| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe717435470c9f4f06b174d7100c6a98f 292150251495b243c384e0c676a258597ba7f4d8 91ce8257662cb8cea9cc3c74cda1d95dba421daa466b0ac231fa433e0c58e6c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "91CE8257662CB8CEA9CC3C74CDA1D95DBA421DAA466B0AC231FA433E0C58E6C6"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11006
Expires: Thu, 29 Dec 2022 06:04:14 GMT
Date: Thu, 29 Dec 2022 03:00:48 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash259d3eba2ac4ea32f0410a59bd01c18a ab02cd69e6c04e3842ad1778fb0daa6d0e86fddc 0d6ec941dac6d97a0b24c0cf00a5642a4edda68ae5ec8b3019d1ec05f40d2281
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D6EC941DAC6D97A0B24C0CF00A5642A4EDDA68AE5EC8B3019D1EC05F40D2281"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7989
Expires: Thu, 29 Dec 2022 05:13:57 GMT
Date: Thu, 29 Dec 2022 03:00:48 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashb2d59bdbb1ca6324590988ec031cf1fc bfd4e25af37dcde4bac38d9b178c5ac8e50f8834 cef2180120ef42ff09d54577229c058d41d2c569d485f5a6dcfadc74bf8aa647
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEF2180120EF42FF09D54577229C058D41D2C569D485F5A6DCFADC74BF8AA647"
Last-Modified: Mon, 26 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2720
Expires: Thu, 29 Dec 2022 03:46:08 GMT
Date: Thu, 29 Dec 2022 03:00:48 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashdcd75ca6daca51c5e39d431468511793 07f76d3bf23d65c9110d810fa71a994e39e085d3 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 29 Dec 2022 02:35:24 GMT
content-type: application/json
age: 1524
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashb1fcd419a4245617397846e8d17233f6 2a037ce244587640b27ead9a0ec2af4f862d91b2 e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 0BOSWTDdTqeIQ2+6PxMSVTdv3Wx9mQWz+p/4vhk2JDoKXtCZHy2l1FI6fwd8TY/yI2FrJjJDnjE0z1n7svjPLw==
x-amz-request-id: KMFZB7030GW7HPTE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 29 Dec 2022 02:56:26 GMT
age: 262
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| book.dypics.com/search/naho%20hazuki | 104.21.61.235 | 301 Moved Permanently | 177 B |
URL HTTP/1.1book.dypics.com/search/naho%20hazuki IP104.21.61.235:0
File typeHTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text Hash433c7496834b797911984a2b2809496a 991a4cc39d0b34d17b2fd6821e824d389c0a9e4b c0dfb07d5e58d7479f39f5ecb932a64af9286023ef514115132d0a4d4fe7613b
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /search/naho%20hazuki HTTP/1.1
Host: book.dypics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 29 Dec 2022 03:00:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.torrentkitty.lol/search/search/naho hazuki
X-Powered-By: ASP.NET
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HBl0493%2BeEI4FkNK0c%2F%2BVkghq7MMyonxTa85qls7xXZn4cxDUpVWWsb9ZhJHcQ4ifkw8P31hsKvBtbugw7ZgjENikSjveQHSYvS5hEkjTh9dIcxHTV1x%2FEci5uf2VlVhJCU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 780f4998aa8fb517-OSL
alt-svc: h2=":443"; ma=60
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 29 Dec 2022 03:00:48 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hashe2036062c2578b7649b23a0cf829feb8 bc82090d09af02d5f99d4e7ca6593a6539227b4a 6c8005a05e49b3c20438340a99e4d93a030d6b102e50a448f9b4d3aa33b27d9f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=90756
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 03:00:48 GMT
Etag: "63abc264-118"
Expires: Fri, 30 Dec 2022 04:13:24 GMT
Last-Modified: Wed, 28 Dec 2022 04:13:24 GMT
Server: nginx
Content-Length: 280
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Pragma, Last-Modified, Expires, Alert, Content-Type, Retry-After, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 29 Dec 2022 02:08:08 GMT
age: 3160
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash125553386d49a0b56facb82deab9bd9f 1a7480b79f4aada477fb5919794f6efd6d44921e 6f3f4223d3c994dd4754df67a11298d736e16f888f301ad2838d0b4db1ac01d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5847
Cache-Control: max-age=114205
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 03:00:49 GMT
Etag: "63ac0727-1d7"
Expires: Fri, 30 Dec 2022 10:44:14 GMT
Last-Modified: Wed, 28 Dec 2022 09:06:47 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 52.42.185.162 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.42.185.162:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +e6rsfBUXGpWjcbmcuviGQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Rt2P+bC8SGZ5SOP+0oQaJtidrg8=
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hashe2036062c2578b7649b23a0cf829feb8 bc82090d09af02d5f99d4e7ca6593a6539227b4a 6c8005a05e49b3c20438340a99e4d93a030d6b102e50a448f9b4d3aa33b27d9f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=90756
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 03:00:49 GMT
Etag: "63abc264-118"
Expires: Fri, 30 Dec 2022 04:13:25 GMT
Last-Modified: Wed, 28 Dec 2022 04:13:24 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash722a2008a133f6fd26f8f2ce2b8a7831 ad2c42f7f5c927e7b9b3a95dc70459b728eaa4c4 a147138059f937bba96aacc9297f1add040861e788dea92e5eb46c8533aef081
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1951
Cache-Control: max-age=136231
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 03:00:49 GMT
Etag: "63ac6c69-117"
Expires: Fri, 30 Dec 2022 16:51:20 GMT
Last-Modified: Wed, 28 Dec 2022 16:18:49 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash722a2008a133f6fd26f8f2ce2b8a7831 ad2c42f7f5c927e7b9b3a95dc70459b728eaa4c4 a147138059f937bba96aacc9297f1add040861e788dea92e5eb46c8533aef081
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1951
Cache-Control: max-age=136231
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 03:00:49 GMT
Etag: "63ac6c69-117"
Expires: Fri, 30 Dec 2022 16:51:20 GMT
Last-Modified: Wed, 28 Dec 2022 16:18:49 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
|
|
| get.geojs.io/v1/ip/geo.js | 172.67.70.233 | 200 OK | 1.5 kB |
URL HTTP/2get.geojs.io/v1/ip/geo.js IP172.67.70.233:0
File typeASCII text, with very long lines (306) Hash1ed8f5ca0c5609e43c5a9a19967eaaf5 5bcf9c9fc99457e32b8b431cbb9235e499554e27 8b5d68114edca94c36f9ca9d3c2154a2fc09b139602ee704a9843c56bf4943b8
GET /v1/ip/geo.js HTTP/1.1
Host: get.geojs.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:49 GMT
content-type: application/javascript; charset=utf-8
x-request-id: f372f5c53712d9342d7bed38f957e289-AMS
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-origin: *
access-control-allow-methods: GET
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
x-geojs-location: AMS
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FUSTglPFtddm1DQwubPrvLRnx%2FR3Kf9y1orIIT%2BFsRpGSrLqZg50OaLNPD0kqKk3rQ30JdVVFvaz%2B6Hh%2BveeqTX3%2FokRGpfKszP5udqweGMDND1upCP%2FRJYDFTrAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 780f49a2baccb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash2cb8ebdbab03a02c2b51e71b7c322812 79044ad23867ea3f261b91b39cbf153773f09fae c48ca09b23be4cb854f1561f68b50c67140ab080ba1c25174d0b67d7b64945aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C48CA09B23BE4CB854F1561F68B50C67140AB080BA1C25174D0B67D7B64945AA"
Last-Modified: Tue, 27 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8968
Expires: Thu, 29 Dec 2022 05:30:18 GMT
Date: Thu, 29 Dec 2022 03:00:50 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash2cb8ebdbab03a02c2b51e71b7c322812 79044ad23867ea3f261b91b39cbf153773f09fae c48ca09b23be4cb854f1561f68b50c67140ab080ba1c25174d0b67d7b64945aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C48CA09B23BE4CB854F1561F68B50C67140AB080BA1C25174D0B67D7B64945AA"
Last-Modified: Tue, 27 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8968
Expires: Thu, 29 Dec 2022 05:30:18 GMT
Date: Thu, 29 Dec 2022 03:00:50 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha280d27c715997fa6cab1b6603e1355a 3400cfb24025dfd4f5d841b72c4fbc31874ea70f b1636602f9acf1da821a3c53ca06c153cd7ea0ef3b24c5d94aad3c4c8e888dc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B1636602F9ACF1DA821A3C53CA06C153CD7EA0EF3B24C5D94AAD3C4C8E888DC9"
Last-Modified: Tue, 27 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1577
Expires: Thu, 29 Dec 2022 03:27:07 GMT
Date: Thu, 29 Dec 2022 03:00:50 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash563a71326245b9544f7051f983f4d897 7293247391520689fb7aeac14ee6c984d82d7de3 17c444592282f17c3eb8a0d8e10ae9b3be096d621bdf2bbd8e12faf13ff4999c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C444592282F17C3EB8A0D8E10AE9B3BE096D621BDF2BBD8E12FAF13FF4999C"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6365
Expires: Thu, 29 Dec 2022 04:46:55 GMT
Date: Thu, 29 Dec 2022 03:00:50 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash563a71326245b9544f7051f983f4d897 7293247391520689fb7aeac14ee6c984d82d7de3 17c444592282f17c3eb8a0d8e10ae9b3be096d621bdf2bbd8e12faf13ff4999c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C444592282F17C3EB8A0D8E10AE9B3BE096D621BDF2BBD8E12FAF13FF4999C"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6365
Expires: Thu, 29 Dec 2022 04:46:55 GMT
Date: Thu, 29 Dec 2022 03:00:50 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash563a71326245b9544f7051f983f4d897 7293247391520689fb7aeac14ee6c984d82d7de3 17c444592282f17c3eb8a0d8e10ae9b3be096d621bdf2bbd8e12faf13ff4999c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C444592282F17C3EB8A0D8E10AE9B3BE096D621BDF2BBD8E12FAF13FF4999C"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6365
Expires: Thu, 29 Dec 2022 04:46:55 GMT
Date: Thu, 29 Dec 2022 03:00:50 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash563a71326245b9544f7051f983f4d897 7293247391520689fb7aeac14ee6c984d82d7de3 17c444592282f17c3eb8a0d8e10ae9b3be096d621bdf2bbd8e12faf13ff4999c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C444592282F17C3EB8A0D8E10AE9B3BE096D621BDF2BBD8E12FAF13FF4999C"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6365
Expires: Thu, 29 Dec 2022 04:46:55 GMT
Date: Thu, 29 Dec 2022 03:00:50 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash563a71326245b9544f7051f983f4d897 7293247391520689fb7aeac14ee6c984d82d7de3 17c444592282f17c3eb8a0d8e10ae9b3be096d621bdf2bbd8e12faf13ff4999c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C444592282F17C3EB8A0D8E10AE9B3BE096D621BDF2BBD8E12FAF13FF4999C"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6365
Expires: Thu, 29 Dec 2022 04:46:55 GMT
Date: Thu, 29 Dec 2022 03:00:50 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc13649-6a41-40db-8d11-e2627932c821.jpeg | 34.120.237.76 | 200 OK | 8.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc13649-6a41-40db-8d11-e2627932c821.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc9dbe1f89bbc715a85f596171692d340 4295dceef5f9089943704f8d0a309e801fd96dd7 cbb7fffdae6a1496d1f28be52b54ae0ea71b6db808ada2ff05f6f9a373454f88
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc13649-6a41-40db-8d11-e2627932c821.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8400
x-amzn-requestid: 00c2f1ce-a9f7-4a18-bf2d-77ca800e38fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: doXwgHftIAMFxWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a66ccf-5854c7133ff12e4f06c4f483;Sampled=0
x-amzn-remapped-date: Sat, 24 Dec 2022 03:06:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T2NKozUvj37A1yxEs0YNA469y6ZtYdphs_4cxgo-0iRtJeyuhIvfEg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Dec 2022 09:21:22 GMT
age: 63568
etag: "4295dceef5f9089943704f8d0a309e801fd96dd7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b05264c-5ed0-4ad4-996c-58fc36048283.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b05264c-5ed0-4ad4-996c-58fc36048283.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash244b2a2a5b176fb3117248a872e2a37a f451963e96d330a8dcd28ebcf5e63791e90b75ba c01075e3836684e57b87d1feaf148e5c0dc35e273b8519c342c90e44dfc1e54a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b05264c-5ed0-4ad4-996c-58fc36048283.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12054
x-amzn-requestid: c24868ab-bcf2-4f9c-b7a3-83df6a1fb11a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: do5InGjRIAMFWtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a6a236-539fdd2919bdc153159156ef;Sampled=0
x-amzn-remapped-date: Sat, 24 Dec 2022 06:54:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WQ2TnGkAeLlisFSiN2rI45ImsUR0xjSsEI0pMXBFzl8dMoeVb4EnRw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Dec 2022 09:10:02 GMT
age: 64248
etag: "f451963e96d330a8dcd28ebcf5e63791e90b75ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43aa3e2c-b453-45cc-9c0b-eb1d920eacf1.jpeg | 34.120.237.76 | 200 OK | 8.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43aa3e2c-b453-45cc-9c0b-eb1d920eacf1.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc0527fed1c04188af2963f337e4611da 44e20435887ecf7b36c239570d75ccfb77d5bb95 f241afd263d965f409b41e1d8059c5401b23312548799c519d7aef17d5b66f13
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43aa3e2c-b453-45cc-9c0b-eb1d920eacf1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8259
x-amzn-requestid: 691c625d-7834-41b8-a238-462cafe5c60e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dyjGXGNmoAMF8zA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa7ef5-2117438f1820e2c3773a90c4;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 05:13:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U7oHbs9lrczNYUsIglipBZm3CB9STpdgLiT5VjRdzSM3ijFXE22_oA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Dec 2022 21:48:03 GMT
age: 18767
etag: "44e20435887ecf7b36c239570d75ccfb77d5bb95"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f065733-5f7b-4113-9f70-8e9738de50f7.jpeg | 34.120.237.76 | 200 OK | 7.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f065733-5f7b-4113-9f70-8e9738de50f7.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashdb302f2c47edbbb185af9e4a96741d52 c616108fda3390ebd7f67926ba3e35a73b47135c cc9e4fdb361624bb32511b195d4a1677e241502ba013b8f8a114ebb4956019ba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f065733-5f7b-4113-9f70-8e9738de50f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6955
x-amzn-requestid: 59f34964-3642-4190-9edb-c2a1de006606
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dhyXGHe0oAMFfSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a3ca93-4acf45f93b24aebd33be5de1;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 03:10:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L4fg8oLUw2_pKOZNCh2YZi3_asUguQHaCtpPeCrUIYyVoAiwQlNqGg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Dec 2022 21:42:23 GMT
age: 19107
etag: "c616108fda3390ebd7f67926ba3e35a73b47135c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e77cad2-6b0d-46d1-a2e4-ce29f7cc173e.jpeg | 34.120.237.76 | 200 OK | 8.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e77cad2-6b0d-46d1-a2e4-ce29f7cc173e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha4adb7268aa0a520dcee9f1d936d16dd 9364105419c6662123999ed11912de21ad32f6ba 6d593122db8b8514db4d3d0d0e6d037f57d39e5aab9a9f493fed359eb4b73b2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e77cad2-6b0d-46d1-a2e4-ce29f7cc173e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8505
x-amzn-requestid: de8ce29e-7947-4c4f-95f5-14efae45cfda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d4p9MGW9IAMFqdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63acf054-5cf23dcf7bdbd784373222a9;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 01:41:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kEM8R4PYVJN8BQXhr9w-osn4-pAjeVnOtinJu1yfvjc5sTEL6LqTeQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 01:51:39 GMT
age: 4151
etag: "9364105419c6662123999ed11912de21ad32f6ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff495beea-cff9-4016-a188-b0f4b2547a59.jpeg | 34.120.237.76 | 200 OK | 7.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff495beea-cff9-4016-a188-b0f4b2547a59.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashd9592ede9af5f26a2748ba2e1e649ee1 7c99d49f3f6f9d1808bf7f7f17c1c3507838951e e9b2526f714d4d123b80fca340737b450a3c09058d8f7c7b3b180e3509eb8d27
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff495beea-cff9-4016-a188-b0f4b2547a59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: f433f7ae-20f5-4446-a7ce-4b88ec6d19ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d4GQxFceoAMF5GQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63acb737-509b4ce327ed792719fd2c58;Sampled=0
x-amzn-remapped-date: Wed, 28 Dec 2022 21:37:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vUpx0k9Eg5cG4EGjzp91A274liLuvkmgX7siRALfLiRNIvRmFCI7-g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Dec 2022 21:42:24 GMT
age: 19106
etag: "7c99d49f3f6f9d1808bf7f7f17c1c3507838951e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| charmshoist.com/90/56/63/90566380a88c4f754ae2676c3e590ba1.js | 173.233.139.164 | 200 OK | 21 kB |
URL HTTP/1.1charmshoist.com/90/56/63/90566380a88c4f754ae2676c3e590ba1.js IP173.233.139.164:0
File typeHTML document, ASCII text, with very long lines (60132), with no line terminators Hash04e4bd3fbe45f509ef29df5ab35ede2b 868554af64e49ff4fa9a593636402b3f296ca8d3 c4537d2a2ac36804cd8822a9f0de15f0d6faa0e4704eae5db852282d11e5a0ad
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /90/56/63/90566380a88c4f754ae2676c3e590ba1.js HTTP/1.1
Host: charmshoist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 29 Dec 2022 03:00:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: be89a5e9b256b1ca74653eb1586e9592
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| charmshoist.com/26/ca/06/26ca065a5fb871c74739646a26f0622b.js | 173.233.139.164 | 200 OK | 13 kB |
URL HTTP/1.1charmshoist.com/26/ca/06/26ca065a5fb871c74739646a26f0622b.js IP173.233.139.164:0
File typeASCII text, with very long lines (37147), with no line terminators Hash3b7b14e86700d655aae2624a5c30f6a2 6dc06a64815c14da19f0be4109f61b6db3484d7b 916031204f37ef3c436b87b7022f9cef919b7700ac01d19232fcec48f731df0a
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /26/ca/06/26ca065a5fb871c74739646a26f0622b.js HTTP/1.1
Host: charmshoist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 29 Dec 2022 03:00:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 38b411c40bc1344e8fd62d6647d6b2a3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| accentneglectporter.com/80497e49a2c17fe3a1aff4077eee1810/invoke.js | 173.233.137.52 | 200 OK | 13 kB |
URL HTTP/1.1accentneglectporter.com/80497e49a2c17fe3a1aff4077eee1810/invoke.js IP173.233.137.52:0
Hash883adadb97bfa0cf877d25dda184e9f8 5d2e06a2c6a3afa134d81860e0a49a77ecf904f4 13192686e3fc5ca2bf0bde0afe2f383868ba2d868f0138678b2c35ef05037f05
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /80497e49a2c17fe3a1aff4077eee1810/invoke.js HTTP/1.1
Host: accentneglectporter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 29 Dec 2022 03:00:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ff6c04e22b939fee3d5206fa658d7ae1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash0c7df0202539d8dbcf97fb524ffbc17e ee765712aa8beb5c1399231d886f64696f3f5186 fc9195c926fedc8b79c213df3c3de105cc2e3b96171774b986205f9117476a24
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1212
Cache-Control: max-age=109957
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 03:00:50 GMT
Etag: "63ac08ab-116"
Expires: Fri, 30 Dec 2022 09:33:27 GMT
Last-Modified: Wed, 28 Dec 2022 09:13:15 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.158 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.158:0
Hashdd29200bbfd844acb1d486a02ebb87c1 d00c38f1f3ca8e3d1b0a2a8dd3ca6aa6dbd6f927 05985a8df2d32c3239eb49c4e03e1b8c386f18924b6b3ea5b6966e2f88023e95
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=125359
Date: Thu, 29 Dec 2022 03:00:50 GMT
Etag: "63ac4516-1d7"
Expires: Fri, 30 Dec 2022 13:50:09 GMT
Last-Modified: Wed, 28 Dec 2022 13:31:02 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8Ao7QX9L8dSuJ29MrpmcZDx1aLPPbtgjT_1J6DoPJJyo7-FKgQ3azQ==
Age: 1147
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 346 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashf9533c9e23df3c0923ca636d763c7ea0 dd2380f78817eed3925e922df8708d4bdd6c8f8e 184ca30a31c1d5a3568ca7767c31b007eeac17560c40c129a069f6fea44b88d8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "184CA30A31C1D5A3568CA7767C31B007EEAC17560C40C129A069F6FEA44B88D8"
Last-Modified: Mon, 26 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4670
Expires: Thu, 29 Dec 2022 04:18:40 GMT
Date: Thu, 29 Dec 2022 03:00:50 GMT
Connection: keep-alive
|
|
| simplewebanalysis.com/stats | 52.59.105.91 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP52.59.105.91:0
File typeASCII text, with no line terminators Hash6d6e58b95629752b585cd32ba83b3e1f 7556873fb99873fc16d9d94a1a83c3979c5d6673 e7fe2014a09e1498ba9f66bd201674fa9e2e55f3d5cf25fc6adb4f95dda0e567
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:50 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.torrentkitty.lol
access-control-allow-credentials: true
set-cookie: uid_id2=2a3a705c-f391-482a-9ec4-6cf258941d2e:1:1; expires=Sun, 26 Dec 2032 03:00:50 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.158 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.158:0
Hashdd29200bbfd844acb1d486a02ebb87c1 d00c38f1f3ca8e3d1b0a2a8dd3ca6aa6dbd6f927 05985a8df2d32c3239eb49c4e03e1b8c386f18924b6b3ea5b6966e2f88023e95
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=124853
Date: Thu, 29 Dec 2022 03:00:50 GMT
Etag: "63ac4516-1d7"
Expires: Fri, 30 Dec 2022 13:41:43 GMT
Last-Modified: Wed, 28 Dec 2022 13:31:02 GMT
Server: ECS (nyb/1D0C)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Dcuf159tZFQEDguFiPfGP7qN0GkD6LdBcgKDfKmM_PBP_oi2RqcKVw==
Age: 641
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.158 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.158:0
Hashdd29200bbfd844acb1d486a02ebb87c1 d00c38f1f3ca8e3d1b0a2a8dd3ca6aa6dbd6f927 05985a8df2d32c3239eb49c4e03e1b8c386f18924b6b3ea5b6966e2f88023e95
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=125073
Date: Thu, 29 Dec 2022 03:00:50 GMT
Etag: "63ac4516-1d7"
Expires: Fri, 30 Dec 2022 13:45:23 GMT
Last-Modified: Wed, 28 Dec 2022 13:31:02 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lmklxTe51TUDUknghCTO1TECO1e_8SVLBZ6XTN8ke0VlSrXCNqKusQ==
Age: 861
|
|
| simplewebanalysis.com/stats | 52.59.105.91 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP52.59.105.91:0
File typeASCII text, with no line terminators Hash3037afd02b1428ef0d772cac98e949c4 8baf622b006eed035ff812fdaeb7bf7685b6cbc9 153456d88f1053f142e3bc9815b2f19e7de90bdc0e370634d232abfbbaa6b94a
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:50 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.torrentkitty.lol
access-control-allow-credentials: true
set-cookie: uid_id2=912daed6-867f-4024-89ae-c66d1d8e7e46:2:1; expires=Sun, 26 Dec 2032 03:00:50 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| simplewebanalysis.com/stats | 52.59.105.91 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP52.59.105.91:0
File typeASCII text, with no line terminators Hash3f17b943474ca4447a009e4e7b4e9d4c 7caa0ac90065792dbeeb578812d2fca138e3d2ba 78a6fe3ac8a5ad6d1626790af50b55c4683db0bfcab42e6ea222895e87d303c9
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:50 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.torrentkitty.lol
access-control-allow-credentials: true
set-cookie: uid_id2=89b88108-06e5-4229-bc2f-ec8a4a724289:1:1; expires=Sun, 26 Dec 2032 03:00:50 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash65aae8249897fbf2e8401228c156f5ad f3a3433f2680282bf1e2b997d90e73f3d06de9dd 055a0253c0d08ecd3e4c76ad75240da3540aba9a0ab16fd8984b2ea2cd0113bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "055A0253C0D08ECD3E4C76AD75240DA3540ABA9A0AB16FD8984B2EA2CD0113BF"
Last-Modified: Mon, 26 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17092
Expires: Thu, 29 Dec 2022 07:45:42 GMT
Date: Thu, 29 Dec 2022 03:00:50 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 346 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashf9533c9e23df3c0923ca636d763c7ea0 dd2380f78817eed3925e922df8708d4bdd6c8f8e 184ca30a31c1d5a3568ca7767c31b007eeac17560c40c129a069f6fea44b88d8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "184CA30A31C1D5A3568CA7767C31B007EEAC17560C40C129A069F6FEA44B88D8"
Last-Modified: Mon, 26 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4669
Expires: Thu, 29 Dec 2022 04:18:40 GMT
Date: Thu, 29 Dec 2022 03:00:51 GMT
Connection: keep-alive
|
|
| imprintmake.com/pixel/purst?dl=0&th=0&sc=0&rs=2510&rd=2510&fd=952&bv=22.10.v.9&tmpl=70 | 173.233.137.60 | 200 OK | 0 B |
URL HTTP/1.1imprintmake.com/pixel/purst?dl=0&th=0&sc=0&rs=2510&rd=2510&fd=952&bv=22.10.v.9&tmpl=70 IP173.233.137.60:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pixel/purst?dl=0&th=0&sc=0&rs=2510&rd=2510&fd=952&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: imprintmake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 29 Dec 2022 03:00:51 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| simplewebanalysis.com/stats | 52.59.105.91 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP52.59.105.91:0
File typeASCII text, with no line terminators Hash3f17b943474ca4447a009e4e7b4e9d4c 7caa0ac90065792dbeeb578812d2fca138e3d2ba 78a6fe3ac8a5ad6d1626790af50b55c4683db0bfcab42e6ea222895e87d303c9
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Cookie: uid_id2=89b88108-06e5-4229-bc2f-ec8a4a724289:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:51 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.torrentkitty.lol
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash159c6c6adedab0594e478eb59e0690d8 5907b2d3a446691dafd72c14860ad09e8056669d 79f5e214d9566b2d39c48f207ee743ba1908b51aaa89b7af5d7b9cabb8ee6704
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79F5E214D9566B2D39C48F207EE743BA1908B51AAA89B7AF5D7B9CABB8EE6704"
Last-Modified: Tue, 27 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11352
Expires: Thu, 29 Dec 2022 06:10:03 GMT
Date: Thu, 29 Dec 2022 03:00:51 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 16 kB |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash85efa2baaa8a37bde87d8bf488f6ec2c f76edff819436f1cfe4694825364175464543404 8cb08e0ea0127a4f6b7001511015c903d8251f1c778e471a50a80f173e7bbbce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0AE90CA1F4C6A5C62A711B71C3BF82F31A0FB1E0FF7536DCC16309831BE5B41E"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11445
Expires: Thu, 29 Dec 2022 06:11:36 GMT
Date: Thu, 29 Dec 2022 03:00:51 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe33357a83b1e14ac34aeab7a831611b8 238de70a45839052155efa893f5e787f250c5a11 95056bfa6e0871c292709f1824970e0a2ddea311b3cd9a0dab28b93c17d3194b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "95056BFA6E0871C292709F1824970E0A2DDEA311B3CD9A0DAB28B93C17D3194B"
Last-Modified: Wed, 28 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15104
Expires: Thu, 29 Dec 2022 07:12:35 GMT
Date: Thu, 29 Dec 2022 03:00:51 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe141a61fb05a0ad4cd9e8e7a52f5d4db 2da654421da52a9c28cf3942b414a2e9098deaba c112b736d77e86c894130fb7d2ab5321a6fb47701979ffcbae932ccc0d30ea7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C112B736D77E86C894130FB7D2AB5321A6FB47701979FFCBAE932CCC0D30EA7F"
Last-Modified: Tue, 27 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2435
Expires: Thu, 29 Dec 2022 03:41:26 GMT
Date: Thu, 29 Dec 2022 03:00:51 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe141a61fb05a0ad4cd9e8e7a52f5d4db 2da654421da52a9c28cf3942b414a2e9098deaba c112b736d77e86c894130fb7d2ab5321a6fb47701979ffcbae932ccc0d30ea7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C112B736D77E86C894130FB7D2AB5321A6FB47701979FFCBAE932CCC0D30EA7F"
Last-Modified: Tue, 27 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2435
Expires: Thu, 29 Dec 2022 03:41:26 GMT
Date: Thu, 29 Dec 2022 03:00:51 GMT
Connection: keep-alive
|
|
| unseenreport.com/pxf.gif?uuid=89b88108-06e5-4229-bc2f-ec8a4a724289&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=90566380a88c4f754ae2676c3e590ba1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3 | 192.243.61.225 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=89b88108-06e5-4229-bc2f-ec8a4a724289&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=90566380a88c4f754ae2676c3e590ba1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3 IP192.243.61.225:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pxf.gif?uuid=89b88108-06e5-4229-bc2f-ec8a4a724289&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=90566380a88c4f754ae2676c3e590ba1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 29 Dec 2022 03:00:51 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 538b38aa589140219e6e945e73b5d83b
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=89b88108-06e5-4229-bc2f-ec8a4a724289&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=26ca065a5fb871c74739646a26f0622b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3 | 192.243.61.225 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=89b88108-06e5-4229-bc2f-ec8a4a724289&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=26ca065a5fb871c74739646a26f0622b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3 IP192.243.61.225:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pxf.gif?uuid=89b88108-06e5-4229-bc2f-ec8a4a724289&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=26ca065a5fb871c74739646a26f0622b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 29 Dec 2022 03:00:51 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7aad48eca8378daabd8691b6b210de45
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| banquetunarmedgrater.com/advertisers.js | 192.243.61.225 | 200 OK | 6 B |
URL HTTP/1.1banquetunarmedgrater.com/advertisers.js IP192.243.61.225:0 ASN#39572 DataWeb Global Group B.V.
Hash7d14c6d06a6075d413d43d381c992eba 49bdfc1145f7c7a7bf870f069b9d23a97966cb30 f48bd14f1f30b485d99a2904d06cbd9fa03ccaa5779105a3d3cf963edb2ac385
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 29 Dec 2022 03:00:51 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 664763f7be5f87ab0ec939948cf36f85
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| temperrunnersdale.com/watch.413938073587.js?key=80497e49a2c17fe3a1aff4077eee1810&kw=%5B%22search%22%2C%22-%22%2C%22torrent%22%2C%22kitty%22%5D&refer=https%3A%2F%2Fwww.torrentkitty.lol%2Fsearch%2Fsearch%2Fnaho%2520hazuki&tz=0&dev=e&res=12.1055&uuid=2a3a705c-f391-482a-9ec4-6cf258941d2e%3A1%3A1 | 192.243.61.225 | 307 Temporary Redirect | 0 B |
URL HTTP/1.1temperrunnersdale.com/watch.413938073587.js?key=80497e49a2c17fe3a1aff4077eee1810&kw=%5B%22search%22%2C%22-%22%2C%22torrent%22%2C%22kitty%22%5D&refer=https%3A%2F%2Fwww.torrentkitty.lol%2Fsearch%2Fsearch%2Fnaho%2520hazuki&tz=0&dev=e&res=12.1055&uuid=2a3a705c-f391-482a-9ec4-6cf258941d2e%3A1%3A1 IP192.243.61.225:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /watch.413938073587.js?key=80497e49a2c17fe3a1aff4077eee1810&kw=%5B%22search%22%2C%22-%22%2C%22torrent%22%2C%22kitty%22%5D&refer=https%3A%2F%2Fwww.torrentkitty.lol%2Fsearch%2Fsearch%2Fnaho%2520hazuki&tz=0&dev=e&res=12.1055&uuid=2a3a705c-f391-482a-9ec4-6cf258941d2e%3A1%3A1 HTTP/1.1
Host: temperrunnersdale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 29 Dec 2022 03:00:51 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.torrentkitty.lol
Access-Control-Allow-Origin: https://www.torrentkitty.lol
Access-Control-Allow-Credentials: true
Location: https://temperrunnersdale.com/watch.413938073587.js?key=80497e49a2c17fe3a1aff4077eee1810&kw=%5B%22search%22%2C%22-%22%2C%22torrent%22%2C%22kitty%22%5D&refer=https%3A%2F%2Fwww.torrentkitty.lol%2Fsearch%2Fsearch%2Fnaho%2520hazuki&tz=0&dev=e&res=12.1055&uuid=2a3a705c-f391-482a-9ec4-6cf258941d2e%3A1%3A1&shu=aaa3434187e5a292aaf792a8c7bc4345d2533413e10cfb8e4d1a22c263a1a30a750c2e2321f6a3401b7e8cc92aa81d9b280e3fee14d60376ceea63cc960cf33955a4232f54329793344ca9a65266ad1bc7fe64&pst=1672282911&rmtc=t
Set-Cookie: u_pl=17298897; expires=Fri, 30 Dec 2022 03:00:51 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI5ODg5NywiayI6IjgwNDk3ZTQ5YTJjMTdmZTNhMWFmZjQwNzdlZWUxODEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo4MTA0MSwicGlkIjozOTExLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE4LCJhaWQiOjMyLCJwdCI6NCwicGsiOiJ0MzhhMGF3a3oiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudG9ycmVudGtpdHR5LmxvbC9zZWFyY2gvc2VhcmNoL25haG8lMjBoYXp1a2kifX0.dylN-E1RxV3pAvlsl-7-Jr2QpNbURX8PYalLBjXLWMk; expires=Thu, 29 Dec 2022 03:01:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ab797660fcdc4e872361f2f9c9d647a3
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| temperrunnersdale.com/watch.413938073587.js?key=80497e49a2c17fe3a1aff4077eee1810&kw=%5B%22search%22%2C%22-%22%2C%22torrent%22%2C%22kitty%22%5D&refer=https%3A%2F%2Fwww.torrentkitty.lol%2Fsearch%2Fsearch%2Fnaho%2520hazuki&tz=0&dev=e&res=12.1055&uuid=2a3a705c-f391-482a-9ec4-6cf258941d2e%3A1%3A1&shu=aaa3434187e5a292aaf792a8c7bc4345d2533413e10cfb8e4d1a22c263a1a30a750c2e2321f6a3401b7e8cc92aa81d9b280e3fee14d60376ceea63cc960cf33955a4232f54329793344ca9a65266ad1bc7fe64&pst=1672282911&rmtc=t | 192.243.61.225 | 200 OK | 2.1 kB |
URL HTTP/1.1temperrunnersdale.com/watch.413938073587.js?key=80497e49a2c17fe3a1aff4077eee1810&kw=%5B%22search%22%2C%22-%22%2C%22torrent%22%2C%22kitty%22%5D&refer=https%3A%2F%2Fwww.torrentkitty.lol%2Fsearch%2Fsearch%2Fnaho%2520hazuki&tz=0&dev=e&res=12.1055&uuid=2a3a705c-f391-482a-9ec4-6cf258941d2e%3A1%3A1&shu=aaa3434187e5a292aaf792a8c7bc4345d2533413e10cfb8e4d1a22c263a1a30a750c2e2321f6a3401b7e8cc92aa81d9b280e3fee14d60376ceea63cc960cf33955a4232f54329793344ca9a65266ad1bc7fe64&pst=1672282911&rmtc=t IP192.243.61.225:0 ASN#39572 DataWeb Global Group B.V.
File typeHTML document text\012- HTML document, ASCII text, with very long lines (2626) Hashdfb23bd7889acc888a936428377cfb5b 1de473e403545c8cd3ea93b269268a1df6ea1ed7 89a8ddb5eac6ff1a9fad3978426d754b27b767aa7cc05ca363577612b7306df4
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /watch.413938073587.js?key=80497e49a2c17fe3a1aff4077eee1810&kw=%5B%22search%22%2C%22-%22%2C%22torrent%22%2C%22kitty%22%5D&refer=https%3A%2F%2Fwww.torrentkitty.lol%2Fsearch%2Fsearch%2Fnaho%2520hazuki&tz=0&dev=e&res=12.1055&uuid=2a3a705c-f391-482a-9ec4-6cf258941d2e%3A1%3A1&shu=aaa3434187e5a292aaf792a8c7bc4345d2533413e10cfb8e4d1a22c263a1a30a750c2e2321f6a3401b7e8cc92aa81d9b280e3fee14d60376ceea63cc960cf33955a4232f54329793344ca9a65266ad1bc7fe64&pst=1672282911&rmtc=t HTTP/1.1
Host: temperrunnersdale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Referer: https://www.torrentkitty.lol/
Connection: keep-alive
Cookie: u_pl=17298897; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI5ODg5NywiayI6IjgwNDk3ZTQ5YTJjMTdmZTNhMWFmZjQwNzdlZWUxODEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo4MTA0MSwicGlkIjozOTExLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE4LCJhaWQiOjMyLCJwdCI6NCwicGsiOiJ0MzhhMGF3a3oiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudG9ycmVudGtpdHR5LmxvbC9zZWFyY2gvc2VhcmNoL25haG8lMjBoYXp1a2kifX0.dylN-E1RxV3pAvlsl-7-Jr2QpNbURX8PYalLBjXLWMk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 29 Dec 2022 03:00:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.torrentkitty.lol
Access-Control-Allow-Origin: https://www.torrentkitty.lol
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=2a3a705c-f391-482a-9ec4-6cf258941d2e:1:1; expires=Thu, 05 Jan 2023 03:00:51 GMT; secure; SameSite=None
iprc3356a76965f67b019e873db5d5292330=3570421; expires=Thu, 29 Dec 2022 07:00:51 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 30 Dec 2022 03:00:51 GMT; secure; SameSite=None
uncs=1; expires=Fri, 30 Dec 2022 03:00:51 GMT; secure; SameSite=None
pdhtkv32=true; expires=Fri, 30 Dec 2022 03:00:51 GMT; secure; SameSite=None
uncs32=1; expires=Fri, 30 Dec 2022 03:00:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8a89ba5ba929e27d77c990b8e77ba156
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| centeredfailinghotline.com/sbar.json?key=26ca065a5fb871c74739646a26f0622b&uuid=89b88108-06e5-4229-bc2f-ec8a4a724289%3A1%3A1 | 192.243.59.13 | 200 OK | 11 kB |
URL HTTP/1.1centeredfailinghotline.com/sbar.json?key=26ca065a5fb871c74739646a26f0622b&uuid=89b88108-06e5-4229-bc2f-ec8a4a724289%3A1%3A1 IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
File typeJSON data\012- , ASCII text, with very long lines (16625), with no line terminators Hash64669100015c6b856040e6a83e495444 e4abea502f3c966d787350e67eeccca91680a14d d5311bb92a5a9e619b6d4e3819cfbef6116880d3c0a53fb4c340bfc1a8f2e185
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /sbar.json?key=26ca065a5fb871c74739646a26f0622b&uuid=89b88108-06e5-4229-bc2f-ec8a4a724289%3A1%3A1 HTTP/1.1
Host: centeredfailinghotline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 29 Dec 2022 03:00:52 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.torrentkitty.lol
Access-Control-Allow-Origin: https://www.torrentkitty.lol
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17550729; expires=Fri, 30 Dec 2022 03:00:51 GMT; secure; SameSite=None
uid_id2=89b88108-06e5-4229-bc2f-ec8a4a724289:1:1; expires=Thu, 05 Jan 2023 03:00:51 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 30 Dec 2022 03:00:52 GMT; secure; SameSite=None
uncs=1; expires=Fri, 30 Dec 2022 03:00:52 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 30 Dec 2022 03:00:52 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 30 Dec 2022 03:00:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e7fe5d5afa3c971324035464861c992e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash0932b1a9126b03fea9aaa40d83c34b1c b0d7fe760153a0ce86449661351fa73b0da02397 53d17e0d047a116a08efa2465966948ee2ebeefa3cfaea93ebf47d4c681c6d97
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "53D17E0D047A116A08EFA2465966948EE2EBEEFA3CFAEA93EBF47D4C681C6D97"
Last-Modified: Tue, 27 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1989
Expires: Thu, 29 Dec 2022 03:34:01 GMT
Date: Thu, 29 Dec 2022 03:00:52 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash2792e3b03c1a8a283e7207184073aa4b 028f22d0c8e50bedc31ab33d19d1edda79746dfc 6682b021cb244063d6ea14474e5743b62f1e1d61559f0a7111ff4fec621f7676
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6682B021CB244063D6EA14474E5743B62F1E1D61559F0A7111FF4FEC621F7676"
Last-Modified: Tue, 27 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4693
Expires: Thu, 29 Dec 2022 04:19:05 GMT
Date: Thu, 29 Dec 2022 03:00:52 GMT
Connection: keep-alive
|
|
| cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg | 45.133.44.10 | 200 OK | 25 kB |
URL HTTP/2cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg IP45.133.44.10:0 ASN#39572 DataWeb Global Group B.V.
File typeJPEG image data, baseline, precision 8, 320x50, components 3\012- data Hashd465d02b90e928dfd9d9846e102a9dac 22f7333777bec813bd9a7b870913a2b79b6d2fe4 e393d4f1c6b5d4973e157f0f10764b92037dc18239500f42b72bed8ecef462fd
GET /cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:52 GMT
content-type: image/jpeg
content-length: 24714
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 14:06:18 GMT
etag: "62e1465a-608a"
expires: Sat, 31 Dec 2022 03:00:52 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| centeredfailinghotline.com/ren.gif?sid=H4sIAAAAAAAC%2F3RWTagkWVbOrGlBnIXYuFEQHvPsQcF8eeMvI6LbocjIjMz4yZ%2BI%2FH2ZFKY3Im5k3Mz4y%2FjPWA2OyLgQqlcjuHl1q3vacUbHFsSVIK%2FdSCHY5UKrwRZBXOsIriVflfQI3YeIuOfGuYtz7vd9h%2FN7z%2FLPG4Dk8JUxjmrs%2B7DN3YCrX1vj0InK9GqyuKLADXjvao3DDvveVXX5JMW7FOBuwK9fDZF9jNo0oACgAHU1wAlyo6r9ECU4%2FpFI3YjghqVvKI4lVfL%2F92neJClsEqf4vPE2wc7Ln%2FH%2B7mOC7XsSBn%2FeR%2Bkxi%2BLfkIPch1mUkML5aBkew6gMSfCF6yZN4oYfvTlNovRlo%2FGHj0gUfvSmAhIVH1wqIBZ%2B2Wj%2BE0Ws8KM3aRKr%2BPB1ppZPUEgs5%2BukLO4J8u8JhvfEjr5DsPNpgxDbIZMpCYPvT6KkhOfXUXiJvmy89T%2F%2FTXD5svHWv%2FwiCYM%2Fk3xcXc0jP89wFKakcu8Iru4J3t%2BTOP%2BEZHWT4PITYme%2FQ7DTIGFwR7Dz6lcF0RIECggt0EFci6VpsWXZtNtCtgBZyNMsLYgPV4PxPcHuPfHRUwLTJskvL26S3G2SPG6SwHl1BTnRBYB3LZdhBNa2bYaxbU7oOJzDsIILSG5fcn9Ksvgpsf2nxE6%2BTeLk2%2BSI3%2F%2BUe5sk%2Bd%2BQ1LsjqdMkadYghXNHStQgZdogJWyQEjdImTVIWdx96Pgpnd593%2FHT3KLerPSblbl7HmX7Z%2FDDKNujsPEs%2FrzxC5c7a37973%2BfHNGrK7pjQ9DhIOdaAk%2FZPMszYoftQLrjgg5NWyTFdwSnjx4qrS8A%2Fub7JMaf%2FvyQWPCepP49sfHbBOa%2FQmD5nKcBgd5zVgCkDn%2BcRUmCwuyIs%2Bx8kxXEie5InL1FsnPzmf9545cewGO%2B%2BROC7BeP%2F%2BJ7%2F0b%2F5W%2F9hNjJHYmTO3LAf9sge%2F%2B7z2dR2fhgFpVp4%2BNpnOEA1%2FAC7DyDGWr8iY7OZZQ4aj99%2BoOufQlc3B8tUJqNYOjgcJ82fihhx0HJIEps1PhrNV0jy8hTT8qTMI9HRm%2BgBnGC0hRH4T2B%2BFNrRWz8svGzn%2FzcA2V%2F2fkjgpNPSJJ%2F1vwvL8vid9tt6KDK9mC4R3uYoRs7CtpO1LZvYi9%2BnGYwgNm3gnf43jv05dkzOj3B2yQaLhlJE4cKcGRHMZjKuAE8fIfuFUshu915vQ3gxSPr57YHh%2BPT9JYdaZk6lpK9neqY5avx3EnDoj8v0Kqk1jszP1OnXrgyULqsd%2Bv55lCPtPlJT3sr0XSGk9Z2YEL2GFWBsj2vprLV8Vrm4DSrfavsLm636xM%2Br8zOnMMZVjmrjjcJpzJTYbWjKdjHrmXO56VvRHKxuM3Ts5CcZ1NvMJD9wGS7taYttqNpa091hgJNqdXpduMA5jxTF9XZmW01qC344xTo3bWSKpJ%2BW2Rn1AqzNQxXeq3ejk2QDffKsLesWUdJmECAlsJsoYIPSF8myurg3K7UzDxwZqFOC48ZqS4vLsFk4EmnUjunp75dbzs7cYoCl9%2BzHZ0DreMuP9Lieh1ZarzmmVq2DuloDVWjUMKDMhqO6Enat1DMrtUqbKE5lXnSYsUrQXDSl7QctjjkzY3Ixrdp3n0NHgnyF4%2F%2Fs%2FFgBEf3xI5%2F9%2BPra2M6X0jdnr5bzkbz6%2BvPHv3zNx6o8aT95EvIcflXPWlHMQqTzHrSpp%2B0Sxx%2BOVvKg3MQGXn9wBau9dNsoYDwDt3zJucZ7axVW%2B535oPFpk%2FpPf7AViPF4XYbwzkdQVwXY5rrS2JYDipfMlimpa82sm35cagOJ7d21wsdnVltujVSRn4Qp93uIIrhBhaHTT4fHRjEcXo3m%2Fa7I6133E5GHnSGoTxIrN0G%2B2PJS0ZbXue5HrudTU%2Fa1ptrdN3rJQN5voiRVCWjliGiVJEpfgaMZbxis6C1HeRluu2aE7TJQM%2FtcEMqySdHQ4sSxYuj2DssWbThboXTahVq9dQ5CHnJysPzbpxOWY0Z3xb9A4UUnj8hmEywzzvJaYyU023i9MN6os%2BUItsMJrHrecLclCXrePQkfZ6uWbxLfWOU0cx2RZlGTsncmBqPcC8LJHcGN0qZcfPDzC8XGLLFaaloZ2htzO3Q5YIhPqVLOfcOpmPsotPRWAJL2Co9pbU%2FHQcnKeyqyWRmb3X5tBxY3oYK%2B5BfxYU2Yrf1wDCi4bKMB%2FEeMSqmy1Y%2FZJdUtxRGVGIypoe0YB4FwZGVA6RLBUq0zR6dIq%2FK6glXJWVkKYkhLNHYw%2Ftoty7lni5Art5IPZvh5T5olePTTAbKZkTrvrKvoeZvPJgvbG6o7sW1fVrs1dSZKuqgCn1vtzOpcZrX7GgmrKA91HhfAlU8HZ%2FL1%2BT7JnSqXZxgG30L3ACe7jDf%2BOPra7U3nVxfv%2FrtC8PTd9ttO0lQHD10PVRlFgzbDOiItABo0LYTBDNcoLRNMxxLA55tczxknQ4NaCQwLqQtAQCxYyHHQVyH411nx3dYcBOH%2Bx9cXy%2FUxUi%2Bvv7hBCHnCl6tjMnjH19f9%2BV5b6YaC%2FWSx1%2F1oiCGCbrKPHRloTS7nLq5uSFp%2FKLxxkgaNUjif7G34iYp888e%2FcNXN3DoVP%2Bn0Db91fo0D1pLxDr9JfpkkHPp5p3FWM64%2Frju56Lr2ag%2FKCjVDeX9dhi7w5bGMUZVb0wQl9wYyYUUupnp82Jv5joUNeuaHhVSSDHLPh7P8go7PV%2BiQdjJRNUS1zSod2EpubDbQTjWTpnuDnfmcsMlqRFJuhlUxsq0VdxdeawmHZalGYlJKfdlE4ozZ6BwiB%2BO7TMwHLuPh2uPEhGHam%2B7E5YHsDL5up7Iqw0AE%2F5cjKrScG1VXAkSEm7LjFm3lplMj3fK5LTnUhirFFBrYbtrIaeFVlKY4RINEn%2Bv70aIT6aSh8EsToqjkTN%2BNGcn6Xy1memsOtyVPSu%2B1ac%2BFqOlXmecAoZRMFhs%2B265XJhYGubRZCDOcko75iZ3jEqjUEdeeZzzvbEF4Xjf3e4n7uZot2QHLnaScwpFagqc%2FQKotd%2FtplsqkxNRG2exyQpnHS9UPomXEj5ySh8c172eY%2BcnTp3PTCaVMy3TCiHUhvKsiKZCFc3jI5%2FnRsbQLW0%2F1%2Bo0mUZiuiw1%2BxhO9ljpSp3dqa7cgznjVygNBbpT0dIsSMA4WzNneKi6zi21XIin7XDbx8sdr69nUuCVhq4X9RrMTc6YslVOrYuZcOZPxX6E1MW%2BNEPUqheRYgJjNWFUbtmV9XzNBPFX6vN5QltfTE8%2BftkQ%2F%2BNrxEcvHn%2FvD6b%2F%2Bp6zJdC6Iyn6KSl84T9Lv0v2SZPA7DsPc3CR3JHCvyPQf0rS%2FGvPszh58fgfmQcjlt98bvlJ8wPLT%2Fz3X09uKX51hTgXuAjQyHJFy%2BUhcESXFS0oUoi3OEiRLH1p%2F%2Bmjf%2F9fAAAA%2F%2F8BAAD%2F%2Fw%2BfCEzpDAAA | 192.243.59.13 | 200 OK | 7 B |
URL HTTP/1.1centeredfailinghotline.com/ren.gif?sid=H4sIAAAAAAAC%2F3RWTagkWVbOrGlBnIXYuFEQHvPsQcF8eeMvI6LbocjIjMz4yZ%2BI%2FH2ZFKY3Im5k3Mz4y%2FjPWA2OyLgQqlcjuHl1q3vacUbHFsSVIK%2FdSCHY5UKrwRZBXOsIriVflfQI3YeIuOfGuYtz7vd9h%2FN7z%2FLPG4Dk8JUxjmrs%2B7DN3YCrX1vj0InK9GqyuKLADXjvao3DDvveVXX5JMW7FOBuwK9fDZF9jNo0oACgAHU1wAlyo6r9ECU4%2FpFI3YjghqVvKI4lVfL%2F92neJClsEqf4vPE2wc7Ln%2FH%2B7mOC7XsSBn%2FeR%2Bkxi%2BLfkIPch1mUkML5aBkew6gMSfCF6yZN4oYfvTlNovRlo%2FGHj0gUfvSmAhIVH1wqIBZ%2B2Wj%2BE0Ws8KM3aRKr%2BPB1ppZPUEgs5%2BukLO4J8u8JhvfEjr5DsPNpgxDbIZMpCYPvT6KkhOfXUXiJvmy89T%2F%2FTXD5svHWv%2FwiCYM%2Fk3xcXc0jP89wFKakcu8Iru4J3t%2BTOP%2BEZHWT4PITYme%2FQ7DTIGFwR7Dz6lcF0RIECggt0EFci6VpsWXZtNtCtgBZyNMsLYgPV4PxPcHuPfHRUwLTJskvL26S3G2SPG6SwHl1BTnRBYB3LZdhBNa2bYaxbU7oOJzDsIILSG5fcn9Ksvgpsf2nxE6%2BTeLk2%2BSI3%2F%2BUe5sk%2Bd%2BQ1LsjqdMkadYghXNHStQgZdogJWyQEjdImTVIWdx96Pgpnd593%2FHT3KLerPSblbl7HmX7Z%2FDDKNujsPEs%2FrzxC5c7a37973%2BfHNGrK7pjQ9DhIOdaAk%2FZPMszYoftQLrjgg5NWyTFdwSnjx4qrS8A%2Fub7JMaf%2FvyQWPCepP49sfHbBOa%2FQmD5nKcBgd5zVgCkDn%2BcRUmCwuyIs%2Bx8kxXEie5InL1FsnPzmf9545cewGO%2B%2BROC7BeP%2F%2BJ7%2F0b%2F5W%2F9hNjJHYmTO3LAf9sge%2F%2B7z2dR2fhgFpVp4%2BNpnOEA1%2FAC7DyDGWr8iY7OZZQ4aj99%2BoOufQlc3B8tUJqNYOjgcJ82fihhx0HJIEps1PhrNV0jy8hTT8qTMI9HRm%2BgBnGC0hRH4T2B%2BFNrRWz8svGzn%2FzcA2V%2F2fkjgpNPSJJ%2F1vwvL8vid9tt6KDK9mC4R3uYoRs7CtpO1LZvYi9%2BnGYwgNm3gnf43jv05dkzOj3B2yQaLhlJE4cKcGRHMZjKuAE8fIfuFUshu915vQ3gxSPr57YHh%2BPT9JYdaZk6lpK9neqY5avx3EnDoj8v0Kqk1jszP1OnXrgyULqsd%2Bv55lCPtPlJT3sr0XSGk9Z2YEL2GFWBsj2vprLV8Vrm4DSrfavsLm636xM%2Br8zOnMMZVjmrjjcJpzJTYbWjKdjHrmXO56VvRHKxuM3Ts5CcZ1NvMJD9wGS7taYttqNpa091hgJNqdXpduMA5jxTF9XZmW01qC344xTo3bWSKpJ%2BW2Rn1AqzNQxXeq3ejk2QDffKsLesWUdJmECAlsJsoYIPSF8myurg3K7UzDxwZqFOC48ZqS4vLsFk4EmnUjunp75dbzs7cYoCl9%2BzHZ0DreMuP9Lieh1ZarzmmVq2DuloDVWjUMKDMhqO6Enat1DMrtUqbKE5lXnSYsUrQXDSl7QctjjkzY3Ixrdp3n0NHgnyF4%2F%2Fs%2FFgBEf3xI5%2F9%2BPra2M6X0jdnr5bzkbz6%2BvPHv3zNx6o8aT95EvIcflXPWlHMQqTzHrSpp%2B0Sxx%2BOVvKg3MQGXn9wBau9dNsoYDwDt3zJucZ7axVW%2B535oPFpk%2FpPf7AViPF4XYbwzkdQVwXY5rrS2JYDipfMlimpa82sm35cagOJ7d21wsdnVltujVSRn4Qp93uIIrhBhaHTT4fHRjEcXo3m%2Fa7I6133E5GHnSGoTxIrN0G%2B2PJS0ZbXue5HrudTU%2Fa1ptrdN3rJQN5voiRVCWjliGiVJEpfgaMZbxis6C1HeRluu2aE7TJQM%2FtcEMqySdHQ4sSxYuj2DssWbThboXTahVq9dQ5CHnJysPzbpxOWY0Z3xb9A4UUnj8hmEywzzvJaYyU023i9MN6os%2BUItsMJrHrecLclCXrePQkfZ6uWbxLfWOU0cx2RZlGTsncmBqPcC8LJHcGN0qZcfPDzC8XGLLFaaloZ2htzO3Q5YIhPqVLOfcOpmPsotPRWAJL2Co9pbU%2FHQcnKeyqyWRmb3X5tBxY3oYK%2B5BfxYU2Yrf1wDCi4bKMB%2FEeMSqmy1Y%2FZJdUtxRGVGIypoe0YB4FwZGVA6RLBUq0zR6dIq%2FK6glXJWVkKYkhLNHYw%2Ftoty7lni5Art5IPZvh5T5olePTTAbKZkTrvrKvoeZvPJgvbG6o7sW1fVrs1dSZKuqgCn1vtzOpcZrX7GgmrKA91HhfAlU8HZ%2FL1%2BT7JnSqXZxgG30L3ACe7jDf%2BOPra7U3nVxfv%2FrtC8PTd9ttO0lQHD10PVRlFgzbDOiItABo0LYTBDNcoLRNMxxLA55tczxknQ4NaCQwLqQtAQCxYyHHQVyH411nx3dYcBOH%2Bx9cXy%2FUxUi%2Bvv7hBCHnCl6tjMnjH19f9%2BV5b6YaC%2FWSx1%2F1oiCGCbrKPHRloTS7nLq5uSFp%2FKLxxkgaNUjif7G34iYp888e%2FcNXN3DoVP%2Bn0Db91fo0D1pLxDr9JfpkkHPp5p3FWM64%2Frju56Lr2ag%2FKCjVDeX9dhi7w5bGMUZVb0wQl9wYyYUUupnp82Jv5joUNeuaHhVSSDHLPh7P8go7PV%2BiQdjJRNUS1zSod2EpubDbQTjWTpnuDnfmcsMlqRFJuhlUxsq0VdxdeawmHZalGYlJKfdlE4ozZ6BwiB%2BO7TMwHLuPh2uPEhGHam%2B7E5YHsDL5up7Iqw0AE%2F5cjKrScG1VXAkSEm7LjFm3lplMj3fK5LTnUhirFFBrYbtrIaeFVlKY4RINEn%2Bv70aIT6aSh8EsToqjkTN%2BNGcn6Xy1memsOtyVPSu%2B1ac%2BFqOlXmecAoZRMFhs%2B265XJhYGubRZCDOcko75iZ3jEqjUEdeeZzzvbEF4Xjf3e4n7uZot2QHLnaScwpFagqc%2FQKotd%2FtplsqkxNRG2exyQpnHS9UPomXEj5ySh8c172eY%2BcnTp3PTCaVMy3TCiHUhvKsiKZCFc3jI5%2FnRsbQLW0%2F1%2Bo0mUZiuiw1%2BxhO9ljpSp3dqa7cgznjVygNBbpT0dIsSMA4WzNneKi6zi21XIin7XDbx8sdr69nUuCVhq4X9RrMTc6YslVOrYuZcOZPxX6E1MW%2BNEPUqheRYgJjNWFUbtmV9XzNBPFX6vN5QltfTE8%2BftkQ%2F%2BNrxEcvHn%2FvD6b%2F%2Bp6zJdC6Iyn6KSl84T9Lv0v2SZPA7DsPc3CR3JHCvyPQf0rS%2FGvPszh58fgfmQcjlt98bvlJ8wPLT%2Fz3X09uKX51hTgXuAjQyHJFy%2BUhcESXFS0oUoi3OEiRLH1p%2F%2Bmjf%2F9fAAAA%2F%2F8BAAD%2F%2Fw%2BfCEzpDAAA IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /ren.gif?sid=H4sIAAAAAAAC%2F3RWTagkWVbOrGlBnIXYuFEQHvPsQcF8eeMvI6LbocjIjMz4yZ%2BI%2FH2ZFKY3Im5k3Mz4y%2FjPWA2OyLgQqlcjuHl1q3vacUbHFsSVIK%2FdSCHY5UKrwRZBXOsIriVflfQI3YeIuOfGuYtz7vd9h%2FN7z%2FLPG4Dk8JUxjmrs%2B7DN3YCrX1vj0InK9GqyuKLADXjvao3DDvveVXX5JMW7FOBuwK9fDZF9jNo0oACgAHU1wAlyo6r9ECU4%2FpFI3YjghqVvKI4lVfL%2F92neJClsEqf4vPE2wc7Ln%2FH%2B7mOC7XsSBn%2FeR%2Bkxi%2BLfkIPch1mUkML5aBkew6gMSfCF6yZN4oYfvTlNovRlo%2FGHj0gUfvSmAhIVH1wqIBZ%2B2Wj%2BE0Ws8KM3aRKr%2BPB1ppZPUEgs5%2BukLO4J8u8JhvfEjr5DsPNpgxDbIZMpCYPvT6KkhOfXUXiJvmy89T%2F%2FTXD5svHWv%2FwiCYM%2Fk3xcXc0jP89wFKakcu8Iru4J3t%2BTOP%2BEZHWT4PITYme%2FQ7DTIGFwR7Dz6lcF0RIECggt0EFci6VpsWXZtNtCtgBZyNMsLYgPV4PxPcHuPfHRUwLTJskvL26S3G2SPG6SwHl1BTnRBYB3LZdhBNa2bYaxbU7oOJzDsIILSG5fcn9Ksvgpsf2nxE6%2BTeLk2%2BSI3%2F%2BUe5sk%2Bd%2BQ1LsjqdMkadYghXNHStQgZdogJWyQEjdImTVIWdx96Pgpnd593%2FHT3KLerPSblbl7HmX7Z%2FDDKNujsPEs%2FrzxC5c7a37973%2BfHNGrK7pjQ9DhIOdaAk%2FZPMszYoftQLrjgg5NWyTFdwSnjx4qrS8A%2Fub7JMaf%2FvyQWPCepP49sfHbBOa%2FQmD5nKcBgd5zVgCkDn%2BcRUmCwuyIs%2Bx8kxXEie5InL1FsnPzmf9545cewGO%2B%2BROC7BeP%2F%2BJ7%2F0b%2F5W%2F9hNjJHYmTO3LAf9sge%2F%2B7z2dR2fhgFpVp4%2BNpnOEA1%2FAC7DyDGWr8iY7OZZQ4aj99%2BoOufQlc3B8tUJqNYOjgcJ82fihhx0HJIEps1PhrNV0jy8hTT8qTMI9HRm%2BgBnGC0hRH4T2B%2BFNrRWz8svGzn%2FzcA2V%2F2fkjgpNPSJJ%2F1vwvL8vid9tt6KDK9mC4R3uYoRs7CtpO1LZvYi9%2BnGYwgNm3gnf43jv05dkzOj3B2yQaLhlJE4cKcGRHMZjKuAE8fIfuFUshu915vQ3gxSPr57YHh%2BPT9JYdaZk6lpK9neqY5avx3EnDoj8v0Kqk1jszP1OnXrgyULqsd%2Bv55lCPtPlJT3sr0XSGk9Z2YEL2GFWBsj2vprLV8Vrm4DSrfavsLm636xM%2Br8zOnMMZVjmrjjcJpzJTYbWjKdjHrmXO56VvRHKxuM3Ts5CcZ1NvMJD9wGS7taYttqNpa091hgJNqdXpduMA5jxTF9XZmW01qC344xTo3bWSKpJ%2BW2Rn1AqzNQxXeq3ejk2QDffKsLesWUdJmECAlsJsoYIPSF8myurg3K7UzDxwZqFOC48ZqS4vLsFk4EmnUjunp75dbzs7cYoCl9%2BzHZ0DreMuP9Lieh1ZarzmmVq2DuloDVWjUMKDMhqO6Enat1DMrtUqbKE5lXnSYsUrQXDSl7QctjjkzY3Ixrdp3n0NHgnyF4%2F%2Fs%2FFgBEf3xI5%2F9%2BPra2M6X0jdnr5bzkbz6%2BvPHv3zNx6o8aT95EvIcflXPWlHMQqTzHrSpp%2B0Sxx%2BOVvKg3MQGXn9wBau9dNsoYDwDt3zJucZ7axVW%2B535oPFpk%2FpPf7AViPF4XYbwzkdQVwXY5rrS2JYDipfMlimpa82sm35cagOJ7d21wsdnVltujVSRn4Qp93uIIrhBhaHTT4fHRjEcXo3m%2Fa7I6133E5GHnSGoTxIrN0G%2B2PJS0ZbXue5HrudTU%2Fa1ptrdN3rJQN5voiRVCWjliGiVJEpfgaMZbxis6C1HeRluu2aE7TJQM%2FtcEMqySdHQ4sSxYuj2DssWbThboXTahVq9dQ5CHnJysPzbpxOWY0Z3xb9A4UUnj8hmEywzzvJaYyU023i9MN6os%2BUItsMJrHrecLclCXrePQkfZ6uWbxLfWOU0cx2RZlGTsncmBqPcC8LJHcGN0qZcfPDzC8XGLLFaaloZ2htzO3Q5YIhPqVLOfcOpmPsotPRWAJL2Co9pbU%2FHQcnKeyqyWRmb3X5tBxY3oYK%2B5BfxYU2Yrf1wDCi4bKMB%2FEeMSqmy1Y%2FZJdUtxRGVGIypoe0YB4FwZGVA6RLBUq0zR6dIq%2FK6glXJWVkKYkhLNHYw%2Ftoty7lni5Art5IPZvh5T5olePTTAbKZkTrvrKvoeZvPJgvbG6o7sW1fVrs1dSZKuqgCn1vtzOpcZrX7GgmrKA91HhfAlU8HZ%2FL1%2BT7JnSqXZxgG30L3ACe7jDf%2BOPra7U3nVxfv%2FrtC8PTd9ttO0lQHD10PVRlFgzbDOiItABo0LYTBDNcoLRNMxxLA55tczxknQ4NaCQwLqQtAQCxYyHHQVyH411nx3dYcBOH%2Bx9cXy%2FUxUi%2Bvv7hBCHnCl6tjMnjH19f9%2BV5b6YaC%2FWSx1%2F1oiCGCbrKPHRloTS7nLq5uSFp%2FKLxxkgaNUjif7G34iYp888e%2FcNXN3DoVP%2Bn0Db91fo0D1pLxDr9JfpkkHPp5p3FWM64%2Frju56Lr2ag%2FKCjVDeX9dhi7w5bGMUZVb0wQl9wYyYUUupnp82Jv5joUNeuaHhVSSDHLPh7P8go7PV%2BiQdjJRNUS1zSod2EpubDbQTjWTpnuDnfmcsMlqRFJuhlUxsq0VdxdeawmHZalGYlJKfdlE4ozZ6BwiB%2BO7TMwHLuPh2uPEhGHam%2B7E5YHsDL5up7Iqw0AE%2F5cjKrScG1VXAkSEm7LjFm3lplMj3fK5LTnUhirFFBrYbtrIaeFVlKY4RINEn%2Bv70aIT6aSh8EsToqjkTN%2BNGcn6Xy1memsOtyVPSu%2B1ac%2BFqOlXmecAoZRMFhs%2B265XJhYGubRZCDOcko75iZ3jEqjUEdeeZzzvbEF4Xjf3e4n7uZot2QHLnaScwpFagqc%2FQKotd%2FtplsqkxNRG2exyQpnHS9UPomXEj5ySh8c172eY%2BcnTp3PTCaVMy3TCiHUhvKsiKZCFc3jI5%2FnRsbQLW0%2F1%2Bo0mUZiuiw1%2BxhO9ljpSp3dqa7cgznjVygNBbpT0dIsSMA4WzNneKi6zi21XIin7XDbx8sdr69nUuCVhq4X9RrMTc6YslVOrYuZcOZPxX6E1MW%2BNEPUqheRYgJjNWFUbtmV9XzNBPFX6vN5QltfTE8%2BftkQ%2F%2BNrxEcvHn%2FvD6b%2F%2Bp6zJdC6Iyn6KSl84T9Lv0v2SZPA7DsPc3CR3JHCvyPQf0rS%2FGvPszh58fgfmQcjlt98bvlJ8wPLT%2Fz3X09uKX51hTgXuAjQyHJFy%2BUhcESXFS0oUoi3OEiRLH1p%2F%2Bmjf%2F9fAAAA%2F%2F8BAAD%2F%2Fw%2BfCEzpDAAA HTTP/1.1
Host: centeredfailinghotline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Cookie: u_pl=17550729; uid_id2=89b88108-06e5-4229-bc2f-ec8a4a724289:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 29 Dec 2022 03:00:52 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 553cb2c5f051acd13a41f42b293ed16e
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashf06ab215397bc35b186de07d378dc747 5d95d40b3e93b3930b98406e1251c70ff0041fa2 ed4a82f1419f3142a7e8ed6b2056d5cd5c3617acd1745250fbf901c873fa84e8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "ED4A82F1419F3142A7E8ED6B2056D5CD5C3617ACD1745250FBF901C873FA84E8"
Last-Modified: Tue, 27 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18554
Expires: Thu, 29 Dec 2022 08:10:06 GMT
Date: Thu, 29 Dec 2022 03:00:52 GMT
Connection: keep-alive
|
|
| cdn.creative-bars1.com/sb/notifications/rtb/windows/2/img/number.png | 172.64.109.13 | 200 OK | 1.1 kB |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/rtb/windows/2/img/number.png IP172.64.109.13:0
File typePNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced\012- data Hash9e4414e85c588bf7db195e49c02ab2bb 09254e79b255f1b2dfe45adbbe44583a4b433782 0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762
GET /sb/notifications/rtb/windows/2/img/number.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:52 GMT
content-type: image/png
content-length: 1138
last-modified: Mon, 17 May 2021 11:56:20 GMT
etag: "60a259e4-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 3762410
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhrB5eQuIDxTf%2B50UQrYcMKFwDSd6Cj1jLWj77yzhk28J7WgHjk0u7oiUttayDhqw00%2B6WqS9GJg2diEOvRzkvlfTbw1RAHVn9mpighpeiyXuwnTvkMC55lBLKKQ47FxXp1gggxcg3wu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 780f49b389ba7744-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash794630798ece5fdc7622c5736cfc8c4c b88d8c63c8c85072202fb76e4106789df8394ff3 aa8225bea6518ce7a35b1dcdd5ae62b217b5720d9d9143f9ae4360e8614c0c18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 03:00:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash3e9fa1ca4dc5ca7d57295815bdb5a6bf b61d07ece5d11b6a53a04dee338bee57644a2a63 a96e007c184478cfdd921cdd38e48cac79696d0768914af8b0d4af19fa36c255
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2877
Cache-Control: max-age=136799
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 03:00:52 GMT
Etag: "63ac6b07-117"
Expires: Fri, 30 Dec 2022 17:00:51 GMT
Last-Modified: Wed, 28 Dec 2022 16:12:55 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
|
|
| cdn.barscreative1.com/sb/notifications/rtb/windows/2/index.html | 45.133.44.4 | 200 OK | 449 B |
URL HTTP/2cdn.barscreative1.com/sb/notifications/rtb/windows/2/index.html IP45.133.44.4:0 ASN#39572 DataWeb Global Group B.V.
File typeHTML document text\012- HTML document, ASCII text Hash2bf6314ac8fe23cf9f7c15857bf0ee4d 9ee372c110736ce2dc9ba7856ae279d8106f4745 aa7456703f73b27bb4e9f5bcd828a04fa38d12b1285c3f009051bb20689cae52
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sb/notifications/rtb/windows/2/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:52 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Mon, 17 May 2021 11:56:17 GMT
etag: W/"60a259e1-4b7"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Thu, 29 Dec 2022 04:00:52 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashf06ab215397bc35b186de07d378dc747 5d95d40b3e93b3930b98406e1251c70ff0041fa2 ed4a82f1419f3142a7e8ed6b2056d5cd5c3617acd1745250fbf901c873fa84e8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "ED4A82F1419F3142A7E8ED6B2056D5CD5C3617ACD1745250FBF901C873FA84E8"
Last-Modified: Tue, 27 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18554
Expires: Thu, 29 Dec 2022 08:10:06 GMT
Date: Thu, 29 Dec 2022 03:00:52 GMT
Connection: keep-alive
|
|
| cdn.creative-bars1.com/sb/notifications/rtb/windows/2/img/close.png | 172.64.109.13 | 200 OK | 6.3 kB |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/rtb/windows/2/img/close.png IP172.64.109.13:0
File typePNG image data, 500 x 500, 8-bit gray+alpha, non-interlaced\012- data Hashfa3847143b5b8c7823d091ca8e88289f eb32235cc1d642145643b4a218742564df1db6d9 a78f358b462449955b39bd7957586ab99c75c8ab453975f4789e72d55d921cea
GET /sb/notifications/rtb/windows/2/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:52 GMT
content-type: image/png
content-length: 6318
last-modified: Mon, 17 May 2021 11:56:20 GMT
etag: "60a259e4-18ae"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 3762543
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9L9aUoV4s9IaWVs75MLhRSQG6IZgPzHgOH2rakm5iIqoTFOfXUqt9vJ3B%2FWnwU0SvhhhJH%2F1O%2BAx1zZ3UBSAN5NtqXUk0nYcfJ43ay2QaqkcEjxbgPsCDCgkp8UU23K9r%2BCgJ0B57CK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 780f49b3fd71745f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash794630798ece5fdc7622c5736cfc8c4c b88d8c63c8c85072202fb76e4106789df8394ff3 aa8225bea6518ce7a35b1dcdd5ae62b217b5720d9d9143f9ae4360e8614c0c18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 03:00:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash3e9fa1ca4dc5ca7d57295815bdb5a6bf b61d07ece5d11b6a53a04dee338bee57644a2a63 a96e007c184478cfdd921cdd38e48cac79696d0768914af8b0d4af19fa36c255
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2877
Cache-Control: max-age=136799
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 03:00:52 GMT
Etag: "63ac6b07-117"
Expires: Fri, 30 Dec 2022 17:00:51 GMT
Last-Modified: Wed, 28 Dec 2022 16:12:55 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
|
|
| adexchangegate.com/adx/openrtb/2/win.php?stamat=m%7C%2C%2Cwjdj93EWoGU3B5-GH0dEdHP3xP.108%2ChNyR2dWIcED6SFTYD1KC7j4xLHd5_YPdqk0pzvM25DB9nwFxlBP43-KVYEcblpnIGNXcAhndK3VYAzeHLlmpsAAFopaYavjYuSLj3e55KAtODALJCkZNLhadGnEFrb_YilMBhrLZ7K75C4ZROqJZhSJ2zCCrFESTpeBxrL-P9esHE17R0PUpV4tm-ZFuwsZAQNeYt0Cf65G1ruNkPJorHhpophjU4eY5X8qVVnJzOdj8uw4EGy_MsO4J3MXvDj1eH77qearNil7drqMeHqXrdDnzNKRHvtYFNpfhh8SQEBbkkhBKSsW4i_slPLt23ZV1QPu1E5M1MLiCtmBfRaYHwt5SjRlwTia4vqUHJyabYQZGf5mGiqsUEuhjQdP_oqkPU0b8ZHCH-gqkFqBnAIrNRcZKEqUFbhY1nDa7VpvJL4ZzFPPoGUwpFpge3Ii2w-Dn4U1Aw8L1rQ3QheJmSommk4EmeKBverJYgeqohxtzN5xrwobHrP8UeMhigo_WwECK8a5zYBCc37ED0-wMqRE0HYL2KlHgzaJlYhauTc5GIg9WcqTgIsdOHIFxnlh__Q1Msuz4LR8VacGJ7lB0xpOMyw%2C%2C&adx_price=0.07263 | 35.208.56.33 | 204 No Content | 0 B |
URL HTTP/1.1adexchangegate.com/adx/openrtb/2/win.php?stamat=m%7C%2C%2Cwjdj93EWoGU3B5-GH0dEdHP3xP.108%2ChNyR2dWIcED6SFTYD1KC7j4xLHd5_YPdqk0pzvM25DB9nwFxlBP43-KVYEcblpnIGNXcAhndK3VYAzeHLlmpsAAFopaYavjYuSLj3e55KAtODALJCkZNLhadGnEFrb_YilMBhrLZ7K75C4ZROqJZhSJ2zCCrFESTpeBxrL-P9esHE17R0PUpV4tm-ZFuwsZAQNeYt0Cf65G1ruNkPJorHhpophjU4eY5X8qVVnJzOdj8uw4EGy_MsO4J3MXvDj1eH77qearNil7drqMeHqXrdDnzNKRHvtYFNpfhh8SQEBbkkhBKSsW4i_slPLt23ZV1QPu1E5M1MLiCtmBfRaYHwt5SjRlwTia4vqUHJyabYQZGf5mGiqsUEuhjQdP_oqkPU0b8ZHCH-gqkFqBnAIrNRcZKEqUFbhY1nDa7VpvJL4ZzFPPoGUwpFpge3Ii2w-Dn4U1Aw8L1rQ3QheJmSommk4EmeKBverJYgeqohxtzN5xrwobHrP8UeMhigo_WwECK8a5zYBCc37ED0-wMqRE0HYL2KlHgzaJlYhauTc5GIg9WcqTgIsdOHIFxnlh__Q1Msuz4LR8VacGJ7lB0xpOMyw%2C%2C&adx_price=0.07263 IP35.208.56.33:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adx/openrtb/2/win.php?stamat=m%7C%2C%2Cwjdj93EWoGU3B5-GH0dEdHP3xP.108%2ChNyR2dWIcED6SFTYD1KC7j4xLHd5_YPdqk0pzvM25DB9nwFxlBP43-KVYEcblpnIGNXcAhndK3VYAzeHLlmpsAAFopaYavjYuSLj3e55KAtODALJCkZNLhadGnEFrb_YilMBhrLZ7K75C4ZROqJZhSJ2zCCrFESTpeBxrL-P9esHE17R0PUpV4tm-ZFuwsZAQNeYt0Cf65G1ruNkPJorHhpophjU4eY5X8qVVnJzOdj8uw4EGy_MsO4J3MXvDj1eH77qearNil7drqMeHqXrdDnzNKRHvtYFNpfhh8SQEBbkkhBKSsW4i_slPLt23ZV1QPu1E5M1MLiCtmBfRaYHwt5SjRlwTia4vqUHJyabYQZGf5mGiqsUEuhjQdP_oqkPU0b8ZHCH-gqkFqBnAIrNRcZKEqUFbhY1nDa7VpvJL4ZzFPPoGUwpFpge3Ii2w-Dn4U1Aw8L1rQ3QheJmSommk4EmeKBverJYgeqohxtzN5xrwobHrP8UeMhigo_WwECK8a5zYBCc37ED0-wMqRE0HYL2KlHgzaJlYhauTc5GIg9WcqTgIsdOHIFxnlh__Q1Msuz4LR8VacGJ7lB0xpOMyw%2C%2C&adx_price=0.07263 HTTP/1.1
Host: adexchangegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 204 No Content
Server: openresty
Date: Thu, 29 Dec 2022 03:00:52 GMT
Access-Control-Allow-Origin: *
Via: 1.1 google
|
|
| cdn.creative-bars1.com/sb/notifications/rtb/windows/2/css/style.css | 172.64.109.13 | 200 OK | 1.1 kB |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/rtb/windows/2/css/style.css IP172.64.109.13:0
Hasha06be620e07f025e08256b634ac9ea97 8340466b40ff2ab04bc2e59f446ea047cc099088 ee7e0caf4d54468f4e3ed843a59b3b4ee9757a3527b01b3c5738947b0bdf1686
GET /sb/notifications/rtb/windows/2/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:52 GMT
content-type: text/css
last-modified: Mon, 17 May 2021 12:00:36 GMT
etag: W/"60a25ae4-fe9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1538
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iK%2BG0%2BR8KEWFIoVHw4%2B%2BJ8BFwnxiSKzRrfCByTvPCyKJpkLf4FJe3430h7cnDR%2BUV5XcOXtgH%2BHxvYUocYkEe%2B8GYLLT8xYWFW4WLHkyaXNLJQ1SdYKCirMjxhmItY%2BsSaI%2FXhZnk614"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 780f49b389c77744-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| centeredfailinghotline.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fwindows%2F2%2Fjs%2Fscript.js&l=380&fd=139 | 192.243.59.13 | 200 OK | 0 B |
URL HTTP/1.1centeredfailinghotline.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fwindows%2F2%2Fjs%2Fscript.js&l=380&fd=139 IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fwindows%2F2%2Fjs%2Fscript.js&l=380&fd=139 HTTP/1.1
Host: centeredfailinghotline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Cookie: u_pl=17550729; uid_id2=89b88108-06e5-4229-bc2f-ec8a4a724289:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 29 Dec 2022 03:00:52 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/notifications/rtb/windows/2/js/script.js | 172.64.109.13 | 200 OK | 187 B |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/rtb/windows/2/js/script.js IP172.64.109.13:0
Hashdc9027a0e57815e9853ed73731cff3e5 a31fd5257c1d4f55477fd376319249059751aeed 9359275cfd559eef33f183a2a47260e17fc4842459ca818c8e86a98d37b68ef3
GET /sb/notifications/rtb/windows/2/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:52 GMT
content-type: application/javascript
last-modified: Mon, 17 May 2021 11:56:22 GMT
etag: W/"60a259e6-17c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1538
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HifozylmbyXW9DQIG53hh%2BZ%2Bi8eOCVxuxdyclwBfTMAXzxtaSKQX8O9Wnn2TtUU3mPELP2hggETGxYRYUEGYdjMOddMvSdBgE7%2Fv%2B1oXc5tlzrqy7v2AY3rqWWZ5j3bXvWZ0trJzvmYi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 780f49b389b97744-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash107c7b24cc9711281977c9e9094da7af 18e6f30a0dbc072380e414236b2a8296e7a7f6f6 c8a97836b9b198c55753dd8e72c0ae03fe473f02f098deb2c4145b677d19be08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 03:00:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 13:33:13 GMT
expires: Sat, 23 Dec 2023 13:33:13 GMT
cache-control: public, max-age=31536000
age: 480459
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| centeredfailinghotline.com/pixel/sbs?c=1 | 192.243.59.13 | 200 OK | 0 B |
URL HTTP/1.1centeredfailinghotline.com/pixel/sbs?c=1 IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pixel/sbs?c=1 HTTP/1.1
Host: centeredfailinghotline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Cookie: u_pl=17550729; uid_id2=89b88108-06e5-4229-bc2f-ec8a4a724289:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 29 Dec 2022 03:00:52 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash107c7b24cc9711281977c9e9094da7af 18e6f30a0dbc072380e414236b2a8296e7a7f6f6 c8a97836b9b198c55753dd8e72c0ae03fe473f02f098deb2c4145b677d19be08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 03:00:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| centeredfailinghotline.com/impr.gif?sid=H4sIAAAAAAAC%2F3RWTagkWVbOrGlBnIXYuFEQHvPsQcF8Gb8ZEd0ORUZmZMZP%2FkTk78ukML0R90bGzYy%2FjP%2BM1eCIjAuhejWCm1e3uqcdZ3RsQVwJ8tqNFIJdLrQabBHEtY7gWvJVSY%2FQfYiIe26cuzjnft93OL%2F3LP%2B8QZEcvDLHUY19H7T5G%2Brq19Y4hFGZXk0WVzR1Q713tcZhh3vvqrp8kuJdmuJvqF%2B%2FGiLnGLUZiqYomqKvBjhBblS1H6IExz%2BS6BuJuuGYG5rnSJX8%2F32aN0kKmgQWnzfeJhi%2B%2FBnv7z4m2LknYfDnfZQesyj%2BDSXIfZBFCSngR8vwGEZlSIIvXDdpEjf86M1pEqUvG40%2FfESi8KM3FZCo%2BOBSAbHxy0bzn2hihx%2B9SZPYxYevM7V9gkJiw6%2BTsrgnyL8nGNwTJ%2FoOwfDTBiEOJJMpCYPvT6KkBOfXUXCJvmy89T%2F%2FTXD5svHWv%2FwiCYM%2Fk31cXc0jP89wFKakcu8Iru4J3t%2BTOP%2BEZHWT4PIT4mS%2FQzBskDC4Ixi%2B%2BlVRskWRpsQW1UF8i2MYqWU7jNtCjgg4IDAcI0oPV4PxPcHuPfHRUwLSJskvL26S3G2SPG6SAL66ArzkUpTg2i7LipzjOCzrOLzYgTxkOdGlSO5ccn9KsvgpcfynxEm%2BTeLk2%2BSI3%2F%2BUf5sk%2Bd%2BQ1LsjKWySNGuQAt6REjVImTZICRqkxA1SZg1SFncfQj9l0rvvQz%2FNbfrNyrxZ2bvnUbZ%2FBj6Msj0KG8%2Fizxu%2FcLmz5tf%2F%2FvfJEb26YjoOoDo84F1bFGhH4ARW6nAdwHRcqsMwNknxHcHpo4dK6wuAv%2Fk%2BifGnPz8kNrgnqX9PHPw2AfmvEFA%2BFxiKAO85J1KkDn%2BcRUmCwuyIs%2Bx8kxUERnckzt4i2bn5zP%2B88UsP4LHf%2FAlBzovHf%2FG9f2P%2B8rd%2BQpzkjsTJHTngv22Qvf%2Fd57OobHwwi8q08fE0znCAa3ABdp6BDDX%2BxEDnMkqg1k%2Bf%2FqDrXAIX90cLlGYjEEIc7tPGD2UMIUoGUeKgxl9r6RrZZp56cp6EeTwyewMtiBOUpjgK7wnAn9or4uCXjZ%2F95OceKPvL8I8ITj4hSf5Z87%2B8LIvfbbcBRJXjgXCP9iBDN04UtGHUdm5iL36cZiAA2beCd4TeO8zl2bMGM8HbJBouWVmXhioFFaiabGXeUAJ4h%2BkVSzG73Xm9DSVIR87PHQ8Mx6fpLTfSM20sJ3snNTAnVOM5TMOiPy%2FQqqTXOys%2F06deuDJRuqx36%2FnmUI%2F0%2BclIeyvJgsNJazuwAHeMqkDdnldTxe54LWtwmtW%2BXXYXt9v1CZ9XVmfO4wxrvF3Hm4TX2Km42jE06GPXtubz0jcjpVjc5ulZTM6zqTcYKH5gcd1a1xfb0bS1pztDkaG16nS7gRR7nmmL6gxnWx3oC%2BE4pYzuWk1V2bgtsjNqhdkahCuj1m7HFpUN9%2Bqwt6w5qCZsIAJbZbdAxQdkLBN1dYC3Ky2zDrxVaNPCY0eaK0hLajLw5FOpn9NT36m3nZ00RYEr7LmOwVOt4y4%2FMtJ6HdlavBbYWrEP6WgNNLNQw4M6Go6YSdq3UcyttSpsoTmdefJiJahBcDKWjBK2eOTNzcjBt2nefQ0eCfIXj%2F%2Bz8WAER%2FfEiX%2F34%2BtrczpfyN2esVvORvPr688e%2FfM3HqjxpP3kS8hx%2BVc9aUcxCpPMftJmnrRLHH45W8oDPEissn5gC9%2F6abbQlPgO0%2FMm5xkD15qj9DvzwWLTp42ecOCqkQr53caEpyMV18WY4fuyFJaDypdNjm0Zq43i2H4casPJrdP1Qmiwq023RurID%2BK02x1EMdiA4rDJ56MDi3je6GbTfnek947bycgDcBgqg8TebbA%2Flr1ktBUMge9x29n0pG%2B9uc7UvV4yUOaLGMlVMmqZEkpVhRZmlLmMV1wWtLaDvEy3XWuCNhnVczv8kE7yydHUo0T14ij2DksObfhb8bRahXo9hQcxLzlleN6N0ymns%2BPbon%2BgkSoIJwSSCfYFmJzGSD3dJrAf1hNjphbZZjCJXc8T55Yi28ejJxvzdM3hXeqbo4xhtyvaMnNa4cf0eIR7WSC7M7BRy4yfH2Z%2BucCAK05LVT8De2Nthy4fDPEpXSq5d7CguYtOR3NJ2eJW7amt%2Fek4OMlhV0smM2drKKflwPY2dNgHwiou9BG3rQemGQ2XZTyI94jVMFO2%2BiG3pLulOKITi7U8pAfzKAiOnBIgQy5Qom%2F26BR5VVZP%2BCopI1tNTHGJxh7eR7t1qfQMEfD1Ru45rKD0qVY5Ps0USt2MGMNX9zXQ%2FY0H8oXDD7W9tHZOi72WwqmqDarQ93Y7ix6nec2NZuIKOENd8GWqiqfjc%2FmafN8EsNrFCXbQt6gbSmA67Df%2B%2BPpa600n19evfvvC8PTddttJEhRHD10PVZkNwjZLdSRGpBiq7SQIZLhAaZtheY6hBK7NC4CDHYZikMi6gLFFipI6NoIQ8R1ecOFO6HDUTRzuf3B9vdAWI%2BX6%2BocThOAVuFqZk8c%2Fvr7uK%2FPeTDMX2iWPv%2BpFQQwSdJV56MpGaXY5dXNzQ9L4ReONkTRqkMT%2FYm%2FHTVLmnz36h69u4ABW%2F6fQNvPV%2BrQOekvCBvMl%2BmQRvHTzzmKsZHx%2FXPdzyfUc1B8UtOaGyn47jN1hS%2BdZs6o3FhWX%2FBgphRy6meULUm%2FmQpqedS2PDmmkWmUfj2d5hWHPlxkq7GSSZktrhqp3YSm7oNtBONZPmeEOd9ZywyepGcmGFVTmynI03F15nC4flqUVSUmp9BULSDM4UHkkDMfOmTKh08fDtUdLiEe1t92JywO1soS6niirDUVNhHMxqkrTdTRpJcpIvC0zdt1aZgoz3qmT055PQazRlFaL210LwRZayWGGSzRI%2FL2xGyEhmcoepmZxUhzNnPWjOTdJ56vNzOC04a7s2fGtMfWxFC2NOuNVahgFg8W275bLhYXlYR5NBtIsp%2FVjbvHHqDQLbeSVx7nQG9sAjPfd7X7ibo5OS4FgsZPhKZToKQX3C0qr%2FW433dKZkkj6OIstTjwbeKEJSbyU8ZFX%2B9Rx3etBJz%2Fx2nxmsamS6ZleiKE%2BVGZFNBWraB4fhTw3M5Zp6fu5XqfJNJLSZak7x3Cyx2pX7uxOdeUerJmwQmkoMp2KkWdBQo2zNXsGh6oLb%2BnlQjpth9s%2BXu4EYz2TA680DaOo19Tc4s0pV%2BX0upiJZ%2BFU7EdIW%2BxLK0StehGpFmWuJqzGL7uKka%2FZIP5KfT5PGPuL6cnHLxvSf3yN%2BOjF4%2B%2F9wfRf34NbAuw7kqKfksIX%2FrP0u2SfNAnIvvMwBxfJHSn8OwL8pyTNv%2FY8i5MXj%2F%2BRfTBi%2B83ntp80P7D9xH%2F%2F9eSW4ldXPM0h0RYFB0IbOZAWGFZkKYqBkBMkREskS186f%2Fro3%2F8XAAD%2F%2FwEAAP%2F%2FG5eGqukMAAA%3D | 192.243.59.13 | 200 OK | 7 B |
URL HTTP/1.1centeredfailinghotline.com/impr.gif?sid=H4sIAAAAAAAC%2F3RWTagkWVbOrGlBnIXYuFEQHvPsQcF8Gb8ZEd0ORUZmZMZP%2FkTk78ukML0R90bGzYy%2FjP%2BM1eCIjAuhejWCm1e3uqcdZ3RsQVwJ8tqNFIJdLrQabBHEtY7gWvJVSY%2FQfYiIe26cuzjnft93OL%2F3LP%2B8QZEcvDLHUY19H7T5G%2Brq19Y4hFGZXk0WVzR1Q713tcZhh3vvqrp8kuJdmuJvqF%2B%2FGiLnGLUZiqYomqKvBjhBblS1H6IExz%2BS6BuJuuGYG5rnSJX8%2F32aN0kKmgQWnzfeJhi%2B%2FBnv7z4m2LknYfDnfZQesyj%2BDSXIfZBFCSngR8vwGEZlSIIvXDdpEjf86M1pEqUvG40%2FfESi8KM3FZCo%2BOBSAbHxy0bzn2hihx%2B9SZPYxYevM7V9gkJiw6%2BTsrgnyL8nGNwTJ%2FoOwfDTBiEOJJMpCYPvT6KkBOfXUXCJvmy89T%2F%2FTXD5svHWv%2FwiCYM%2Fk31cXc0jP89wFKakcu8Iru4J3t%2BTOP%2BEZHWT4PIT4mS%2FQzBskDC4Ixi%2B%2BlVRskWRpsQW1UF8i2MYqWU7jNtCjgg4IDAcI0oPV4PxPcHuPfHRUwLSJskvL26S3G2SPG6SAL66ArzkUpTg2i7LipzjOCzrOLzYgTxkOdGlSO5ccn9KsvgpcfynxEm%2BTeLk2%2BSI3%2F%2BUf5sk%2Bd%2BQ1LsjKWySNGuQAt6REjVImTZICRqkxA1SZg1SFncfQj9l0rvvQz%2FNbfrNyrxZ2bvnUbZ%2FBj6Msj0KG8%2Fizxu%2FcLmz5tf%2F%2FvfJEb26YjoOoDo84F1bFGhH4ARW6nAdwHRcqsMwNknxHcHpo4dK6wuAv%2Fk%2BifGnPz8kNrgnqX9PHPw2AfmvEFA%2BFxiKAO85J1KkDn%2BcRUmCwuyIs%2Bx8kxUERnckzt4i2bn5zP%2B88UsP4LHf%2FAlBzovHf%2FG9f2P%2B8rd%2BQpzkjsTJHTngv22Qvf%2Fd57OobHwwi8q08fE0znCAa3ABdp6BDDX%2BxEDnMkqg1k%2Bf%2FqDrXAIX90cLlGYjEEIc7tPGD2UMIUoGUeKgxl9r6RrZZp56cp6EeTwyewMtiBOUpjgK7wnAn9or4uCXjZ%2F95OceKPvL8I8ITj4hSf5Z87%2B8LIvfbbcBRJXjgXCP9iBDN04UtGHUdm5iL36cZiAA2beCd4TeO8zl2bMGM8HbJBouWVmXhioFFaiabGXeUAJ4h%2BkVSzG73Xm9DSVIR87PHQ8Mx6fpLTfSM20sJ3snNTAnVOM5TMOiPy%2FQqqTXOys%2F06deuDJRuqx36%2FnmUI%2F0%2BclIeyvJgsNJazuwAHeMqkDdnldTxe54LWtwmtW%2BXXYXt9v1CZ9XVmfO4wxrvF3Hm4TX2Km42jE06GPXtubz0jcjpVjc5ulZTM6zqTcYKH5gcd1a1xfb0bS1pztDkaG16nS7gRR7nmmL6gxnWx3oC%2BE4pYzuWk1V2bgtsjNqhdkahCuj1m7HFpUN9%2Bqwt6w5qCZsIAJbZbdAxQdkLBN1dYC3Ky2zDrxVaNPCY0eaK0hLajLw5FOpn9NT36m3nZ00RYEr7LmOwVOt4y4%2FMtJ6HdlavBbYWrEP6WgNNLNQw4M6Go6YSdq3UcyttSpsoTmdefJiJahBcDKWjBK2eOTNzcjBt2nefQ0eCfIXj%2F%2Bz8WAER%2FfEiX%2F34%2BtrczpfyN2esVvORvPr688e%2FfM3HqjxpP3kS8hx%2BVc9aUcxCpPMftJmnrRLHH45W8oDPEissn5gC9%2F6abbQlPgO0%2FMm5xkD15qj9DvzwWLTp42ecOCqkQr53caEpyMV18WY4fuyFJaDypdNjm0Zq43i2H4casPJrdP1Qmiwq023RurID%2BK02x1EMdiA4rDJ56MDi3je6GbTfnek947bycgDcBgqg8TebbA%2Flr1ktBUMge9x29n0pG%2B9uc7UvV4yUOaLGMlVMmqZEkpVhRZmlLmMV1wWtLaDvEy3XWuCNhnVczv8kE7yydHUo0T14ij2DksObfhb8bRahXo9hQcxLzlleN6N0ymns%2BPbon%2BgkSoIJwSSCfYFmJzGSD3dJrAf1hNjphbZZjCJXc8T55Yi28ejJxvzdM3hXeqbo4xhtyvaMnNa4cf0eIR7WSC7M7BRy4yfH2Z%2BucCAK05LVT8De2Nthy4fDPEpXSq5d7CguYtOR3NJ2eJW7amt%2Fek4OMlhV0smM2drKKflwPY2dNgHwiou9BG3rQemGQ2XZTyI94jVMFO2%2BiG3pLulOKITi7U8pAfzKAiOnBIgQy5Qom%2F26BR5VVZP%2BCopI1tNTHGJxh7eR7t1qfQMEfD1Ru45rKD0qVY5Ps0USt2MGMNX9zXQ%2FY0H8oXDD7W9tHZOi72WwqmqDarQ93Y7ix6nec2NZuIKOENd8GWqiqfjc%2FmafN8EsNrFCXbQt6gbSmA67Df%2B%2BPpa600n19evfvvC8PTddttJEhRHD10PVZkNwjZLdSRGpBiq7SQIZLhAaZtheY6hBK7NC4CDHYZikMi6gLFFipI6NoIQ8R1ecOFO6HDUTRzuf3B9vdAWI%2BX6%2BocThOAVuFqZk8c%2Fvr7uK%2FPeTDMX2iWPv%2BpFQQwSdJV56MpGaXY5dXNzQ9L4ReONkTRqkMT%2FYm%2FHTVLmnz36h69u4ABW%2F6fQNvPV%2BrQOekvCBvMl%2BmQRvHTzzmKsZHx%2FXPdzyfUc1B8UtOaGyn47jN1hS%2BdZs6o3FhWX%2FBgphRy6meULUm%2FmQpqedS2PDmmkWmUfj2d5hWHPlxkq7GSSZktrhqp3YSm7oNtBONZPmeEOd9ZywyepGcmGFVTmynI03F15nC4flqUVSUmp9BULSDM4UHkkDMfOmTKh08fDtUdLiEe1t92JywO1soS6niirDUVNhHMxqkrTdTRpJcpIvC0zdt1aZgoz3qmT055PQazRlFaL210LwRZayWGGSzRI%2FL2xGyEhmcoepmZxUhzNnPWjOTdJ56vNzOC04a7s2fGtMfWxFC2NOuNVahgFg8W275bLhYXlYR5NBtIsp%2FVjbvHHqDQLbeSVx7nQG9sAjPfd7X7ibo5OS4FgsZPhKZToKQX3C0qr%2FW433dKZkkj6OIstTjwbeKEJSbyU8ZFX%2B9Rx3etBJz%2Fx2nxmsamS6ZleiKE%2BVGZFNBWraB4fhTw3M5Zp6fu5XqfJNJLSZak7x3Cyx2pX7uxOdeUerJmwQmkoMp2KkWdBQo2zNXsGh6oLb%2BnlQjpth9s%2BXu4EYz2TA680DaOo19Tc4s0pV%2BX0upiJZ%2BFU7EdIW%2BxLK0StehGpFmWuJqzGL7uKka%2FZIP5KfT5PGPuL6cnHLxvSf3yN%2BOjF4%2B%2F9wfRf34NbAuw7kqKfksIX%2FrP0u2SfNAnIvvMwBxfJHSn8OwL8pyTNv%2FY8i5MXj%2F%2BRfTBi%2B83ntp80P7D9xH%2F%2F9eSW4ldXPM0h0RYFB0IbOZAWGFZkKYqBkBMkREskS186f%2Fro3%2F8XAAD%2F%2FwEAAP%2F%2FG5eGqukMAAA%3D IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /impr.gif?sid=H4sIAAAAAAAC%2F3RWTagkWVbOrGlBnIXYuFEQHvPsQcF8Gb8ZEd0ORUZmZMZP%2FkTk78ukML0R90bGzYy%2FjP%2BM1eCIjAuhejWCm1e3uqcdZ3RsQVwJ8tqNFIJdLrQabBHEtY7gWvJVSY%2FQfYiIe26cuzjnft93OL%2F3LP%2B8QZEcvDLHUY19H7T5G%2Brq19Y4hFGZXk0WVzR1Q713tcZhh3vvqrp8kuJdmuJvqF%2B%2FGiLnGLUZiqYomqKvBjhBblS1H6IExz%2BS6BuJuuGYG5rnSJX8%2F32aN0kKmgQWnzfeJhi%2B%2FBnv7z4m2LknYfDnfZQesyj%2BDSXIfZBFCSngR8vwGEZlSIIvXDdpEjf86M1pEqUvG40%2FfESi8KM3FZCo%2BOBSAbHxy0bzn2hihx%2B9SZPYxYevM7V9gkJiw6%2BTsrgnyL8nGNwTJ%2FoOwfDTBiEOJJMpCYPvT6KkBOfXUXCJvmy89T%2F%2FTXD5svHWv%2FwiCYM%2Fk31cXc0jP89wFKakcu8Iru4J3t%2BTOP%2BEZHWT4PIT4mS%2FQzBskDC4Ixi%2B%2BlVRskWRpsQW1UF8i2MYqWU7jNtCjgg4IDAcI0oPV4PxPcHuPfHRUwLSJskvL26S3G2SPG6SAL66ArzkUpTg2i7LipzjOCzrOLzYgTxkOdGlSO5ccn9KsvgpcfynxEm%2BTeLk2%2BSI3%2F%2BUf5sk%2Bd%2BQ1LsjKWySNGuQAt6REjVImTZICRqkxA1SZg1SFncfQj9l0rvvQz%2FNbfrNyrxZ2bvnUbZ%2FBj6Msj0KG8%2Fizxu%2FcLmz5tf%2F%2FvfJEb26YjoOoDo84F1bFGhH4ARW6nAdwHRcqsMwNknxHcHpo4dK6wuAv%2Fk%2BifGnPz8kNrgnqX9PHPw2AfmvEFA%2BFxiKAO85J1KkDn%2BcRUmCwuyIs%2Bx8kxUERnckzt4i2bn5zP%2B88UsP4LHf%2FAlBzovHf%2FG9f2P%2B8rd%2BQpzkjsTJHTngv22Qvf%2Fd57OobHwwi8q08fE0znCAa3ABdp6BDDX%2BxEDnMkqg1k%2Bf%2FqDrXAIX90cLlGYjEEIc7tPGD2UMIUoGUeKgxl9r6RrZZp56cp6EeTwyewMtiBOUpjgK7wnAn9or4uCXjZ%2F95OceKPvL8I8ITj4hSf5Z87%2B8LIvfbbcBRJXjgXCP9iBDN04UtGHUdm5iL36cZiAA2beCd4TeO8zl2bMGM8HbJBouWVmXhioFFaiabGXeUAJ4h%2BkVSzG73Xm9DSVIR87PHQ8Mx6fpLTfSM20sJ3snNTAnVOM5TMOiPy%2FQqqTXOys%2F06deuDJRuqx36%2FnmUI%2F0%2BclIeyvJgsNJazuwAHeMqkDdnldTxe54LWtwmtW%2BXXYXt9v1CZ9XVmfO4wxrvF3Hm4TX2Km42jE06GPXtubz0jcjpVjc5ulZTM6zqTcYKH5gcd1a1xfb0bS1pztDkaG16nS7gRR7nmmL6gxnWx3oC%2BE4pYzuWk1V2bgtsjNqhdkahCuj1m7HFpUN9%2Bqwt6w5qCZsIAJbZbdAxQdkLBN1dYC3Ky2zDrxVaNPCY0eaK0hLajLw5FOpn9NT36m3nZ00RYEr7LmOwVOt4y4%2FMtJ6HdlavBbYWrEP6WgNNLNQw4M6Go6YSdq3UcyttSpsoTmdefJiJahBcDKWjBK2eOTNzcjBt2nefQ0eCfIXj%2F%2Bz8WAER%2FfEiX%2F34%2BtrczpfyN2esVvORvPr688e%2FfM3HqjxpP3kS8hx%2BVc9aUcxCpPMftJmnrRLHH45W8oDPEissn5gC9%2F6abbQlPgO0%2FMm5xkD15qj9DvzwWLTp42ecOCqkQr53caEpyMV18WY4fuyFJaDypdNjm0Zq43i2H4casPJrdP1Qmiwq023RurID%2BK02x1EMdiA4rDJ56MDi3je6GbTfnek947bycgDcBgqg8TebbA%2Flr1ktBUMge9x29n0pG%2B9uc7UvV4yUOaLGMlVMmqZEkpVhRZmlLmMV1wWtLaDvEy3XWuCNhnVczv8kE7yydHUo0T14ij2DksObfhb8bRahXo9hQcxLzlleN6N0ymns%2BPbon%2BgkSoIJwSSCfYFmJzGSD3dJrAf1hNjphbZZjCJXc8T55Yi28ejJxvzdM3hXeqbo4xhtyvaMnNa4cf0eIR7WSC7M7BRy4yfH2Z%2BucCAK05LVT8De2Nthy4fDPEpXSq5d7CguYtOR3NJ2eJW7amt%2Fek4OMlhV0smM2drKKflwPY2dNgHwiou9BG3rQemGQ2XZTyI94jVMFO2%2BiG3pLulOKITi7U8pAfzKAiOnBIgQy5Qom%2F26BR5VVZP%2BCopI1tNTHGJxh7eR7t1qfQMEfD1Ru45rKD0qVY5Ps0USt2MGMNX9zXQ%2FY0H8oXDD7W9tHZOi72WwqmqDarQ93Y7ix6nec2NZuIKOENd8GWqiqfjc%2FmafN8EsNrFCXbQt6gbSmA67Df%2B%2BPpa600n19evfvvC8PTddttJEhRHD10PVZkNwjZLdSRGpBiq7SQIZLhAaZtheY6hBK7NC4CDHYZikMi6gLFFipI6NoIQ8R1ecOFO6HDUTRzuf3B9vdAWI%2BX6%2BocThOAVuFqZk8c%2Fvr7uK%2FPeTDMX2iWPv%2BpFQQwSdJV56MpGaXY5dXNzQ9L4ReONkTRqkMT%2FYm%2FHTVLmnz36h69u4ABW%2F6fQNvPV%2BrQOekvCBvMl%2BmQRvHTzzmKsZHx%2FXPdzyfUc1B8UtOaGyn47jN1hS%2BdZs6o3FhWX%2FBgphRy6meULUm%2FmQpqedS2PDmmkWmUfj2d5hWHPlxkq7GSSZktrhqp3YSm7oNtBONZPmeEOd9ZywyepGcmGFVTmynI03F15nC4flqUVSUmp9BULSDM4UHkkDMfOmTKh08fDtUdLiEe1t92JywO1soS6niirDUVNhHMxqkrTdTRpJcpIvC0zdt1aZgoz3qmT055PQazRlFaL210LwRZayWGGSzRI%2FL2xGyEhmcoepmZxUhzNnPWjOTdJ56vNzOC04a7s2fGtMfWxFC2NOuNVahgFg8W275bLhYXlYR5NBtIsp%2FVjbvHHqDQLbeSVx7nQG9sAjPfd7X7ibo5OS4FgsZPhKZToKQX3C0qr%2FW433dKZkkj6OIstTjwbeKEJSbyU8ZFX%2B9Rx3etBJz%2Fx2nxmsamS6ZleiKE%2BVGZFNBWraB4fhTw3M5Zp6fu5XqfJNJLSZak7x3Cyx2pX7uxOdeUerJmwQmkoMp2KkWdBQo2zNXsGh6oLb%2BnlQjpth9s%2BXu4EYz2TA680DaOo19Tc4s0pV%2BX0upiJZ%2BFU7EdIW%2BxLK0StehGpFmWuJqzGL7uKka%2FZIP5KfT5PGPuL6cnHLxvSf3yN%2BOjF4%2B%2F9wfRf34NbAuw7kqKfksIX%2FrP0u2SfNAnIvvMwBxfJHSn8OwL8pyTNv%2FY8i5MXj%2F%2BRfTBi%2B83ntp80P7D9xH%2F%2F9eSW4ldXPM0h0RYFB0IbOZAWGFZkKYqBkBMkREskS186f%2Fro3%2F8XAAD%2F%2FwEAAP%2F%2FG5eGqukMAAA%3D HTTP/1.1
Host: centeredfailinghotline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Cookie: u_pl=17550729; uid_id2=89b88108-06e5-4229-bc2f-ec8a4a724289:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 29 Dec 2022 03:00:52 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e83a6b680adcb0b07194ffcdaab42a88
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| www.torrentkitty.lol/search/search/naho%20hazuki | 172.67.217.107 | 200 OK | 0 B |
URL HTTP/2www.torrentkitty.lol/search/search/naho%20hazuki IP172.67.217.107:0
GET /search/search/naho%20hazuki HTTP/1.1
Host: www.torrentkitty.lol
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:49 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: max-age=14400, must-revalidate
pragma: no-cache
cf-cache-status: MISS
last-modified: Thu, 29 Dec 2022 03:00:49 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DymQgLN%2Bw5N6oDByqRWPbKU8uPcjT5RJYYRCTmvtJfbNC10mdOg6q3Kz2%2FedJY0anQA%2BLo%2BFfLmm7L3EpxsC4%2FVbBU2bVpTQoZvtBTC4T1hNLAgi3quYO8CuYeJg5WhuARWJ4wJQMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 780f499c488a0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| c.statcounter.com/t.php?sc_project=10571718&u1=84DC11EEC3394FF87B9A4A8CFCE03944&java=1&security=6b4a9073&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//www.torrentkitty.lol/search/search/naho%2520hazuki&t=search%20-%20Torrent%20Kitty&invisible=1&sc_rum_e_s=2654&sc_rum_e_e=2659&sc_rum_f_s=0&sc_rum_f_e=2646&get_config=true | 104.20.219.77 | 200 OK | 0 B |
URL HTTP/2c.statcounter.com/t.php?sc_project=10571718&u1=84DC11EEC3394FF87B9A4A8CFCE03944&java=1&security=6b4a9073&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//www.torrentkitty.lol/search/search/naho%2520hazuki&t=search%20-%20Torrent%20Kitty&invisible=1&sc_rum_e_s=2654&sc_rum_e_e=2659&sc_rum_f_s=0&sc_rum_f_e=2646&get_config=true IP104.20.219.77:0
GET /t.php?sc_project=10571718&u1=84DC11EEC3394FF87B9A4A8CFCE03944&java=1&security=6b4a9073&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//www.torrentkitty.lol/search/search/naho%2520hazuki&t=search%20-%20Torrent%20Kitty&invisible=1&sc_rum_e_s=2654&sc_rum_e_e=2659&sc_rum_f_s=0&sc_rum_f_e=2646&get_config=true HTTP/1.1
Host: c.statcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:51 GMT
content-type: application/json
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
expires: Mon, 26 Jul 1997 05:00:00 GMT
set-cookie: is_unique=sc10571718.1672282851.0; SameSite=None; Secure; Expires=Tuesday, 28-Dec-2027 11:00:51 HKT; Path=/; Domain=.statcounter.com
is_visitor_unique=1672282851226720037; SameSite=None; Secure; Expires=Saturday, 28-Dec-2024 11:00:51 HKT; Path=/; Domain=.statcounter.com
access-control-allow-origin: https://www.torrentkitty.lol
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 780f49ab4eafb4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:0
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 29 Dec 2022 03:00:52 GMT
date: Thu, 29 Dec 2022 03:00:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| secure.statcounter.com/counter/counter.js | 104.20.219.77 | 200 OK | 0 B |
URL HTTP/2secure.statcounter.com/counter/counter.js IP104.20.219.77:0
GET /counter/counter.js HTTP/1.1
Host: secure.statcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:50 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 19 Dec 2022 18:29:15 GMT
etag: W/"63a0ad7b-aa70"
expires: Thu, 29 Dec 2022 06:34:59 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 30351
server: cloudflare
cf-ray: 780f49a8ad64b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.cloudflare.com/cdn-cgi/trace | 104.16.124.96 | 200 OK | 0 B |
URL HTTP/2www.cloudflare.com/cdn-cgi/trace IP104.16.124.96:0
GET /cdn-cgi/trace HTTP/1.1
Host: www.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:50 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 780f49a95e2ab4ee-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| crrepo.com/extban/306928020/creatives/23542074/57a4d6202e83fa2b80096bedde5657fd_7640.png | 104.21.235.113 | 200 OK | 0 B |
URL HTTP/2crrepo.com/extban/306928020/creatives/23542074/57a4d6202e83fa2b80096bedde5657fd_7640.png IP104.21.235.113:0
GET /extban/306928020/creatives/23542074/57a4d6202e83fa2b80096bedde5657fd_7640.png HTTP/1.1
Host: crrepo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 29 Dec 2022 03:00:52 GMT
content-type: image/png
last-modified: Sat, 12 Nov 2022 09:34:43 GMT
etag: W/"636f68b3-2132"
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: HIT
age: 5816
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uXFCUnw6fEXJrsczwghCpq6bEom03r5hcr9SvW%2FaFYb3rAAT%2FL9gCl8v6snKC5evudRHV%2FznBdhiaqbCkCVIO5Ir6fGhS8MV0VzFirIfaE9FXZaD1XMBLfYRiWx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 780f49b41c0e730c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|