RrMTc6YslVOrYuZcOZPxX6E1MW%2BNEPUqheRYgJjNWFUbtmV9XzNBPFX6vN5QltfTE8%2BftkQ%2F%2BNrxEcvHn%2FvD6b%2F%2Bp6zJdC6Iyn6KSl84T9Lv0v2SZPA7DsPc3CR3JHCvyPQf0rS%2FGvPszh58fgfmQcjlt98bvlJ8wPLT%2Fz3X09uKX51hTgXuAjQyHJFy%2BUhcESXFS0oUoi3OEiRLH1p%2F%2Bmjf%2F9fAAAA%2F%2F8BAAD%2F%2Fw%2BfCEzpDAAA

192.243.59.13

200 OK

7 B

URL HTTP/1.1
centeredfailinghotline.com/ren.gif?sid=H4sIAAAAAAAC%2F3RWTagkWVbOrGlBnIXYuFEQHvPsQcF8eeMvI6LbocjIjMz4yZ%2BI%2FH2ZFKY3Im5k3Mz4y%2FjPWA2OyLgQqlcjuHl1q3vacUbHFsSVIK%2FdSCHY5UKrwRZBXOsIriVflfQI3YeIuOfGuYtz7vd9h%2FN7z%2FLPG4Dk8JUxjmrs%2B7DN3YCrX1vj0InK9GqyuKLADXjvao3DDvveVXX5JMW7FOBuwK9fDZF9jNo0oACgAHU1wAlyo6r9ECU4%2FpFI3YjghqVvKI4lVfL%2F92neJClsEqf4vPE2wc7Ln%2FH%2B7mOC7XsSBn%2FeR%2Bkxi%2BLfkIPch1mUkML5aBkew6gMSfCF6yZN4oYfvTlNovRlo%2FGHj0gUfvSmAhIVH1wqIBZ%2B2Wj%2BE0Ws8KM3aRKr%2BPB1ppZPUEgs5%2BukLO4J8u8JhvfEjr5DsPNpgxDbIZMpCYPvT6KkhOfXUXiJvmy89T%2F%2FTXD5svHWv%2FwiCYM%2Fk3xcXc0jP89wFKakcu8Iru4J3t%2BTOP%2BEZHWT4PITYme%2FQ7DTIGFwR7Dz6lcF0RIECggt0EFci6VpsWXZtNtCtgBZyNMsLYgPV4PxPcHuPfHRUwLTJskvL26S3G2SPG6SwHl1BTnRBYB3LZdhBNa2bYaxbU7oOJzDsIILSG5fcn9Ksvgpsf2nxE6%2BTeLk2%2BSI3%2F%2BUe5sk%2Bd%2BQ1LsjqdMkadYghXNHStQgZdogJWyQEjdImTVIWdx96Pgpnd593%2FHT3KLerPSblbl7HmX7Z%2FDDKNujsPEs%2FrzxC5c7a37973%2BfHNGrK7pjQ9DhIOdaAk%2FZPMszYoftQLrjgg5NWyTFdwSnjx4qrS8A%2Fub7JMaf%2FvyQWPCepP49sfHbBOa%2FQmD5nKcBgd5zVgCkDn%2BcRUmCwuyIs%2Bx8kxXEie5InL1FsnPzmf9545cewGO%2B%2BROC7BeP%2F%2BJ7%2F0b%2F5W%2F9hNjJHYmTO3LAf9sge%2F%2B7z2dR2fhgFpVp4%2BNpnOEA1%2FAC7DyDGWr8iY7OZZQ4aj99%2BoOufQlc3B8tUJqNYOjgcJ82fihhx0HJIEps1PhrNV0jy8hTT8qTMI9HRm%2BgBnGC0hRH4T2B%2BFNrRWz8svGzn%2FzcA2V%2F2fkjgpNPSJJ%2F1vwvL8vid9tt6KDK9mC4R3uYoRs7CtpO1LZvYi9%2BnGYwgNm3gnf43jv05dkzOj3B2yQaLhlJE4cKcGRHMZjKuAE8fIfuFUshu915vQ3gxSPr57YHh%2BPT9JYdaZk6lpK9neqY5avx3EnDoj8v0Kqk1jszP1OnXrgyULqsd%2Bv55lCPtPlJT3sr0XSGk9Z2YEL2GFWBsj2vprLV8Vrm4DSrfavsLm636xM%2Br8zOnMMZVjmrjjcJpzJTYbWjKdjHrmXO56VvRHKxuM3Ts5CcZ1NvMJD9wGS7taYttqNpa091hgJNqdXpduMA5jxTF9XZmW01qC344xTo3bWSKpJ%2BW2Rn1AqzNQxXeq3ejk2QDffKsLesWUdJmECAlsJsoYIPSF8myurg3K7UzDxwZqFOC48ZqS4vLsFk4EmnUjunp75dbzs7cYoCl9%2BzHZ0DreMuP9Lieh1ZarzmmVq2DuloDVWjUMKDMhqO6Enat1DMrtUqbKE5lXnSYsUrQXDSl7QctjjkzY3Ixrdp3n0NHgnyF4%2F%2Fs%2FFgBEf3xI5%2F9%2BPra2M6X0jdnr5bzkbz6%2BvPHv3zNx6o8aT95EvIcflXPWlHMQqTzHrSpp%2B0Sxx%2BOVvKg3MQGXn9wBau9dNsoYDwDt3zJucZ7axVW%2B535oPFpk%2FpPf7AViPF4XYbwzkdQVwXY5rrS2JYDipfMlimpa82sm35cagOJ7d21wsdnVltujVSRn4Qp93uIIrhBhaHTT4fHRjEcXo3m%2Fa7I6133E5GHnSGoTxIrN0G%2B2PJS0ZbXue5HrudTU%2Fa1ptrdN3rJQN5voiRVCWjliGiVJEpfgaMZbxis6C1HeRluu2aE7TJQM%2FtcEMqySdHQ4sSxYuj2DssWbThboXTahVq9dQ5CHnJysPzbpxOWY0Z3xb9A4UUnj8hmEywzzvJaYyU023i9MN6os%2BUItsMJrHrecLclCXrePQkfZ6uWbxLfWOU0cx2RZlGTsncmBqPcC8LJHcGN0qZcfPDzC8XGLLFaaloZ2htzO3Q5YIhPqVLOfcOpmPsotPRWAJL2Co9pbU%2FHQcnKeyqyWRmb3X5tBxY3oYK%2B5BfxYU2Yrf1wDCi4bKMB%2FEeMSqmy1Y%2FZJdUtxRGVGIypoe0YB4FwZGVA6RLBUq0zR6dIq%2FK6glXJWVkKYkhLNHYw%2Ftoty7lni5Art5IPZvh5T5olePTTAbKZkTrvrKvoeZvPJgvbG6o7sW1fVrs1dSZKuqgCn1vtzOpcZrX7GgmrKA91HhfAlU8HZ%2FL1%2BT7JnSqXZxgG30L3ACe7jDf%2BOPra7U3nVxfv%2FrtC8PTd9ttO0lQHD10PVRlFgzbDOiItABo0LYTBDNcoLRNMxxLA55tczxknQ4NaCQwLqQtAQCxYyHHQVyH411nx3dYcBOH%2Bx9cXy%2FUxUi%2Bvv7hBCHnCl6tjMnjH19f9%2BV5b6YaC%2FWSx1%2F1oiCGCbrKPHRloTS7nLq5uSFp%2FKLxxkgaNUjif7G34iYp888e%2FcNXN3DoVP%2Bn0Db91fo0D1pLxDr9JfpkkHPp5p3FWM64%2Frju56Lr2ag%2FKCjVDeX9dhi7w5bGMUZVb0wQl9wYyYUUupnp82Jv5joUNeuaHhVSSDHLPh7P8go7PV%2BiQdjJRNUS1zSod2EpubDbQTjWTpnuDnfmcsMlqRFJuhlUxsq0VdxdeawmHZalGYlJKfdlE4ozZ6BwiB%2BO7TMwHLuPh2uPEhGHam%2B7E5YHsDL5up7Iqw0AE%2F5cjKrScG1VXAkSEm7LjFm3lplMj3fK5LTnUhirFFBrYbtrIaeFVlKY4RINEn%2Bv70aIT6aSh8EsToqjkTN%2BNGcn6Xy1memsOtyVPSu%2B1ac%2BFqOlXmecAoZRMFhs%2B265XJhYGubRZCDOcko75iZ3jEqjUEdeeZzzvbEF4Xjf3e4n7uZot2QHLnaScwpFagqc%2FQKotd%2FtplsqkxNRG2exyQpnHS9UPomXEj5ySh8c172eY%2BcnTp3PTCaVMy3TCiHUhvKsiKZCFc3jI5%2FnRsbQLW0%2F1%2Bo0mUZiuiw1%2BxhO9ljpSp3dqa7cgznjVygNBbpT0dIsSMA4WzNneKi6zi21XIin7XDbx8sdr69nUuCVhq4X9RrMTc6YslVOrYuZcOZPxX6E1MW%2BNEPUqheRYgJjNWFUbtmV9XzNBPFX6vN5QltfTE8%2BftkQ%2F%2BNrxEcvHn%2FvD6b%2F%2Bp6zJdC6Iyn6KSl84T9Lv0v2SZPA7DsPc3CR3JHCvyPQf0rS%2FGvPszh58fgfmQcjlt98bvlJ8wPLT%2Fz3X09uKX51hTgXuAjQyHJFy%2BUhcESXFS0oUoi3OEiRLH1p%2F%2Bmjf%2F9fAAAA%2F%2F8BAAD%2F%2Fw%2BfCEzpDAAA
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F3RWTagkWVbOrGlBnIXYuFEQHvPsQcF8eeMvI6LbocjIjMz4yZ%2BI%2FH2ZFKY3Im5k3Mz4y%2FjPWA2OyLgQqlcjuHl1q3vacUbHFsSVIK%2FdSCHY5UKrwRZBXOsIriVflfQI3YeIuOfGuYtz7vd9h%2FN7z%2FLPG4Dk8JUxjmrs%2B7DN3YCrX1vj0InK9GqyuKLADXjvao3DDvveVXX5JMW7FOBuwK9fDZF9jNo0oACgAHU1wAlyo6r9ECU4%2FpFI3YjghqVvKI4lVfL%2F92neJClsEqf4vPE2wc7Ln%2FH%2B7mOC7XsSBn%2FeR%2Bkxi%2BLfkIPch1mUkML5aBkew6gMSfCF6yZN4oYfvTlNovRlo%2FGHj0gUfvSmAhIVH1wqIBZ%2B2Wj%2BE0Ws8KM3aRKr%2BPB1ppZPUEgs5%2BukLO4J8u8JhvfEjr5DsPNpgxDbIZMpCYPvT6KkhOfXUXiJvmy89T%2F%2FTXD5svHWv%2FwiCYM%2Fk3xcXc0jP89wFKakcu8Iru4J3t%2BTOP%2BEZHWT4PITYme%2FQ7DTIGFwR7Dz6lcF0RIECggt0EFci6VpsWXZtNtCtgBZyNMsLYgPV4PxPcHuPfHRUwLTJskvL26S3G2SPG6SwHl1BTnRBYB3LZdhBNa2bYaxbU7oOJzDsIILSG5fcn9Ksvgpsf2nxE6%2BTeLk2%2BSI3%2F%2BUe5sk%2Bd%2BQ1LsjqdMkadYghXNHStQgZdogJWyQEjdImTVIWdx96Pgpnd593%2FHT3KLerPSblbl7HmX7Z%2FDDKNujsPEs%2FrzxC5c7a37973%2BfHNGrK7pjQ9DhIOdaAk%2FZPMszYoftQLrjgg5NWyTFdwSnjx4qrS8A%2Fub7JMaf%2FvyQWPCepP49sfHbBOa%2FQmD5nKcBgd5zVgCkDn%2BcRUmCwuyIs%2Bx8kxXEie5InL1FsnPzmf9545cewGO%2B%2BROC7BeP%2F%2BJ7%2F0b%2F5W%2F9hNjJHYmTO3LAf9sge%2F%2B7z2dR2fhgFpVp4%2BNpnOEA1%2FAC7DyDGWr8iY7OZZQ4aj99%2BoOufQlc3B8tUJqNYOjgcJ82fihhx0HJIEps1PhrNV0jy8hTT8qTMI9HRm%2BgBnGC0hRH4T2B%2BFNrRWz8svGzn%2FzcA2V%2F2fkjgpNPSJJ%2F1vwvL8vid9tt6KDK9mC4R3uYoRs7CtpO1LZvYi9%2BnGYwgNm3gnf43jv05dkzOj3B2yQaLhlJE4cKcGRHMZjKuAE8fIfuFUshu915vQ3gxSPr57YHh%2BPT9JYdaZk6lpK9neqY5avx3EnDoj8v0Kqk1jszP1OnXrgyULqsd%2Bv55lCPtPlJT3sr0XSGk9Z2YEL2GFWBsj2vprLV8Vrm4DSrfavsLm636xM%2Br8zOnMMZVjmrjjcJpzJTYbWjKdjHrmXO56VvRHKxuM3Ts5CcZ1NvMJD9wGS7taYttqNpa091hgJNqdXpduMA5jxTF9XZmW01qC344xTo3bWSKpJ%2BW2Rn1AqzNQxXeq3ejk2QDffKsLesWUdJmECAlsJsoYIPSF8myurg3K7UzDxwZqFOC48ZqS4vLsFk4EmnUjunp75dbzs7cYoCl9%2BzHZ0DreMuP9Lieh1ZarzmmVq2DuloDVWjUMKDMhqO6Enat1DMrtUqbKE5lXnSYsUrQXDSl7QctjjkzY3Ixrdp3n0NHgnyF4%2F%2Fs%2FFgBEf3xI5%2F9%2BPra2M6X0jdnr5bzkbz6%2BvPHv3zNx6o8aT95EvIcflXPWlHMQqTzHrSpp%2B0Sxx%2BOVvKg3MQGXn9wBau9dNsoYDwDt3zJucZ7axVW%2B535oPFpk%2FpPf7AViPF4XYbwzkdQVwXY5rrS2JYDipfMlimpa82sm35cagOJ7d21wsdnVltujVSRn4Qp93uIIrhBhaHTT4fHRjEcXo3m%2Fa7I6133E5GHnSGoTxIrN0G%2B2PJS0ZbXue5HrudTU%2Fa1ptrdN3rJQN5voiRVCWjliGiVJEpfgaMZbxis6C1HeRluu2aE7TJQM%2FtcEMqySdHQ4sSxYuj2DssWbThboXTahVq9dQ5CHnJysPzbpxOWY0Z3xb9A4UUnj8hmEywzzvJaYyU023i9MN6os%2BUItsMJrHrecLclCXrePQkfZ6uWbxLfWOU0cx2RZlGTsncmBqPcC8LJHcGN0qZcfPDzC8XGLLFaaloZ2htzO3Q5YIhPqVLOfcOpmPsotPRWAJL2Co9pbU%2FHQcnKeyqyWRmb3X5tBxY3oYK%2B5BfxYU2Yrf1wDCi4bKMB%2FEeMSqmy1Y%2FZJdUtxRGVGIypoe0YB4FwZGVA6RLBUq0zR6dIq%2FK6glXJWVkKYkhLNHYw%2Ftoty7lni5Art5IPZvh5T5olePTTAbKZkTrvrKvoeZvPJgvbG6o7sW1fVrs1dSZKuqgCn1vtzOpcZrX7GgmrKA91HhfAlU8HZ%2FL1%2BT7JnSqXZxgG30L3ACe7jDf%2BOPra7U3nVxfv%2FrtC8PTd9ttO0lQHD10PVRlFgzbDOiItABo0LYTBDNcoLRNMxxLA55tczxknQ4NaCQwLqQtAQCxYyHHQVyH411nx3dYcBOH%2Bx9cXy%2FUxUi%2Bvv7hBCHnCl6tjMnjH19f9%2BV5b6YaC%2FWSx1%2F1oiCGCbrKPHRloTS7nLq5uSFp%2FKLxxkgaNUjif7G34iYp888e%2FcNXN3DoVP%2Bn0Db91fo0D1pLxDr9JfpkkHPp5p3FWM64%2Frju56Lr2ag%2FKCjVDeX9dhi7w5bGMUZVb0wQl9wYyYUUupnp82Jv5joUNeuaHhVSSDHLPh7P8go7PV%2BiQdjJRNUS1zSod2EpubDbQTjWTpnuDnfmcsMlqRFJuhlUxsq0VdxdeawmHZalGYlJKfdlE4ozZ6BwiB%2BO7TMwHLuPh2uPEhGHam%2B7E5YHsDL5up7Iqw0AE%2F5cjKrScG1VXAkSEm7LjFm3lplMj3fK5LTnUhirFFBrYbtrIaeFVlKY4RINEn%2Bv70aIT6aSh8EsToqjkTN%2BNGcn6Xy1memsOtyVPSu%2B1ac%2BFqOlXmecAoZRMFhs%2B265XJhYGubRZCDOcko75iZ3jEqjUEdeeZzzvbEF4Xjf3e4n7uZot2QHLnaScwpFagqc%2FQKotd%2FtplsqkxNRG2exyQpnHS9UPomXEj5ySh8c172eY%2BcnTp3PTCaVMy3TCiHUhvKsiKZCFc3jI5%2FnRsbQLW0%2F1%2Bo0mUZiuiw1%2BxhO9ljpSp3dqa7cgznjVygNBbpT0dIsSMA4WzNneKi6zi21XIin7XDbx8sdr69nUuCVhq4X9RrMTc6YslVOrYuZcOZPxX6E1MW%2BNEPUqheRYgJjNWFUbtmV9XzNBPFX6vN5QltfTE8%2BftkQ%2F%2BNrxEcvHn%2FvD6b%2F%2Bp6zJdC6Iyn6KSl84T9Lv0v2SZPA7DsPc3CR3JHCvyPQf0rS%2FGvPszh58fgfmQcjlt98bvlJ8wPLT%2Fz3X09uKX51hTgXuAjQyHJFy%2BUhcESXFS0oUoi3OEiRLH1p%2F%2Bmjf%2F9fAAAA%2F%2F8BAAD%2F%2Fw%2BfCEzpDAAA HTTP/1.1
Host: centeredfailinghotline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Cookie: u_pl=17550729; uid_id2=89b88108-06e5-4229-bc2f-ec8a4a724289:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 29 Dec 2022 03:00:52 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 553cb2c5f051acd13a41f42b293ed16e
Strict-Transport-Security: max-age=0; includeSubdomains

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
f06ab215397bc35b186de07d378dc747
5d95d40b3e93b3930b98406e1251c70ff0041fa2
ed4a82f1419f3142a7e8ed6b2056d5cd5c3617acd1745250fbf901c873fa84e8

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "ED4A82F1419F3142A7E8ED6B2056D5CD5C3617ACD1745250FBF901C873FA84E8"
Last-Modified: Tue, 27 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18554
Expires: Thu, 29 Dec 2022 08:10:06 GMT
Date: Thu, 29 Dec 2022 03:00:52 GMT
Connection: keep-alive

cdn.creative-bars1.com/sb/notifications/rtb/windows/2/img/number.png

172.64.109.13

200 OK

1.1 kB

URL HTTP/2
cdn.creative-bars1.com/sb/notifications/rtb/windows/2/img/number.png
IP
172.64.109.13:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1138 bytes)
Hash
9e4414e85c588bf7db195e49c02ab2bb
09254e79b255f1b2dfe45adbbe44583a4b433782
0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762

HTTP Headers

GET /sb/notifications/rtb/windows/2/img/number.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:52 GMT
content-type: image/png
content-length: 1138
last-modified: Mon, 17 May 2021 11:56:20 GMT
etag: "60a259e4-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 3762410
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhrB5eQuIDxTf%2B50UQrYcMKFwDSd6Cj1jLWj77yzhk28J7WgHjk0u7oiUttayDhqw00%2B6WqS9GJg2diEOvRzkvlfTbw1RAHVn9mpighpeiyXuwnTvkMC55lBLKKQ47FxXp1gggxcg3wu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 780f49b389ba7744-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
794630798ece5fdc7622c5736cfc8c4c
b88d8c63c8c85072202fb76e4106789df8394ff3
aa8225bea6518ce7a35b1dcdd5ae62b217b5720d9d9143f9ae4360e8614c0c18

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 03:00:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
3e9fa1ca4dc5ca7d57295815bdb5a6bf
b61d07ece5d11b6a53a04dee338bee57644a2a63
a96e007c184478cfdd921cdd38e48cac79696d0768914af8b0d4af19fa36c255

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2877
Cache-Control: max-age=136799
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 03:00:52 GMT
Etag: "63ac6b07-117"
Expires: Fri, 30 Dec 2022 17:00:51 GMT
Last-Modified: Wed, 28 Dec 2022 16:12:55 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

cdn.barscreative1.com/sb/notifications/rtb/windows/2/index.html

45.133.44.4

200 OK

449 B

URL HTTP/2
cdn.barscreative1.com/sb/notifications/rtb/windows/2/index.html
IP
45.133.44.4:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document, ASCII text
Size
449 B (449 bytes)
Hash
2bf6314ac8fe23cf9f7c15857bf0ee4d
9ee372c110736ce2dc9ba7856ae279d8106f4745
aa7456703f73b27bb4e9f5bcd828a04fa38d12b1285c3f009051bb20689cae52

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sb/notifications/rtb/windows/2/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:52 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Mon, 17 May 2021 11:56:17 GMT
etag: W/"60a259e1-4b7"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Thu, 29 Dec 2022 04:00:52 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
f06ab215397bc35b186de07d378dc747
5d95d40b3e93b3930b98406e1251c70ff0041fa2
ed4a82f1419f3142a7e8ed6b2056d5cd5c3617acd1745250fbf901c873fa84e8

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "ED4A82F1419F3142A7E8ED6B2056D5CD5C3617ACD1745250FBF901C873FA84E8"
Last-Modified: Tue, 27 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18554
Expires: Thu, 29 Dec 2022 08:10:06 GMT
Date: Thu, 29 Dec 2022 03:00:52 GMT
Connection: keep-alive

cdn.creative-bars1.com/sb/notifications/rtb/windows/2/img/close.png

172.64.109.13

200 OK

6.3 kB

URL HTTP/2
cdn.creative-bars1.com/sb/notifications/rtb/windows/2/img/close.png
IP
172.64.109.13:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 500 x 500, 8-bit gray+alpha, non-interlaced\012- data
Size
6.3 kB (6318 bytes)
Hash
fa3847143b5b8c7823d091ca8e88289f
eb32235cc1d642145643b4a218742564df1db6d9
a78f358b462449955b39bd7957586ab99c75c8ab453975f4789e72d55d921cea

HTTP Headers

GET /sb/notifications/rtb/windows/2/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:52 GMT
content-type: image/png
content-length: 6318
last-modified: Mon, 17 May 2021 11:56:20 GMT
etag: "60a259e4-18ae"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 3762543
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9L9aUoV4s9IaWVs75MLhRSQG6IZgPzHgOH2rakm5iIqoTFOfXUqt9vJ3B%2FWnwU0SvhhhJH%2F1O%2BAx1zZ3UBSAN5NtqXUk0nYcfJ43ay2QaqkcEjxbgPsCDCgkp8UU23K9r%2BCgJ0B57CK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 780f49b3fd71745f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
794630798ece5fdc7622c5736cfc8c4c
b88d8c63c8c85072202fb76e4106789df8394ff3
aa8225bea6518ce7a35b1dcdd5ae62b217b5720d9d9143f9ae4360e8614c0c18

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 03:00:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
3e9fa1ca4dc5ca7d57295815bdb5a6bf
b61d07ece5d11b6a53a04dee338bee57644a2a63
a96e007c184478cfdd921cdd38e48cac79696d0768914af8b0d4af19fa36c255

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2877
Cache-Control: max-age=136799
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 03:00:52 GMT
Etag: "63ac6b07-117"
Expires: Fri, 30 Dec 2022 17:00:51 GMT
Last-Modified: Wed, 28 Dec 2022 16:12:55 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

adexchangegate.com/adx/openrtb/2/win.php?stamat=m%7C%2C%2Cwjdj93EWoGU3B5-GH0dEdHP3xP.108%2ChNyR2dWIcED6SFTYD1KC7j4xLHd5_YPdqk0pzvM25DB9nwFxlBP43-KVYEcblpnIGNXcAhndK3VYAzeHLlmpsAAFopaYavjYuSLj3e55KAtODALJCkZNLhadGnEFrb_YilMBhrLZ7K75C4ZROqJZhSJ2zCCrFESTpeBxrL-P9esHE17R0PUpV4tm-ZFuwsZAQNeYt0Cf65G1ruNkPJorHhpophjU4eY5X8qVVnJzOdj8uw4EGy_MsO4J3MXvDj1eH77qearNil7drqMeHqXrdDnzNKRHvtYFNpfhh8SQEBbkkhBKSsW4i_slPLt23ZV1QPu1E5M1MLiCtmBfRaYHwt5SjRlwTia4vqUHJyabYQZGf5mGiqsUEuhjQdP_oqkPU0b8ZHCH-gqkFqBnAIrNRcZKEqUFbhY1nDa7VpvJL4ZzFPPoGUwpFpge3Ii2w-Dn4U1Aw8L1rQ3QheJmSommk4EmeKBverJYgeqohxtzN5xrwobHrP8UeMhigo_WwECK8a5zYBCc37ED0-wMqRE0HYL2KlHgzaJlYhauTc5GIg9WcqTgIsdOHIFxnlh__Q1Msuz4LR8VacGJ7lB0xpOMyw%2C%2C&adx_price=0.07263

35.208.56.33

204 No Content

0 B

URL HTTP/1.1
adexchangegate.com/adx/openrtb/2/win.php?stamat=m%7C%2C%2Cwjdj93EWoGU3B5-GH0dEdHP3xP.108%2ChNyR2dWIcED6SFTYD1KC7j4xLHd5_YPdqk0pzvM25DB9nwFxlBP43-KVYEcblpnIGNXcAhndK3VYAzeHLlmpsAAFopaYavjYuSLj3e55KAtODALJCkZNLhadGnEFrb_YilMBhrLZ7K75C4ZROqJZhSJ2zCCrFESTpeBxrL-P9esHE17R0PUpV4tm-ZFuwsZAQNeYt0Cf65G1ruNkPJorHhpophjU4eY5X8qVVnJzOdj8uw4EGy_MsO4J3MXvDj1eH77qearNil7drqMeHqXrdDnzNKRHvtYFNpfhh8SQEBbkkhBKSsW4i_slPLt23ZV1QPu1E5M1MLiCtmBfRaYHwt5SjRlwTia4vqUHJyabYQZGf5mGiqsUEuhjQdP_oqkPU0b8ZHCH-gqkFqBnAIrNRcZKEqUFbhY1nDa7VpvJL4ZzFPPoGUwpFpge3Ii2w-Dn4U1Aw8L1rQ3QheJmSommk4EmeKBverJYgeqohxtzN5xrwobHrP8UeMhigo_WwECK8a5zYBCc37ED0-wMqRE0HYL2KlHgzaJlYhauTc5GIg9WcqTgIsdOHIFxnlh__Q1Msuz4LR8VacGJ7lB0xpOMyw%2C%2C&adx_price=0.07263
IP
35.208.56.33:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /adx/openrtb/2/win.php?stamat=m%7C%2C%2Cwjdj93EWoGU3B5-GH0dEdHP3xP.108%2ChNyR2dWIcED6SFTYD1KC7j4xLHd5_YPdqk0pzvM25DB9nwFxlBP43-KVYEcblpnIGNXcAhndK3VYAzeHLlmpsAAFopaYavjYuSLj3e55KAtODALJCkZNLhadGnEFrb_YilMBhrLZ7K75C4ZROqJZhSJ2zCCrFESTpeBxrL-P9esHE17R0PUpV4tm-ZFuwsZAQNeYt0Cf65G1ruNkPJorHhpophjU4eY5X8qVVnJzOdj8uw4EGy_MsO4J3MXvDj1eH77qearNil7drqMeHqXrdDnzNKRHvtYFNpfhh8SQEBbkkhBKSsW4i_slPLt23ZV1QPu1E5M1MLiCtmBfRaYHwt5SjRlwTia4vqUHJyabYQZGf5mGiqsUEuhjQdP_oqkPU0b8ZHCH-gqkFqBnAIrNRcZKEqUFbhY1nDa7VpvJL4ZzFPPoGUwpFpge3Ii2w-Dn4U1Aw8L1rQ3QheJmSommk4EmeKBverJYgeqohxtzN5xrwobHrP8UeMhigo_WwECK8a5zYBCc37ED0-wMqRE0HYL2KlHgzaJlYhauTc5GIg9WcqTgIsdOHIFxnlh__Q1Msuz4LR8VacGJ7lB0xpOMyw%2C%2C&adx_price=0.07263 HTTP/1.1
Host: adexchangegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 204 No Content
Server: openresty
Date: Thu, 29 Dec 2022 03:00:52 GMT
Access-Control-Allow-Origin: *
Via: 1.1 google

cdn.creative-bars1.com/sb/notifications/rtb/windows/2/css/style.css

172.64.109.13

200 OK

1.1 kB

URL HTTP/2
cdn.creative-bars1.com/sb/notifications/rtb/windows/2/css/style.css
IP
172.64.109.13:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.1 kB (1061 bytes)
Hash
a06be620e07f025e08256b634ac9ea97
8340466b40ff2ab04bc2e59f446ea047cc099088
ee7e0caf4d54468f4e3ed843a59b3b4ee9757a3527b01b3c5738947b0bdf1686

HTTP Headers

GET /sb/notifications/rtb/windows/2/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:52 GMT
content-type: text/css
last-modified: Mon, 17 May 2021 12:00:36 GMT
etag: W/"60a25ae4-fe9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1538
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iK%2BG0%2BR8KEWFIoVHw4%2B%2BJ8BFwnxiSKzRrfCByTvPCyKJpkLf4FJe3430h7cnDR%2BUV5XcOXtgH%2BHxvYUocYkEe%2B8GYLLT8xYWFW4WLHkyaXNLJQ1SdYKCirMjxhmItY%2BsSaI%2FXhZnk614"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 780f49b389c77744-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

centeredfailinghotline.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fwindows%2F2%2Fjs%2Fscript.js&l=380&fd=139

192.243.59.13

200 OK

0 B

URL HTTP/1.1
centeredfailinghotline.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fwindows%2F2%2Fjs%2Fscript.js&l=380&fd=139
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fwindows%2F2%2Fjs%2Fscript.js&l=380&fd=139 HTTP/1.1
Host: centeredfailinghotline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Cookie: u_pl=17550729; uid_id2=89b88108-06e5-4229-bc2f-ec8a4a724289:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 29 Dec 2022 03:00:52 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-bars1.com/sb/notifications/rtb/windows/2/js/script.js

172.64.109.13

200 OK

187 B

URL HTTP/2
cdn.creative-bars1.com/sb/notifications/rtb/windows/2/js/script.js
IP
172.64.109.13:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
187 B (187 bytes)
Hash
dc9027a0e57815e9853ed73731cff3e5
a31fd5257c1d4f55477fd376319249059751aeed
9359275cfd559eef33f183a2a47260e17fc4842459ca818c8e86a98d37b68ef3

HTTP Headers

GET /sb/notifications/rtb/windows/2/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:52 GMT
content-type: application/javascript
last-modified: Mon, 17 May 2021 11:56:22 GMT
etag: W/"60a259e6-17c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1538
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HifozylmbyXW9DQIG53hh%2BZ%2Bi8eOCVxuxdyclwBfTMAXzxtaSKQX8O9Wnn2TtUU3mPELP2hggETGxYRYUEGYdjMOddMvSdBgE7%2Fv%2B1oXc5tlzrqy7v2AY3rqWWZ5j3bXvWZ0trJzvmYi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 780f49b389b97744-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
107c7b24cc9711281977c9e9094da7af
18e6f30a0dbc072380e414236b2a8296e7a7f6f6
c8a97836b9b198c55753dd8e72c0ae03fe473f02f098deb2c4145b677d19be08

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 03:00:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 13:33:13 GMT
expires: Sat, 23 Dec 2023 13:33:13 GMT
cache-control: public, max-age=31536000
age: 480459
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

centeredfailinghotline.com/pixel/sbs?c=1

192.243.59.13

200 OK

0 B

URL HTTP/1.1
centeredfailinghotline.com/pixel/sbs?c=1
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: centeredfailinghotline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Cookie: u_pl=17550729; uid_id2=89b88108-06e5-4229-bc2f-ec8a4a724289:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 29 Dec 2022 03:00:52 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
107c7b24cc9711281977c9e9094da7af
18e6f30a0dbc072380e414236b2a8296e7a7f6f6
c8a97836b9b198c55753dd8e72c0ae03fe473f02f098deb2c4145b677d19be08

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 03:00:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

centeredfailinghotline.com/impr.gif?sid=H4sIAAAAAAAC%2F3RWTagkWVbOrGlBnIXYuFEQHvPsQcF8Gb8ZEd0ORUZmZMZP%2FkTk78ukML0R90bGzYy%2FjP%2BM1eCIjAuhejWCm1e3uqcdZ3RsQVwJ8tqNFIJdLrQabBHEtY7gWvJVSY%2FQfYiIe26cuzjnft93OL%2F3LP%2B8QZEcvDLHUY19H7T5G%2Brq19Y4hFGZXk0WVzR1Q713tcZhh3vvqrp8kuJdmuJvqF%2B%2FGiLnGLUZiqYomqKvBjhBblS1H6IExz%2BS6BuJuuGYG5rnSJX8%2F32aN0kKmgQWnzfeJhi%2B%2FBnv7z4m2LknYfDnfZQesyj%2BDSXIfZBFCSngR8vwGEZlSIIvXDdpEjf86M1pEqUvG40%2FfESi8KM3FZCo%2BOBSAbHxy0bzn2hihx%2B9SZPYxYevM7V9gkJiw6%2BTsrgnyL8nGNwTJ%2FoOwfDTBiEOJJMpCYPvT6KkBOfXUXCJvmy89T%2F%2FTXD5svHWv%2FwiCYM%2Fk31cXc0jP89wFKakcu8Iru4J3t%2BTOP%2BEZHWT4PIT4mS%2FQzBskDC4Ixi%2B%2BlVRskWRpsQW1UF8i2MYqWU7jNtCjgg4IDAcI0oPV4PxPcHuPfHRUwLSJskvL26S3G2SPG6SAL66ArzkUpTg2i7LipzjOCzrOLzYgTxkOdGlSO5ccn9KsvgpcfynxEm%2BTeLk2%2BSI3%2F%2BUf5sk%2Bd%2BQ1LsjKWySNGuQAt6REjVImTZICRqkxA1SZg1SFncfQj9l0rvvQz%2FNbfrNyrxZ2bvnUbZ%2FBj6Msj0KG8%2Fizxu%2FcLmz5tf%2F%2FvfJEb26YjoOoDo84F1bFGhH4ARW6nAdwHRcqsMwNknxHcHpo4dK6wuAv%2Fk%2BifGnPz8kNrgnqX9PHPw2AfmvEFA%2BFxiKAO85J1KkDn%2BcRUmCwuyIs%2Bx8kxUERnckzt4i2bn5zP%2B88UsP4LHf%2FAlBzovHf%2FG9f2P%2B8rd%2BQpzkjsTJHTngv22Qvf%2Fd57OobHwwi8q08fE0znCAa3ABdp6BDDX%2BxEDnMkqg1k%2Bf%2FqDrXAIX90cLlGYjEEIc7tPGD2UMIUoGUeKgxl9r6RrZZp56cp6EeTwyewMtiBOUpjgK7wnAn9or4uCXjZ%2F95OceKPvL8I8ITj4hSf5Z87%2B8LIvfbbcBRJXjgXCP9iBDN04UtGHUdm5iL36cZiAA2beCd4TeO8zl2bMGM8HbJBouWVmXhioFFaiabGXeUAJ4h%2BkVSzG73Xm9DSVIR87PHQ8Mx6fpLTfSM20sJ3snNTAnVOM5TMOiPy%2FQqqTXOys%2F06deuDJRuqx36%2FnmUI%2F0%2BclIeyvJgsNJazuwAHeMqkDdnldTxe54LWtwmtW%2BXXYXt9v1CZ9XVmfO4wxrvF3Hm4TX2Km42jE06GPXtubz0jcjpVjc5ulZTM6zqTcYKH5gcd1a1xfb0bS1pztDkaG16nS7gRR7nmmL6gxnWx3oC%2BE4pYzuWk1V2bgtsjNqhdkahCuj1m7HFpUN9%2Bqwt6w5qCZsIAJbZbdAxQdkLBN1dYC3Ky2zDrxVaNPCY0eaK0hLajLw5FOpn9NT36m3nZ00RYEr7LmOwVOt4y4%2FMtJ6HdlavBbYWrEP6WgNNLNQw4M6Go6YSdq3UcyttSpsoTmdefJiJahBcDKWjBK2eOTNzcjBt2nefQ0eCfIXj%2F%2Bz8WAER%2FfEiX%2F34%2BtrczpfyN2esVvORvPr688e%2FfM3HqjxpP3kS8hx%2BVc9aUcxCpPMftJmnrRLHH45W8oDPEissn5gC9%2F6abbQlPgO0%2FMm5xkD15qj9DvzwWLTp42ecOCqkQr53caEpyMV18WY4fuyFJaDypdNjm0Zq43i2H4casPJrdP1Qmiwq023RurID%2BK02x1EMdiA4rDJ56MDi3je6GbTfnek947bycgDcBgqg8TebbA%2Flr1ktBUMge9x29n0pG%2B9uc7UvV4yUOaLGMlVMmqZEkpVhRZmlLmMV1wWtLaDvEy3XWuCNhnVczv8kE7yydHUo0T14ij2DksObfhb8bRahXo9hQcxLzlleN6N0ymns%2BPbon%2BgkSoIJwSSCfYFmJzGSD3dJrAf1hNjphbZZjCJXc8T55Yi28ejJxvzdM3hXeqbo4xhtyvaMnNa4cf0eIR7WSC7M7BRy4yfH2Z%2BucCAK05LVT8De2Nthy4fDPEpXSq5d7CguYtOR3NJ2eJW7amt%2Fek4OMlhV0smM2drKKflwPY2dNgHwiou9BG3rQemGQ2XZTyI94jVMFO2%2BiG3pLulOKITi7U8pAfzKAiOnBIgQy5Qom%2F26BR5VVZP%2BCopI1tNTHGJxh7eR7t1qfQMEfD1Ru45rKD0qVY5Ps0USt2MGMNX9zXQ%2FY0H8oXDD7W9tHZOi72WwqmqDarQ93Y7ix6nec2NZuIKOENd8GWqiqfjc%2FmafN8EsNrFCXbQt6gbSmA67Df%2B%2BPpa600n19evfvvC8PTddttJEhRHD10PVZkNwjZLdSRGpBiq7SQIZLhAaZtheY6hBK7NC4CDHYZikMi6gLFFipI6NoIQ8R1ecOFO6HDUTRzuf3B9vdAWI%2BX6%2BocThOAVuFqZk8c%2Fvr7uK%2FPeTDMX2iWPv%2BpFQQwSdJV56MpGaXY5dXNzQ9L4ReONkTRqkMT%2FYm%2FHTVLmnz36h69u4ABW%2F6fQNvPV%2BrQOekvCBvMl%2BmQRvHTzzmKsZHx%2FXPdzyfUc1B8UtOaGyn47jN1hS%2BdZs6o3FhWX%2FBgphRy6meULUm%2FmQpqedS2PDmmkWmUfj2d5hWHPlxkq7GSSZktrhqp3YSm7oNtBONZPmeEOd9ZywyepGcmGFVTmynI03F15nC4flqUVSUmp9BULSDM4UHkkDMfOmTKh08fDtUdLiEe1t92JywO1soS6niirDUVNhHMxqkrTdTRpJcpIvC0zdt1aZgoz3qmT055PQazRlFaL210LwRZayWGGSzRI%2FL2xGyEhmcoepmZxUhzNnPWjOTdJ56vNzOC04a7s2fGtMfWxFC2NOuNVahgFg8W275bLhYXlYR5NBtIsp%2FVjbvHHqDQLbeSVx7nQG9sAjPfd7X7ibo5OS4FgsZPhKZToKQX3C0qr%2FW433dKZkkj6OIstTjwbeKEJSbyU8ZFX%2B9Rx3etBJz%2Fx2nxmsamS6ZleiKE%2BVGZFNBWraB4fhTw3M5Zp6fu5XqfJNJLSZak7x3Cyx2pX7uxOdeUerJmwQmkoMp2KkWdBQo2zNXsGh6oLb%2BnlQjpth9s%2BXu4EYz2TA680DaOo19Tc4s0pV%2BX0upiJZ%2BFU7EdIW%2BxLK0StehGpFmWuJqzGL7uKka%2FZIP5KfT5PGPuL6cnHLxvSf3yN%2BOjF4%2B%2F9wfRf34NbAuw7kqKfksIX%2FrP0u2SfNAnIvvMwBxfJHSn8OwL8pyTNv%2FY8i5MXj%2F%2BRfTBi%2B83ntp80P7D9xH%2F%2F9eSW4ldXPM0h0RYFB0IbOZAWGFZkKYqBkBMkREskS186f%2Fro3%2F8XAAD%2F%2FwEAAP%2F%2FG5eGqukMAAA%3D

192.243.59.13

200 OK

7 B

URL HTTP/1.1
centeredfailinghotline.com/impr.gif?sid=H4sIAAAAAAAC%2F3RWTagkWVbOrGlBnIXYuFEQHvPsQcF8Gb8ZEd0ORUZmZMZP%2FkTk78ukML0R90bGzYy%2FjP%2BM1eCIjAuhejWCm1e3uqcdZ3RsQVwJ8tqNFIJdLrQabBHEtY7gWvJVSY%2FQfYiIe26cuzjnft93OL%2F3LP%2B8QZEcvDLHUY19H7T5G%2Brq19Y4hFGZXk0WVzR1Q713tcZhh3vvqrp8kuJdmuJvqF%2B%2FGiLnGLUZiqYomqKvBjhBblS1H6IExz%2BS6BuJuuGYG5rnSJX8%2F32aN0kKmgQWnzfeJhi%2B%2FBnv7z4m2LknYfDnfZQesyj%2BDSXIfZBFCSngR8vwGEZlSIIvXDdpEjf86M1pEqUvG40%2FfESi8KM3FZCo%2BOBSAbHxy0bzn2hihx%2B9SZPYxYevM7V9gkJiw6%2BTsrgnyL8nGNwTJ%2FoOwfDTBiEOJJMpCYPvT6KkBOfXUXCJvmy89T%2F%2FTXD5svHWv%2FwiCYM%2Fk31cXc0jP89wFKakcu8Iru4J3t%2BTOP%2BEZHWT4PIT4mS%2FQzBskDC4Ixi%2B%2BlVRskWRpsQW1UF8i2MYqWU7jNtCjgg4IDAcI0oPV4PxPcHuPfHRUwLSJskvL26S3G2SPG6SAL66ArzkUpTg2i7LipzjOCzrOLzYgTxkOdGlSO5ccn9KsvgpcfynxEm%2BTeLk2%2BSI3%2F%2BUf5sk%2Bd%2BQ1LsjKWySNGuQAt6REjVImTZICRqkxA1SZg1SFncfQj9l0rvvQz%2FNbfrNyrxZ2bvnUbZ%2FBj6Msj0KG8%2Fizxu%2FcLmz5tf%2F%2FvfJEb26YjoOoDo84F1bFGhH4ARW6nAdwHRcqsMwNknxHcHpo4dK6wuAv%2Fk%2BifGnPz8kNrgnqX9PHPw2AfmvEFA%2BFxiKAO85J1KkDn%2BcRUmCwuyIs%2Bx8kxUERnckzt4i2bn5zP%2B88UsP4LHf%2FAlBzovHf%2FG9f2P%2B8rd%2BQpzkjsTJHTngv22Qvf%2Fd57OobHwwi8q08fE0znCAa3ABdp6BDDX%2BxEDnMkqg1k%2Bf%2FqDrXAIX90cLlGYjEEIc7tPGD2UMIUoGUeKgxl9r6RrZZp56cp6EeTwyewMtiBOUpjgK7wnAn9or4uCXjZ%2F95OceKPvL8I8ITj4hSf5Z87%2B8LIvfbbcBRJXjgXCP9iBDN04UtGHUdm5iL36cZiAA2beCd4TeO8zl2bMGM8HbJBouWVmXhioFFaiabGXeUAJ4h%2BkVSzG73Xm9DSVIR87PHQ8Mx6fpLTfSM20sJ3snNTAnVOM5TMOiPy%2FQqqTXOys%2F06deuDJRuqx36%2FnmUI%2F0%2BclIeyvJgsNJazuwAHeMqkDdnldTxe54LWtwmtW%2BXXYXt9v1CZ9XVmfO4wxrvF3Hm4TX2Km42jE06GPXtubz0jcjpVjc5ulZTM6zqTcYKH5gcd1a1xfb0bS1pztDkaG16nS7gRR7nmmL6gxnWx3oC%2BE4pYzuWk1V2bgtsjNqhdkahCuj1m7HFpUN9%2Bqwt6w5qCZsIAJbZbdAxQdkLBN1dYC3Ky2zDrxVaNPCY0eaK0hLajLw5FOpn9NT36m3nZ00RYEr7LmOwVOt4y4%2FMtJ6HdlavBbYWrEP6WgNNLNQw4M6Go6YSdq3UcyttSpsoTmdefJiJahBcDKWjBK2eOTNzcjBt2nefQ0eCfIXj%2F%2Bz8WAER%2FfEiX%2F34%2BtrczpfyN2esVvORvPr688e%2FfM3HqjxpP3kS8hx%2BVc9aUcxCpPMftJmnrRLHH45W8oDPEissn5gC9%2F6abbQlPgO0%2FMm5xkD15qj9DvzwWLTp42ecOCqkQr53caEpyMV18WY4fuyFJaDypdNjm0Zq43i2H4casPJrdP1Qmiwq023RurID%2BK02x1EMdiA4rDJ56MDi3je6GbTfnek947bycgDcBgqg8TebbA%2Flr1ktBUMge9x29n0pG%2B9uc7UvV4yUOaLGMlVMmqZEkpVhRZmlLmMV1wWtLaDvEy3XWuCNhnVczv8kE7yydHUo0T14ij2DksObfhb8bRahXo9hQcxLzlleN6N0ymns%2BPbon%2BgkSoIJwSSCfYFmJzGSD3dJrAf1hNjphbZZjCJXc8T55Yi28ejJxvzdM3hXeqbo4xhtyvaMnNa4cf0eIR7WSC7M7BRy4yfH2Z%2BucCAK05LVT8De2Nthy4fDPEpXSq5d7CguYtOR3NJ2eJW7amt%2Fek4OMlhV0smM2drKKflwPY2dNgHwiou9BG3rQemGQ2XZTyI94jVMFO2%2BiG3pLulOKITi7U8pAfzKAiOnBIgQy5Qom%2F26BR5VVZP%2BCopI1tNTHGJxh7eR7t1qfQMEfD1Ru45rKD0qVY5Ps0USt2MGMNX9zXQ%2FY0H8oXDD7W9tHZOi72WwqmqDarQ93Y7ix6nec2NZuIKOENd8GWqiqfjc%2FmafN8EsNrFCXbQt6gbSmA67Df%2B%2BPpa600n19evfvvC8PTddttJEhRHD10PVZkNwjZLdSRGpBiq7SQIZLhAaZtheY6hBK7NC4CDHYZikMi6gLFFipI6NoIQ8R1ecOFO6HDUTRzuf3B9vdAWI%2BX6%2BocThOAVuFqZk8c%2Fvr7uK%2FPeTDMX2iWPv%2BpFQQwSdJV56MpGaXY5dXNzQ9L4ReONkTRqkMT%2FYm%2FHTVLmnz36h69u4ABW%2F6fQNvPV%2BrQOekvCBvMl%2BmQRvHTzzmKsZHx%2FXPdzyfUc1B8UtOaGyn47jN1hS%2BdZs6o3FhWX%2FBgphRy6meULUm%2FmQpqedS2PDmmkWmUfj2d5hWHPlxkq7GSSZktrhqp3YSm7oNtBONZPmeEOd9ZywyepGcmGFVTmynI03F15nC4flqUVSUmp9BULSDM4UHkkDMfOmTKh08fDtUdLiEe1t92JywO1soS6niirDUVNhHMxqkrTdTRpJcpIvC0zdt1aZgoz3qmT055PQazRlFaL210LwRZayWGGSzRI%2FL2xGyEhmcoepmZxUhzNnPWjOTdJ56vNzOC04a7s2fGtMfWxFC2NOuNVahgFg8W275bLhYXlYR5NBtIsp%2FVjbvHHqDQLbeSVx7nQG9sAjPfd7X7ibo5OS4FgsZPhKZToKQX3C0qr%2FW433dKZkkj6OIstTjwbeKEJSbyU8ZFX%2B9Rx3etBJz%2Fx2nxmsamS6ZleiKE%2BVGZFNBWraB4fhTw3M5Zp6fu5XqfJNJLSZak7x3Cyx2pX7uxOdeUerJmwQmkoMp2KkWdBQo2zNXsGh6oLb%2BnlQjpth9s%2BXu4EYz2TA680DaOo19Tc4s0pV%2BX0upiJZ%2BFU7EdIW%2BxLK0StehGpFmWuJqzGL7uKka%2FZIP5KfT5PGPuL6cnHLxvSf3yN%2BOjF4%2B%2F9wfRf34NbAuw7kqKfksIX%2FrP0u2SfNAnIvvMwBxfJHSn8OwL8pyTNv%2FY8i5MXj%2F%2BRfTBi%2B83ntp80P7D9xH%2F%2F9eSW4ldXPM0h0RYFB0IbOZAWGFZkKYqBkBMkREskS186f%2Fro3%2F8XAAD%2F%2FwEAAP%2F%2FG5eGqukMAAA%3D
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F3RWTagkWVbOrGlBnIXYuFEQHvPsQcF8Gb8ZEd0ORUZmZMZP%2FkTk78ukML0R90bGzYy%2FjP%2BM1eCIjAuhejWCm1e3uqcdZ3RsQVwJ8tqNFIJdLrQabBHEtY7gWvJVSY%2FQfYiIe26cuzjnft93OL%2F3LP%2B8QZEcvDLHUY19H7T5G%2Brq19Y4hFGZXk0WVzR1Q713tcZhh3vvqrp8kuJdmuJvqF%2B%2FGiLnGLUZiqYomqKvBjhBblS1H6IExz%2BS6BuJuuGYG5rnSJX8%2F32aN0kKmgQWnzfeJhi%2B%2FBnv7z4m2LknYfDnfZQesyj%2BDSXIfZBFCSngR8vwGEZlSIIvXDdpEjf86M1pEqUvG40%2FfESi8KM3FZCo%2BOBSAbHxy0bzn2hihx%2B9SZPYxYevM7V9gkJiw6%2BTsrgnyL8nGNwTJ%2FoOwfDTBiEOJJMpCYPvT6KkBOfXUXCJvmy89T%2F%2FTXD5svHWv%2FwiCYM%2Fk31cXc0jP89wFKakcu8Iru4J3t%2BTOP%2BEZHWT4PIT4mS%2FQzBskDC4Ixi%2B%2BlVRskWRpsQW1UF8i2MYqWU7jNtCjgg4IDAcI0oPV4PxPcHuPfHRUwLSJskvL26S3G2SPG6SAL66ArzkUpTg2i7LipzjOCzrOLzYgTxkOdGlSO5ccn9KsvgpcfynxEm%2BTeLk2%2BSI3%2F%2BUf5sk%2Bd%2BQ1LsjKWySNGuQAt6REjVImTZICRqkxA1SZg1SFncfQj9l0rvvQz%2FNbfrNyrxZ2bvnUbZ%2FBj6Msj0KG8%2Fizxu%2FcLmz5tf%2F%2FvfJEb26YjoOoDo84F1bFGhH4ARW6nAdwHRcqsMwNknxHcHpo4dK6wuAv%2Fk%2BifGnPz8kNrgnqX9PHPw2AfmvEFA%2BFxiKAO85J1KkDn%2BcRUmCwuyIs%2Bx8kxUERnckzt4i2bn5zP%2B88UsP4LHf%2FAlBzovHf%2FG9f2P%2B8rd%2BQpzkjsTJHTngv22Qvf%2Fd57OobHwwi8q08fE0znCAa3ABdp6BDDX%2BxEDnMkqg1k%2Bf%2FqDrXAIX90cLlGYjEEIc7tPGD2UMIUoGUeKgxl9r6RrZZp56cp6EeTwyewMtiBOUpjgK7wnAn9or4uCXjZ%2F95OceKPvL8I8ITj4hSf5Z87%2B8LIvfbbcBRJXjgXCP9iBDN04UtGHUdm5iL36cZiAA2beCd4TeO8zl2bMGM8HbJBouWVmXhioFFaiabGXeUAJ4h%2BkVSzG73Xm9DSVIR87PHQ8Mx6fpLTfSM20sJ3snNTAnVOM5TMOiPy%2FQqqTXOys%2F06deuDJRuqx36%2FnmUI%2F0%2BclIeyvJgsNJazuwAHeMqkDdnldTxe54LWtwmtW%2BXXYXt9v1CZ9XVmfO4wxrvF3Hm4TX2Km42jE06GPXtubz0jcjpVjc5ulZTM6zqTcYKH5gcd1a1xfb0bS1pztDkaG16nS7gRR7nmmL6gxnWx3oC%2BE4pYzuWk1V2bgtsjNqhdkahCuj1m7HFpUN9%2Bqwt6w5qCZsIAJbZbdAxQdkLBN1dYC3Ky2zDrxVaNPCY0eaK0hLajLw5FOpn9NT36m3nZ00RYEr7LmOwVOt4y4%2FMtJ6HdlavBbYWrEP6WgNNLNQw4M6Go6YSdq3UcyttSpsoTmdefJiJahBcDKWjBK2eOTNzcjBt2nefQ0eCfIXj%2F%2Bz8WAER%2FfEiX%2F34%2BtrczpfyN2esVvORvPr688e%2FfM3HqjxpP3kS8hx%2BVc9aUcxCpPMftJmnrRLHH45W8oDPEissn5gC9%2F6abbQlPgO0%2FMm5xkD15qj9DvzwWLTp42ecOCqkQr53caEpyMV18WY4fuyFJaDypdNjm0Zq43i2H4casPJrdP1Qmiwq023RurID%2BK02x1EMdiA4rDJ56MDi3je6GbTfnek947bycgDcBgqg8TebbA%2Flr1ktBUMge9x29n0pG%2B9uc7UvV4yUOaLGMlVMmqZEkpVhRZmlLmMV1wWtLaDvEy3XWuCNhnVczv8kE7yydHUo0T14ij2DksObfhb8bRahXo9hQcxLzlleN6N0ymns%2BPbon%2BgkSoIJwSSCfYFmJzGSD3dJrAf1hNjphbZZjCJXc8T55Yi28ejJxvzdM3hXeqbo4xhtyvaMnNa4cf0eIR7WSC7M7BRy4yfH2Z%2BucCAK05LVT8De2Nthy4fDPEpXSq5d7CguYtOR3NJ2eJW7amt%2Fek4OMlhV0smM2drKKflwPY2dNgHwiou9BG3rQemGQ2XZTyI94jVMFO2%2BiG3pLulOKITi7U8pAfzKAiOnBIgQy5Qom%2F26BR5VVZP%2BCopI1tNTHGJxh7eR7t1qfQMEfD1Ru45rKD0qVY5Ps0USt2MGMNX9zXQ%2FY0H8oXDD7W9tHZOi72WwqmqDarQ93Y7ix6nec2NZuIKOENd8GWqiqfjc%2FmafN8EsNrFCXbQt6gbSmA67Df%2B%2BPpa600n19evfvvC8PTddttJEhRHD10PVZkNwjZLdSRGpBiq7SQIZLhAaZtheY6hBK7NC4CDHYZikMi6gLFFipI6NoIQ8R1ecOFO6HDUTRzuf3B9vdAWI%2BX6%2BocThOAVuFqZk8c%2Fvr7uK%2FPeTDMX2iWPv%2BpFQQwSdJV56MpGaXY5dXNzQ9L4ReONkTRqkMT%2FYm%2FHTVLmnz36h69u4ABW%2F6fQNvPV%2BrQOekvCBvMl%2BmQRvHTzzmKsZHx%2FXPdzyfUc1B8UtOaGyn47jN1hS%2BdZs6o3FhWX%2FBgphRy6meULUm%2FmQpqedS2PDmmkWmUfj2d5hWHPlxkq7GSSZktrhqp3YSm7oNtBONZPmeEOd9ZywyepGcmGFVTmynI03F15nC4flqUVSUmp9BULSDM4UHkkDMfOmTKh08fDtUdLiEe1t92JywO1soS6niirDUVNhHMxqkrTdTRpJcpIvC0zdt1aZgoz3qmT055PQazRlFaL210LwRZayWGGSzRI%2FL2xGyEhmcoepmZxUhzNnPWjOTdJ56vNzOC04a7s2fGtMfWxFC2NOuNVahgFg8W275bLhYXlYR5NBtIsp%2FVjbvHHqDQLbeSVx7nQG9sAjPfd7X7ibo5OS4FgsZPhKZToKQX3C0qr%2FW433dKZkkj6OIstTjwbeKEJSbyU8ZFX%2B9Rx3etBJz%2Fx2nxmsamS6ZleiKE%2BVGZFNBWraB4fhTw3M5Zp6fu5XqfJNJLSZak7x3Cyx2pX7uxOdeUerJmwQmkoMp2KkWdBQo2zNXsGh6oLb%2BnlQjpth9s%2BXu4EYz2TA680DaOo19Tc4s0pV%2BX0upiJZ%2BFU7EdIW%2BxLK0StehGpFmWuJqzGL7uKka%2FZIP5KfT5PGPuL6cnHLxvSf3yN%2BOjF4%2B%2F9wfRf34NbAuw7kqKfksIX%2FrP0u2SfNAnIvvMwBxfJHSn8OwL8pyTNv%2FY8i5MXj%2F%2BRfTBi%2B83ntp80P7D9xH%2F%2F9eSW4ldXPM0h0RYFB0IbOZAWGFZkKYqBkBMkREskS186f%2Fro3%2F8XAAD%2F%2FwEAAP%2F%2FG5eGqukMAAA%3D HTTP/1.1
Host: centeredfailinghotline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Cookie: u_pl=17550729; uid_id2=89b88108-06e5-4229-bc2f-ec8a4a724289:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 29 Dec 2022 03:00:52 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e83a6b680adcb0b07194ffcdaab42a88
Strict-Transport-Security: max-age=0; includeSubdomains

www.torrentkitty.lol/search/search/naho%20hazuki

172.67.217.107

200 OK

0 B

URL HTTP/2
www.torrentkitty.lol/search/search/naho%20hazuki
IP
172.67.217.107:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /search/search/naho%20hazuki HTTP/1.1
Host: www.torrentkitty.lol
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:49 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: max-age=14400, must-revalidate
pragma: no-cache
cf-cache-status: MISS
last-modified: Thu, 29 Dec 2022 03:00:49 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DymQgLN%2Bw5N6oDByqRWPbKU8uPcjT5RJYYRCTmvtJfbNC10mdOg6q3Kz2%2FedJY0anQA%2BLo%2BFfLmm7L3EpxsC4%2FVbBU2bVpTQoZvtBTC4T1hNLAgi3quYO8CuYeJg5WhuARWJ4wJQMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 780f499c488a0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

c.statcounter.com/t.php?sc_project=10571718&u1=84DC11EEC3394FF87B9A4A8CFCE03944&java=1&security=6b4a9073&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//www.torrentkitty.lol/search/search/naho%2520hazuki&t=search%20-%20Torrent%20Kitty&invisible=1&sc_rum_e_s=2654&sc_rum_e_e=2659&sc_rum_f_s=0&sc_rum_f_e=2646&get_config=true

104.20.219.77

200 OK

0 B

URL HTTP/2
c.statcounter.com/t.php?sc_project=10571718&u1=84DC11EEC3394FF87B9A4A8CFCE03944&java=1&security=6b4a9073&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//www.torrentkitty.lol/search/search/naho%2520hazuki&t=search%20-%20Torrent%20Kitty&invisible=1&sc_rum_e_s=2654&sc_rum_e_e=2659&sc_rum_f_s=0&sc_rum_f_e=2646&get_config=true
IP
104.20.219.77:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /t.php?sc_project=10571718&u1=84DC11EEC3394FF87B9A4A8CFCE03944&java=1&security=6b4a9073&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//www.torrentkitty.lol/search/search/naho%2520hazuki&t=search%20-%20Torrent%20Kitty&invisible=1&sc_rum_e_s=2654&sc_rum_e_e=2659&sc_rum_f_s=0&sc_rum_f_e=2646&get_config=true HTTP/1.1
Host: c.statcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:51 GMT
content-type: application/json
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
expires: Mon, 26 Jul 1997 05:00:00 GMT
set-cookie: is_unique=sc10571718.1672282851.0; SameSite=None; Secure; Expires=Tuesday, 28-Dec-2027 11:00:51 HKT; Path=/; Domain=.statcounter.com
is_visitor_unique=1672282851226720037; SameSite=None; Secure; Expires=Saturday, 28-Dec-2024 11:00:51 HKT; Path=/; Domain=.statcounter.com
access-control-allow-origin: https://www.torrentkitty.lol
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 780f49ab4eafb4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 29 Dec 2022 03:00:52 GMT
date: Thu, 29 Dec 2022 03:00:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

secure.statcounter.com/counter/counter.js

104.20.219.77

200 OK

0 B

URL HTTP/2
secure.statcounter.com/counter/counter.js
IP
104.20.219.77:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /counter/counter.js HTTP/1.1
Host: secure.statcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:50 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 19 Dec 2022 18:29:15 GMT
etag: W/"63a0ad7b-aa70"
expires: Thu, 29 Dec 2022 06:34:59 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 30351
server: cloudflare
cf-ray: 780f49a8ad64b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.cloudflare.com/cdn-cgi/trace

104.16.124.96

200 OK

0 B

URL HTTP/2
www.cloudflare.com/cdn-cgi/trace
IP
104.16.124.96:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cdn-cgi/trace HTTP/1.1
Host: www.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:50 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 780f49a95e2ab4ee-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

crrepo.com/extban/306928020/creatives/23542074/57a4d6202e83fa2b80096bedde5657fd_7640.png

104.21.235.113

200 OK

0 B

URL HTTP/2
crrepo.com/extban/306928020/creatives/23542074/57a4d6202e83fa2b80096bedde5657fd_7640.png
IP
104.21.235.113:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /extban/306928020/creatives/23542074/57a4d6202e83fa2b80096bedde5657fd_7640.png HTTP/1.1
Host: crrepo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:52 GMT
content-type: image/png
last-modified: Sat, 12 Nov 2022 09:34:43 GMT
etag: W/"636f68b3-2132"
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: HIT
age: 5816
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uXFCUnw6fEXJrsczwghCpq6bEom03r5hcr9SvW%2FaFYb3rAAT%2FL9gCl8v6snKC5evudRHV%2FznBdhiaqbCkCVIO5Ir6fGhS8MV0VzFirIfaE9FXZaD1XMBLfYRiWx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 780f49b41c0e730c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (30)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations