| r3.o.lencr.org/ |  23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashcfec3d7283a9b66d2be426ce54d210f3 808c1feb1ba918951d1928c1f6bfc0c253262774 1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6643
Expires: Tue, 06 Dec 2022 03:01:46 GMT
Date: Tue, 06 Dec 2022 01:11:03 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashee088fab9b287e174cfd1f2c735a909f 25c3335b514a36ad1a24d00413d60c3d394f5161 494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5337
Cache-Control: max-age=125353
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 01:11:03 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 12:00:16 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash1ea206ac3c440825741687351f8c6e4e 2f38dafd8c43dcce2411a0590bc5c02cd6286735 7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9134
Expires: Tue, 06 Dec 2022 03:43:17 GMT
Date: Tue, 06 Dec 2022 01:11:03 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ |  34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 00:20:20 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3043
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash53341dea33f4f3d9b4966f80589f429a 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: XHBnayarsDSS9q5U0dudoiArO17S5IsIw938mzE45mDl6jC5uyBrpaX2IWky1122aNKhiLCstrw=
x-amz-request-id: 872WKWS79PMNK1CE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 00:48:43 GMT
age: 1340
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| book.dypics.com/search/08_19 | 172.67.216.247 | 301 Moved Permanently | 171 B |
URL HTTP/1.1book.dypics.com/search/08_19 IP172.67.216.247:0
File typeHTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text Hashe166c405680b35650384b0359ffb4125 1c28ecee2b7ced1508fed73ded27a483faceb272 0d1ea99c07d9f0dc7776aa494e761f685baeb482512ceb8b06ec48003f183c05
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /search/08_19 HTTP/1.1
Host: book.dypics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 06 Dec 2022 01:11:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.torrentkitty.lol/search/search/08_19
X-Powered-By: ASP.NET
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RxQZYaMQxAAU4dlnvnyfrVy39y%2FnN4GgDEO2w9mleQ9vPf3mYhiPCiHd2ACo7JTYFlikt0D2LHgAi%2BNFWfRqo%2FNQ5JuOZyADVBm20OoEhnJRSGrAPO7TtDPvHvdPp%2FT5Ol4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 775125332a90b506-OSL
alt-svc: h2=":443"; ma=60
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 01:11:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 01:08:58 GMT
cache-control: public,max-age=3600
age: 125
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash2b9d6a686aa3c4ea24568425e43a5221 d53bb4c9579bd1db78a0520619e888aec79f750f c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5329
Cache-Control: max-age=120278
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 01:11:03 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 10:35:41 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 34.218.168.248 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP34.218.168.248:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NJD1eWF6SW3fkodR8ADPOQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RXuFUHLDpzWtUqrKADQH/b6K+ks=
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6534
Expires: Tue, 06 Dec 2022 02:59:59 GMT
Date: Tue, 06 Dec 2022 01:11:05 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6534
Expires: Tue, 06 Dec 2022 02:59:59 GMT
Date: Tue, 06 Dec 2022 01:11:05 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6534
Expires: Tue, 06 Dec 2022 02:59:59 GMT
Date: Tue, 06 Dec 2022 01:11:05 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6534
Expires: Tue, 06 Dec 2022 02:59:59 GMT
Date: Tue, 06 Dec 2022 01:11:05 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6534
Expires: Tue, 06 Dec 2022 02:59:59 GMT
Date: Tue, 06 Dec 2022 01:11:05 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba08976-65c4-4b8b-9ef1-92055a7b5235.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba08976-65c4-4b8b-9ef1-92055a7b5235.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash53afd826523f4c18bf968764818d7ca7 9a26884875abb0652c568c50438b65f801779f9a 4f9dfeda67a040fef9c6987a7c334a91c993c84f694fa91771fcf7fd1d2e4937
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba08976-65c4-4b8b-9ef1-92055a7b5235.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12293
x-amzn-requestid: 49891ceb-3f74-4e83-8064-f54fc8b30961
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyGHPOIAMFYqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-651e4e0c55257bcc553cd176;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4f0QQ4-21m-DiP4oUtIG75_vremc835laqhfDerlqCuW-WyKClvc9Q==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:29:38 GMT
age: 9687
etag: "9a26884875abb0652c568c50438b65f801779f9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb15136d60fd0a5e0f657a4f5c75d540f 36082b7329d473829178f280cb71a83b1531e486 79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:23:09 GMT
age: 10076
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8450e32d-c4fa-4c40-82bc-1c36f479692e.jpeg | 34.120.237.76 | 200 OK | 9.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8450e32d-c4fa-4c40-82bc-1c36f479692e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashdd0fdca9dfb3e18fcbb5c89e12922da7 d8acf7053a01df2c503c734d52070ff4802d5a01 61e6235613c8ecda0321ecbe0870419bfa65cf3e44e3b85acd257f78725a6843
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8450e32d-c4fa-4c40-82bc-1c36f479692e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8978
x-amzn-requestid: 59cc852a-eb8c-45ab-a370-a176bffea0ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cqSrJGoaoAMF_jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d97e0-3760c58b6d2b7a6561541201;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 07:04:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xSapcXr_Lw9Bg_aOZlfNv5Y-UzqGxG5lVThE4APtxcc8gy8X_W0Kww==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 07:17:55 GMT
etag: "d8acf7053a01df2c503c734d52070ff4802d5a01"
content-type: image/jpeg
age: 64390
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg | 34.120.237.76 | 200 OK | 8.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashdcb8fe0c4ba323ab2483fa290c291051 6706e02d6b95edc3a33c951f07d04b0fb7415b77 6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tsL8hmcWaBeKYVG2b4g7ebl-sQ0Z5jZaexEfvldfzq9COcOdzqLhUA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:21 GMT
age: 12164
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e5de346-6863-4521-9b1c-e74cf4df1d53.jpeg | 34.120.237.76 | 200 OK | 6.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e5de346-6863-4521-9b1c-e74cf4df1d53.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2409529ecac5140de749d864da85af0d 99f431b4ca446996dbacb969440e2ecfb11fd9e0 81b379b16874d6644b0cf63e02c5174e44a40ab7cb4f4727bb96ad44bfcaa72f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e5de346-6863-4521-9b1c-e74cf4df1d53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6422
x-amzn-requestid: 7c6de5da-a534-4b39-ba5a-b3613404bbaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnAaTEHuIAMFuKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c4774-01fdb62864e594235b569f78;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:08:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iNIswtAzDZrcEhTO1li8CCP7VfwpfFdP8gJPCcm222TGPA2JSlMJRw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 07:25:07 GMT
age: 63958
etag: "99f431b4ca446996dbacb969440e2ecfb11fd9e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash7f2c354a00ab51d4a41221b6bf191c10 01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4 7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11352
x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwuF1ToAMFiIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aYf5d6wAJlPSXVwF5uQXUb1g_65z-v6tInk7IF64bBV-w31d3MKeIQ==
via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:23 GMT
age: 10122
etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hasha58619bdb889a697a069e6cb39bb35ee e96618b2571d3426a5c9ef9ba4c82694f17bf8e2 478de74816dd1b7e37bb036633aee68c9642ecf61f70d808870034c47a21155e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "478DE74816DD1B7E37BB036633AEE68C9642ECF61F70D808870034C47A21155E"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1172
Expires: Tue, 06 Dec 2022 01:30:37 GMT
Date: Tue, 06 Dec 2022 01:11:05 GMT
Connection: keep-alive
|
|
| charmshoist.com/26/ca/06/26ca065a5fb871c74739646a26f0622b.js | 173.233.137.52 | 200 OK | 13 kB |
URL HTTP/1.1charmshoist.com/26/ca/06/26ca065a5fb871c74739646a26f0622b.js IP173.233.137.52:0
File typeASCII text, with very long lines (37132), with no line terminators Hash15584435e8cdde6225c1cdf3ed140f52 861a0ce0e23dd2f0ccc0e5e021c24d817b7169c6 7417d34c5a71c2c807319a3ab5475a4ebe9a1bfb42e55e33e3ba691c15eb20fb
GET /26/ca/06/26ca065a5fb871c74739646a26f0622b.js HTTP/1.1
Host: charmshoist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 06 Dec 2022 01:11:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f54d185f8dd2fd2c22216350d1faf83c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash03aafc98b07261694621086c624f18ce f1132f5e195c67cb725a2cbf93450660049966c6 67e32e706eece43f2746529440fa31fe1f3d11d55b18a69228b6d3cf4b1cc114
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "67E32E706EECE43F2746529440FA31FE1F3D11D55B18A69228B6D3CF4B1CC114"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8841
Expires: Tue, 06 Dec 2022 03:38:26 GMT
Date: Tue, 06 Dec 2022 01:11:05 GMT
Connection: keep-alive
|
|
| accentneglectporter.com/80497e49a2c17fe3a1aff4077eee1810/invoke.js | 192.243.59.12 | 200 OK | 9.8 kB |
URL HTTP/1.1accentneglectporter.com/80497e49a2c17fe3a1aff4077eee1810/invoke.js IP192.243.59.12:0 ASN#39572 DataWeb Global Group B.V.
File typeexported SGML document, ASCII text, with very long lines (26975), with no line terminators Hashea3f3525204c1a4f51e3c8b9d04bf5aa a0a5c72dbf7dee14e9acb19fb8912815a91fce30 25e61a0c7a1212239a186d28a49318c7a6329876c1912597054f657f8a53f800
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /80497e49a2c17fe3a1aff4077eee1810/invoke.js HTTP/1.1
Host: accentneglectporter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 06 Dec 2022 01:11:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b93ece372778d3b8954c607647f53ede
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 472 B |
IP172.64.155.188:0
Hashf1dacaaa678dfa6d22420a8b46047d44 8b80f47f01cc0714a47ff3d734b6bce89756ec26 6533e522fdc5ac5af0079b6c4599cee64810a54671c9e4c49f8a79597b57926e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:11:06 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 18:34:07 GMT
Expires: Fri, 09 Dec 2022 18:34:06 GMT
Etag: "8b80f47f01cc0714a47ff3d734b6bce89756ec26"
Cache-Control: max-age=321179,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775125483dc10af6-OSL
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash39ff429e01b04b2028787238e8a10d71 6c4b3c0e3458a259cdb67ec64d8e122a6ace15ab a190c172b39fad7fe80169d44dcfe887e0b60d8f35599f570d7a11b98628dfa1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1300
Cache-Control: max-age=116639
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 01:11:06 GMT
Etag: "638db635-117"
Expires: Wed, 07 Dec 2022 09:35:05 GMT
Last-Modified: Mon, 05 Dec 2022 09:13:25 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.165 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.165:0
Hash37e249436efd3904ad23a3bc6a1f22fe c2a39e8bad784f494516d24094adb710193af8ec c38a5798ed46d9276a2456e6565c6e162122223005f456c927d843ec6345de8a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=135294
Date: Tue, 06 Dec 2022 01:11:06 GMT
Etag: "638df297-1d7"
Expires: Wed, 07 Dec 2022 14:46:00 GMT
Last-Modified: Mon, 05 Dec 2022 13:31:03 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Kkyb0ir7rmn6bJlca8wD5laoTWBZm4MMftKTUYKis5npGisNOt0Pug==
Age: 4497
|
|
| simplewebanalysis.com/stats |  18.185.190.54 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP18.185.190.54:0
File typeASCII text, with no line terminators Hash4f791e26800e81154fde579a67da91c0 35d5f22f57fbf855882c19565d80b9de99e0c4f8 e6ac1a9f7f141403fdccc8275271e2c3dd847fc313887464a9da5b0f19975c6e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 01:11:06 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.torrentkitty.lol
access-control-allow-credentials: true
set-cookie: uid_id2=ce0e2de3-b103-4514-b483-207266319054:2:1; expires=Fri, 03 Dec 2032 01:11:06 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| simplewebanalysis.com/stats | 18.185.190.54 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP18.185.190.54:0
File typeASCII text, with no line terminators Hash38f20546d97743cef1297701b07b96f1 f124bad7c913755893d8ad47d9132de1016d5d12 799840d95c9b3f7a860e76fdeae43fa7f6ac8ae1c4c7a7ae8868089d6af958eb
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 01:11:06 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.torrentkitty.lol
access-control-allow-credentials: true
set-cookie: uid_id2=388bde0a-5560-48de-9697-2ce77c1577b5:1:1; expires=Fri, 03 Dec 2032 01:11:06 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 346 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashffb1fa188f11f4b1ec69136d1920502b 8aac404d7cf025e415c22f6170fea74bf537c603 7beabb9b7af824e542dc5f62308e6d44c4a38dee34d69836ca4c1cf966592b82
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "7BEABB9B7AF824E542DC5F62308E6D44C4A38DEE34D69836CA4C1CF966592B82"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15850
Expires: Tue, 06 Dec 2022 05:35:16 GMT
Date: Tue, 06 Dec 2022 01:11:06 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 346 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashffb1fa188f11f4b1ec69136d1920502b 8aac404d7cf025e415c22f6170fea74bf537c603 7beabb9b7af824e542dc5f62308e6d44c4a38dee34d69836ca4c1cf966592b82
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "7BEABB9B7AF824E542DC5F62308E6D44C4A38DEE34D69836CA4C1CF966592B82"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15850
Expires: Tue, 06 Dec 2022 05:35:16 GMT
Date: Tue, 06 Dec 2022 01:11:06 GMT
Connection: keep-alive
|
|
| simplewebanalysis.com/stats | 18.185.190.54 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP18.185.190.54:0
File typeASCII text, with no line terminators Hash38f20546d97743cef1297701b07b96f1 f124bad7c913755893d8ad47d9132de1016d5d12 799840d95c9b3f7a860e76fdeae43fa7f6ac8ae1c4c7a7ae8868089d6af958eb
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Cookie: uid_id2=388bde0a-5560-48de-9697-2ce77c1577b5:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 01:11:06 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.torrentkitty.lol
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 471 B |
IP172.64.155.188:0
Hasha3c9679236e68e323a0f63bdba404745 c378193fe82679178d947e5b02a5f3c1d052313d f09384df5ffcae048ae1a647747e51318c2ceb1caf7e418966e494d5ed358f8f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:11:06 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 12:04:34 GMT
Expires: Sun, 11 Dec 2022 12:04:33 GMT
Etag: "c378193fe82679178d947e5b02a5f3c1d052313d"
Cache-Control: max-age=470606,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7751254c6ee20af6-OSL
|
|
| 6.adsco.re/ |  104.17.166.186 | 200 OK | 0 B |
IP104.17.166.186:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 01:11:07 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://www.torrentkitty.lol
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7751254dccc31c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash684d9efc40eb90ee751779681b28b991 d7bdbcf549773710308de7216f8d6081b01a39b1 0302eafe6839faa61f31957344f5a92978d360ad312c7aa54da01464ba51d44d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0302EAFE6839FAA61F31957344F5A92978D360AD312C7AA54DA01464BA51D44D"
Last-Modified: Sat, 03 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13214
Expires: Tue, 06 Dec 2022 04:51:21 GMT
Date: Tue, 06 Dec 2022 01:11:07 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashf4b3d4841b48486a5e2d86a7c29738bd c66b0359a028dd580097cce2637920f4af31767f 81b2433c5cbe90d4080b67602407688a5815887a530f4f59b6cb55537b6bf279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "81B2433C5CBE90D4080B67602407688A5815887A530F4F59B6CB55537B6BF279"
Last-Modified: Sat, 03 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13266
Expires: Tue, 06 Dec 2022 04:52:13 GMT
Date: Tue, 06 Dec 2022 01:11:07 GMT
Connection: keep-alive
|
|
| 4.adsco.re/ | 162.252.214.5 | 200 OK | 62 B |
IP162.252.214.5:0
File typeASCII text, with no line terminators Hashadde5febc7b5b6c2c759ec735cce83a0 77ec17be8a9970ff04663294d41c590d0d24fde4 ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:11:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://www.torrentkitty.lol
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 471 B |
IP172.64.155.188:0
Hasha3c9679236e68e323a0f63bdba404745 c378193fe82679178d947e5b02a5f3c1d052313d f09384df5ffcae048ae1a647747e51318c2ceb1caf7e418966e494d5ed358f8f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:11:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 12:04:34 GMT
Expires: Sun, 11 Dec 2022 12:04:33 GMT
Etag: "c378193fe82679178d947e5b02a5f3c1d052313d"
Cache-Control: max-age=470605,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7751254e0a4b1bfa-OSL
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash0242539154ad5577482c101495485973 c003cb834ab389a553c9b859b6cf8786d7bb0496 532ad07db92ef70173355bd7c7ca4fefd644821793196a7dbb58801351504248
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "532AD07DB92EF70173355BD7C7CA4FEFD644821793196A7DBB58801351504248"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14761
Expires: Tue, 06 Dec 2022 05:17:08 GMT
Date: Tue, 06 Dec 2022 01:11:07 GMT
Connection: keep-alive
|
|
| semicoloninadequacypleasantly.com/watch.1361948655775.js?key=80497e49a2c17fe3a1aff4077eee1810&kw=%5B%22search%22%2C%22-%22%2C%22torrent%22%2C%22kitty%22%5D&refer=https%3A%2F%2Fwww.torrentkitty.lol%2Fsearch%2Fsearch%2F08_19&tz=0&dev=e&res=12.1055&uuid=ce0e2de3-b103-4514-b483-207266319054%3A2%3A1 | 192.243.59.13 | 307 Temporary Redirect | 0 B |
URL HTTP/1.1semicoloninadequacypleasantly.com/watch.1361948655775.js?key=80497e49a2c17fe3a1aff4077eee1810&kw=%5B%22search%22%2C%22-%22%2C%22torrent%22%2C%22kitty%22%5D&refer=https%3A%2F%2Fwww.torrentkitty.lol%2Fsearch%2Fsearch%2F08_19&tz=0&dev=e&res=12.1055&uuid=ce0e2de3-b103-4514-b483-207266319054%3A2%3A1 IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /watch.1361948655775.js?key=80497e49a2c17fe3a1aff4077eee1810&kw=%5B%22search%22%2C%22-%22%2C%22torrent%22%2C%22kitty%22%5D&refer=https%3A%2F%2Fwww.torrentkitty.lol%2Fsearch%2Fsearch%2F08_19&tz=0&dev=e&res=12.1055&uuid=ce0e2de3-b103-4514-b483-207266319054%3A2%3A1 HTTP/1.1
Host: semicoloninadequacypleasantly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Tue, 06 Dec 2022 01:11:07 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.torrentkitty.lol
Access-Control-Allow-Origin: https://www.torrentkitty.lol
Access-Control-Allow-Credentials: true
Location: https://semicoloninadequacypleasantly.com/watch.1361948655775.js?key=80497e49a2c17fe3a1aff4077eee1810&kw=%5B%22search%22%2C%22-%22%2C%22torrent%22%2C%22kitty%22%5D&refer=https%3A%2F%2Fwww.torrentkitty.lol%2Fsearch%2Fsearch%2F08_19&tz=0&dev=e&res=12.1055&uuid=ce0e2de3-b103-4514-b483-207266319054%3A2%3A1&shu=4bf5233f9233b7b8e25953ce5d855c23d6977d8233d9a6480004e690b6297e64b688ecd0fd90cb19b5a15eb1e1de82a2c371230a65403d9aac2c408a3000ea53b617df70e7faede6bc7715d3d1a15e74614c6508&pst=1670289127&rmtc=t
Set-Cookie: u_pl=17298897; expires=Wed, 07 Dec 2022 01:11:07 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI5ODg5NywiayI6IjgwNDk3ZTQ5YTJjMTdmZTNhMWFmZjQwNzdlZWUxODEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo4MTA0MSwicGlkIjozOTExLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE4LCJhaWQiOjMyLCJwdCI6NCwicGsiOiJ0MzhhMGF3a3oiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudG9ycmVudGtpdHR5LmxvbC9zZWFyY2gvc2VhcmNoLzA4XzE5In19.BVGQyf4AILh1RKzGU-tc8VQR6ruEvWT2cIl6YwzaSoQ; expires=Tue, 06 Dec 2022 01:12:07 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b281cf38be4347cefc3940f9bd72d980
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| 5lrztnrdqx5z.n4.adsco.re/ | 38.132.109.186 | 200 OK | 0 B |
URL HTTP/1.15lrztnrdqx5z.n4.adsco.re/ IP38.132.109.186:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 5lrztnrdqx5z.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:11:07 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
|
|
| semicoloninadequacypleasantly.com/watch.1361948655775.js?key=80497e49a2c17fe3a1aff4077eee1810&kw=%5B%22search%22%2C%22-%22%2C%22torrent%22%2C%22kitty%22%5D&refer=https%3A%2F%2Fwww.torrentkitty.lol%2Fsearch%2Fsearch%2F08_19&tz=0&dev=e&res=12.1055&uuid=ce0e2de3-b103-4514-b483-207266319054%3A2%3A1&shu=4bf5233f9233b7b8e25953ce5d855c23d6977d8233d9a6480004e690b6297e64b688ecd0fd90cb19b5a15eb1e1de82a2c371230a65403d9aac2c408a3000ea53b617df70e7faede6bc7715d3d1a15e74614c6508&pst=1670289127&rmtc=t | 192.243.59.13 | 200 OK | 2.1 kB |
URL HTTP/1.1semicoloninadequacypleasantly.com/watch.1361948655775.js?key=80497e49a2c17fe3a1aff4077eee1810&kw=%5B%22search%22%2C%22-%22%2C%22torrent%22%2C%22kitty%22%5D&refer=https%3A%2F%2Fwww.torrentkitty.lol%2Fsearch%2Fsearch%2F08_19&tz=0&dev=e&res=12.1055&uuid=ce0e2de3-b103-4514-b483-207266319054%3A2%3A1&shu=4bf5233f9233b7b8e25953ce5d855c23d6977d8233d9a6480004e690b6297e64b688ecd0fd90cb19b5a15eb1e1de82a2c371230a65403d9aac2c408a3000ea53b617df70e7faede6bc7715d3d1a15e74614c6508&pst=1670289127&rmtc=t IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
File typeHTML document text\012- HTML document, ASCII text, with very long lines (2636) Hash847ed635c2b5343dc76d27d7f3d2774e 96e1ca1cd30b99cd231c64e4e73772cd508e5ae9 f365d70ff2dac52cea428a129285a8ebb5d553745812d87de15a68b4d88eae36
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /watch.1361948655775.js?key=80497e49a2c17fe3a1aff4077eee1810&kw=%5B%22search%22%2C%22-%22%2C%22torrent%22%2C%22kitty%22%5D&refer=https%3A%2F%2Fwww.torrentkitty.lol%2Fsearch%2Fsearch%2F08_19&tz=0&dev=e&res=12.1055&uuid=ce0e2de3-b103-4514-b483-207266319054%3A2%3A1&shu=4bf5233f9233b7b8e25953ce5d855c23d6977d8233d9a6480004e690b6297e64b688ecd0fd90cb19b5a15eb1e1de82a2c371230a65403d9aac2c408a3000ea53b617df70e7faede6bc7715d3d1a15e74614c6508&pst=1670289127&rmtc=t HTTP/1.1
Host: semicoloninadequacypleasantly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Referer: https://www.torrentkitty.lol/
Connection: keep-alive
Cookie: u_pl=17298897; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI5ODg5NywiayI6IjgwNDk3ZTQ5YTJjMTdmZTNhMWFmZjQwNzdlZWUxODEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo4MTA0MSwicGlkIjozOTExLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE4LCJhaWQiOjMyLCJwdCI6NCwicGsiOiJ0MzhhMGF3a3oiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudG9ycmVudGtpdHR5LmxvbC9zZWFyY2gvc2VhcmNoLzA4XzE5In19.BVGQyf4AILh1RKzGU-tc8VQR6ruEvWT2cIl6YwzaSoQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 06 Dec 2022 01:11:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.torrentkitty.lol
Access-Control-Allow-Origin: https://www.torrentkitty.lol
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=ce0e2de3-b103-4514-b483-207266319054:2:1; expires=Tue, 13 Dec 2022 01:11:07 GMT; secure; SameSite=None
iprc623d5a889e1fecc718244c4fa9aca21f=3570421; expires=Tue, 06 Dec 2022 05:11:07 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 07 Dec 2022 01:11:07 GMT; secure; SameSite=None
uncs=1; expires=Wed, 07 Dec 2022 01:11:07 GMT; secure; SameSite=None
pdhtkv32=true; expires=Wed, 07 Dec 2022 01:11:07 GMT; secure; SameSite=None
uncs32=1; expires=Wed, 07 Dec 2022 01:11:07 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4c3f31867853833dcf0438e2ebbb1e3e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| kidhumiliateessay.com/sbar.json?key=26ca065a5fb871c74739646a26f0622b&uuid=388bde0a-5560-48de-9697-2ce77c1577b5%3A1%3A1 | 173.233.137.44 | 200 OK | 12 kB |
URL HTTP/1.1kidhumiliateessay.com/sbar.json?key=26ca065a5fb871c74739646a26f0622b&uuid=388bde0a-5560-48de-9697-2ce77c1577b5%3A1%3A1 IP173.233.137.44:0
File typeJSON data\012- , ASCII text, with very long lines (16639), with no line terminators Hash197429d041cdd92b9e74af3f2739b0ed dfce5daf697cd32f325b8cb16191496bd89e3083 d6f5482d441360e2d1e42f5937c60405be7b290c3a39d29d64372861dede7192
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /sbar.json?key=26ca065a5fb871c74739646a26f0622b&uuid=388bde0a-5560-48de-9697-2ce77c1577b5%3A1%3A1 HTTP/1.1
Host: kidhumiliateessay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 06 Dec 2022 01:11:07 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.torrentkitty.lol
Access-Control-Allow-Origin: https://www.torrentkitty.lol
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17550729; expires=Wed, 07 Dec 2022 01:11:07 GMT; secure; SameSite=None
uid_id2=388bde0a-5560-48de-9697-2ce77c1577b5:1:1; expires=Tue, 13 Dec 2022 01:11:07 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 07 Dec 2022 01:11:07 GMT; secure; SameSite=None
uncs=1; expires=Wed, 07 Dec 2022 01:11:07 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 07 Dec 2022 01:11:07 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 07 Dec 2022 01:11:07 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7da23caa4ab4538c7b3bf894abb4eeb5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash227de73c2950d257905eda6128f90ea9 d700e7cbc5c620f274ec53c336dba15988f046d9 306cc0e4114a9e5b3f9125f9a6fe9746e2db74d94c7991c714e6abb2de046fbc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "306CC0E4114A9E5B3F9125F9A6FE9746E2DB74D94C7991C714E6ABB2DE046FBC"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13517
Expires: Tue, 06 Dec 2022 04:56:24 GMT
Date: Tue, 06 Dec 2022 01:11:07 GMT
Connection: keep-alive
|
|
| friendshipmale.com/sfp.js | 104.21.234.93 | 200 OK | 28 kB |
URL HTTP/2friendshipmale.com/sfp.js IP104.21.234.93:0
File typeUnicode text, UTF-8 text, with very long lines (65529), with no line terminators Hash3d9e7647765d868fe9cc8ddee3666073 d4bad517e0b74d24c4f42e65d0da9b5d6ea40ac2 30fb5a3af33d15d8f75cccc46a5c312bae61d42f2225e4f78b94be4573fd0fe1
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 01:11:06 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 2f97be7e7ace714007acf68e5c117c4e
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 06 Dec 2022 01:11:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ml6gNeRLeC%2FOB1BNpjuh%2BD9b49im7h0v4H%2B4YZwDh%2FbYVr%2B0X6ajds%2Fxa6xqLmmMD00CpOrXtd42ClnjyaxFoigSsUudzPuxdmxH26V12F8mujlvIrJnHvU5PznmZdE2hqyvgtg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7751254a5c2371ed-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| adsco.re/p | 162.252.214.5 | 200 OK | 170 B |
IP162.252.214.5:0
File typeASCII text, with no line terminators Hashfaa6a43abc5b44288ec45f48184d2c8c 1a4b90bc85f34d4ba614e31540362bda586008a6 a4d3c668ecf81156dea4a9badfca153646386d242d53dcc52395c40a58f01d09
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1896
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:11:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://www.torrentkitty.lol
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
|
|
| kidhumiliateessay.com/ren.gif?sid=H4sIAAAAAAAC%2F3SWTcgrWVrHk7YFcRZi40ZBeJnXOyiYN%2FVdqW6HS1JJKkklla%2FKJxfjqXNOJSepr1Sd%2BkhWgyMyLpTbG0dw895zu6cde3BsQVwJ8rYbuSj260Jvgy1uXOsIs5a890rPQN%2BHqjrPqecsznOe3%2F%2Fw%2FP6z9IsSx1LwcjQIz8TzQFW%2B4a5%2BfUECFObJlWVf8dwN997VggSK9N5VcfnE2bs8J99wv3FlYHgIqwLHcxzP8VdtEmM3LKoPUUaiH2j8jcbdSMINL0usiH96nqRlloAyQ9kXpXcYQfc%2Fu%2FuHTxiBdyzw%2F7KJkwMNo99s%2BakHaBizDH00Cw5BmAfM%2F9J14zJzg49er2Zhcl8q%2FclbLAw%2Bep0BC7MPLhkwh9yXyv%2FKMyf46PU2mZN9%2BGqnjsdwwBz0NZZndwx7d4yAOwbDbzOCPisxBhGzhizwv2eFcQ5Or6LgEr0vvf3j%2F2Ukvy%2B9%2Fe%2B%2FxAL%2FLxoeKa6moZdSEgYJK9xbRoo7RrZ3LEo%2FZfRcZiT%2FlEH6u4ygfypVf9xngf%2FBMPFCRtDLXxNrNQdhDlRkWeEqUg3hiqZoakWAWFUhL6uqIz8cESF3jLh3zMNPGUjKLL28pMxSt8zSqMx89PIKyJrLcarruKJYkyCEogihXFOQjESp5nIshZccnjIaPWXQe8pg%2FC0Wxd9iB%2FL%2BZ%2FI7LE7%2FjiW7W5agMktoiWXoluW4xPKkxHJQYjkpsZyWWJ7dfoi8REhuv4e8JHX416PwehRvn4d0%2Bwx8GNItDkrPoi9Kv3g5u%2FLX%2FvEP2AG%2FvBIUCDhFBrLr1FQeqpIqaoqkAEFxOUUQHJaQW0aStx4yPV8K%2BVvvs4h89gsGc8AdS7w7Bsk7DKS%2FykD%2BXBU4BnbPpRrHzsEPaRjHOKAHQunphmYMhbcsom8zeio%2F874o%2FfJDEcVv%2FIhh%2BOLxX333P4W%2F%2Fu0fMRjfsii%2BZXvy9yW29b7zfBLmpQ8mYZ6UPhlGlPjkDC4FnlJAcenPTXzKwxh1m8nT79fhJXBxf2DjhPZBgEiwTUofNwhCOG6HMcSlv%2B0mC%2ByM0mTXSOMgjfojvd31oxgnCQmDOwbIZ86cQXJf%2BrlPf%2F4B3V9Bf8pI%2FCmL08%2FL%2F7OjNHq3WgUIF3AHgi3eAopvYOhXUViFN9EuepxQ4AP6Tf%2BRqj8SLs9WWO9X%2B7ZCjZnY6GlGh0Mt1BmJxehG4LVHgp7NanS52ekrTtUOkpfCHTAGx%2BFS6vdod9CItzAxiaQWgylKgqw5zfA85xebcXrij3owH5nqIFdMF00zRa7N9HmKdXkxWkJnaY%2FWVoN6871zMFpie9DQ%2Bo3paHqsUDPxsbMmzeO5suBCOPSaXEBpN0qHFA8La20pEsXZfqFwxungWE5X8Csi2TTmuTXt7DfmylzpGU%2BnkmYpXSrK6wMnGbqhOoa0dcS9ZbTIIQqlwUYpWnDckdcuIZJvZfy0cDVdzevekN%2FrGmpvO0EjUcxiDPOoHY8nonPYe1uaT%2Ba0r7ViYdpPjutAPDlDuMzC88Q4eXCIwoU9OBzcmqGMUH0upnx2QgHGmq1a7srk1R2u4aVpGzNx5U7boRPjqD7rzmR%2FDox5YkyiUGlwAWdyYaqnMD91k8HIhtiqN1pa6hvwlOWvisf89MXj%2Fy49GCPhHYPR7%2F3w%2BrrZmuqT7sjuDq3r67%2FRQz8CMb6iO3zl4IRezUfWzc3NJ9fXo%2BHUbtR1czOb9KfX15%2B%2F9W9ff0DoSfXJV0B0%2BVc8qYYRDmLqPKkKT6o5Cd5AFQGxRUwhvFAlV36SKk12Hwl6Hawm%2FWzUTzOUAq4xi0d42FYrFUSDYGHuJQ3CODSl7nI9m082ApV1lDu6ZCoEL8%2FFWBg3RTWUvLW8abvJdDR2VnWtkx7TUczNdmrvALcH14IDbNcpDxFccS5e8EVTURDHqY32Vlw2yU6rTNLTfp8P%2FGFbmRy5jrYRD01BcozMCCN9I2gFXClpe4I8VDln7YWzt%2FaLfjMWdy20AJtxGkwhMTqjgePXe426JXcHBom5lYbqkS8bwsrgkoMzNHr7Yy3rWK0htFxXnse8byhqQRWv0ZvKtNY7hgN%2B4cRYR17rOJBlxYk3eWCPGrHMNdc9D9a2Am1a8yxqUq9YiZXe1vVbSz3dhJKr86N61FS5NcSh2zV7IxOGSSDl7clx0ipszRtwiT2sr9HAGcrATTqO3jhGm%2F1s3Bys93mjf5zRvj%2BZVwY2zoodPcLcGrepNukPbbKwK1To5SORZFarWZ%2BdO8vkIHqHnRaoZrbnjDPviRbCFLQswFmqksVNsxkXEddeeoY7icPxkRt0z5v%2BXjwmS5nIU70%2B3vhzfjHCSbZryXpldai0QlsYx1lxcGeZtZZ6pkbUDTSijM7ba7euWb3ORlT8eRFM8yLvqecu19%2Blq9ZRmPq8uI9wJ6fhbvwKvm8AVGyimED8Te6GUwVF%2FPqfXV939YsaXv7OhfDk3WoVxjGOwofbERfUAUFV5BRNqHECV4UxBpRkOKkKoiwJnCpVZRVISBE4AddEFwhOjeM0xcEIYVmRVRdtVEXibqJg%2B%2F3ra7tr91vX1x9bGKMrcNHbY5ZEL0qvjSVhicXel3MnKrM8%2Ffytf37zBQ5Q8f%2FKqwpv1t14t1K7ZGV%2Fhe5U6DwSdC%2BRJ06rTUlYqLhSdPgTEIEcbne7oiX1wWE%2Btypq3CEoMbu9Rq0rpnQiW53KNInB4XxumVtbHa6VszOPlDlPxU3RmvvWdCGue%2BZprp05OIy8vlZX7KXhNYi5IgY4FAfM921QWRi%2B1PRjO%2B2M40G26A22yGwuBEHcWYtVMj2I9VZKGj19SPKNc8T79eHY0vbWYNGo6Gc9ktf7LvT4w4xGi320jHuhVrF3p%2B6oOe4Ao8KvooY0Q00JzxrHczZ28pndXC6N89Chk3NPMkWyGYFtcR6KbX4N4jizRdXcz84CsvZGAy4isacujssGSOq1oydVlgJVOqt2uJcnrt8Aym4QLSY9cVenC54Itrz3D4sBLvrTdi017dgLW6gXCicctKiaVKy6l%2BokGCs5ISN%2FHtp2d85b6anQyLFzciIwDCaD1ShvUmk2Hg9NcdQ%2Be5V03SnMxtDbTqVJixjSHhtgLNIcF0MnWa7jTTyq5G5r3Z7Wu6Q5c1TtnKf95maUwMq6Nm2RQSz6eiu0hsAxe6IIHYIN0t9hXl%2Fb5mnmuJmHYCrV4miIZJR49b04GI9PB6027gdAGyD%2BBFfuZm6ffE%2Br86JR07vNLkpS3gDbtTpPBlZvMBfG%2B5UudeFQRkoM62%2FS3fNYcL7snjxyX9L%2Bq8w8%2FOLxd%2F9w%2BB%2FvoTUDzi1L8E9I4Uv%2FWfIdto3LDNBvs8C%2FZVl8yzLvlgHvKUvSn3lOo%2FjF438RH4w5Xvm548XlDxwv9t5%2F1bkl5OUVll3OxZyAHVdzXBVwSHMlzQEaj1VHBjyjyT38oz%2F%2B%2BP8AAAD%2F%2FwEAAP%2F%2FmMlZ5%2FEMAAA%3D | 173.233.137.44 | 200 OK | 7 B |
URL HTTP/1.1kidhumiliateessay.com/ren.gif?sid=H4sIAAAAAAAC%2F3SWTcgrWVrHk7YFcRZi40ZBeJnXOyiYN%2FVdqW6HS1JJKkklla%2FKJxfjqXNOJSepr1Sd%2BkhWgyMyLpTbG0dw895zu6cde3BsQVwJ8rYbuSj260Jvgy1uXOsIs5a890rPQN%2BHqjrPqecsznOe3%2F%2Fw%2FP6z9IsSx1LwcjQIz8TzQFW%2B4a5%2BfUECFObJlWVf8dwN997VggSK9N5VcfnE2bs8J99wv3FlYHgIqwLHcxzP8VdtEmM3LKoPUUaiH2j8jcbdSMINL0usiH96nqRlloAyQ9kXpXcYQfc%2Fu%2FuHTxiBdyzw%2F7KJkwMNo99s%2BakHaBizDH00Cw5BmAfM%2F9J14zJzg49er2Zhcl8q%2FclbLAw%2Bep0BC7MPLhkwh9yXyv%2FKMyf46PU2mZN9%2BGqnjsdwwBz0NZZndwx7d4yAOwbDbzOCPisxBhGzhizwv2eFcQ5Or6LgEr0vvf3j%2F2Ukvy%2B9%2Fe%2B%2FxAL%2FLxoeKa6moZdSEgYJK9xbRoo7RrZ3LEo%2FZfRcZiT%2FlEH6u4ygfypVf9xngf%2FBMPFCRtDLXxNrNQdhDlRkWeEqUg3hiqZoakWAWFUhL6uqIz8cESF3jLh3zMNPGUjKLL28pMxSt8zSqMx89PIKyJrLcarruKJYkyCEogihXFOQjESp5nIshZccnjIaPWXQe8pg%2FC0Wxd9iB%2FL%2BZ%2FI7LE7%2FjiW7W5agMktoiWXoluW4xPKkxHJQYjkpsZyWWJ7dfoi8REhuv4e8JHX416PwehRvn4d0%2Bwx8GNItDkrPoi9Kv3g5u%2FLX%2FvEP2AG%2FvBIUCDhFBrLr1FQeqpIqaoqkAEFxOUUQHJaQW0aStx4yPV8K%2BVvvs4h89gsGc8AdS7w7Bsk7DKS%2FykD%2BXBU4BnbPpRrHzsEPaRjHOKAHQunphmYMhbcsom8zeio%2F874o%2FfJDEcVv%2FIhh%2BOLxX333P4W%2F%2Fu0fMRjfsii%2BZXvy9yW29b7zfBLmpQ8mYZ6UPhlGlPjkDC4FnlJAcenPTXzKwxh1m8nT79fhJXBxf2DjhPZBgEiwTUofNwhCOG6HMcSlv%2B0mC%2ByM0mTXSOMgjfojvd31oxgnCQmDOwbIZ86cQXJf%2BrlPf%2F4B3V9Bf8pI%2FCmL08%2FL%2F7OjNHq3WgUIF3AHgi3eAopvYOhXUViFN9EuepxQ4AP6Tf%2BRqj8SLs9WWO9X%2B7ZCjZnY6GlGh0Mt1BmJxehG4LVHgp7NanS52ekrTtUOkpfCHTAGx%2BFS6vdod9CItzAxiaQWgylKgqw5zfA85xebcXrij3owH5nqIFdMF00zRa7N9HmKdXkxWkJnaY%2FWVoN6871zMFpie9DQ%2Bo3paHqsUDPxsbMmzeO5suBCOPSaXEBpN0qHFA8La20pEsXZfqFwxungWE5X8Csi2TTmuTXt7DfmylzpGU%2BnkmYpXSrK6wMnGbqhOoa0dcS9ZbTIIQqlwUYpWnDckdcuIZJvZfy0cDVdzevekN%2FrGmpvO0EjUcxiDPOoHY8nonPYe1uaT%2Ba0r7ViYdpPjutAPDlDuMzC88Q4eXCIwoU9OBzcmqGMUH0upnx2QgHGmq1a7srk1R2u4aVpGzNx5U7boRPjqD7rzmR%2FDox5YkyiUGlwAWdyYaqnMD91k8HIhtiqN1pa6hvwlOWvisf89MXj%2Fy49GCPhHYPR7%2F3w%2BrrZmuqT7sjuDq3r67%2FRQz8CMb6iO3zl4IRezUfWzc3NJ9fXo%2BHUbtR1czOb9KfX15%2B%2F9W9ff0DoSfXJV0B0%2BVc8qYYRDmLqPKkKT6o5Cd5AFQGxRUwhvFAlV36SKk12Hwl6Hawm%2FWzUTzOUAq4xi0d42FYrFUSDYGHuJQ3CODSl7nI9m082ApV1lDu6ZCoEL8%2FFWBg3RTWUvLW8abvJdDR2VnWtkx7TUczNdmrvALcH14IDbNcpDxFccS5e8EVTURDHqY32Vlw2yU6rTNLTfp8P%2FGFbmRy5jrYRD01BcozMCCN9I2gFXClpe4I8VDln7YWzt%2FaLfjMWdy20AJtxGkwhMTqjgePXe426JXcHBom5lYbqkS8bwsrgkoMzNHr7Yy3rWK0htFxXnse8byhqQRWv0ZvKtNY7hgN%2B4cRYR17rOJBlxYk3eWCPGrHMNdc9D9a2Am1a8yxqUq9YiZXe1vVbSz3dhJKr86N61FS5NcSh2zV7IxOGSSDl7clx0ipszRtwiT2sr9HAGcrATTqO3jhGm%2F1s3Bys93mjf5zRvj%2BZVwY2zoodPcLcGrepNukPbbKwK1To5SORZFarWZ%2BdO8vkIHqHnRaoZrbnjDPviRbCFLQswFmqksVNsxkXEddeeoY7icPxkRt0z5v%2BXjwmS5nIU70%2B3vhzfjHCSbZryXpldai0QlsYx1lxcGeZtZZ6pkbUDTSijM7ba7euWb3ORlT8eRFM8yLvqecu19%2Blq9ZRmPq8uI9wJ6fhbvwKvm8AVGyimED8Te6GUwVF%2FPqfXV939YsaXv7OhfDk3WoVxjGOwofbERfUAUFV5BRNqHECV4UxBpRkOKkKoiwJnCpVZRVISBE4AddEFwhOjeM0xcEIYVmRVRdtVEXibqJg%2B%2F3ra7tr91vX1x9bGKMrcNHbY5ZEL0qvjSVhicXel3MnKrM8%2Ffytf37zBQ5Q8f%2FKqwpv1t14t1K7ZGV%2Fhe5U6DwSdC%2BRJ06rTUlYqLhSdPgTEIEcbne7oiX1wWE%2Btypq3CEoMbu9Rq0rpnQiW53KNInB4XxumVtbHa6VszOPlDlPxU3RmvvWdCGue%2BZprp05OIy8vlZX7KXhNYi5IgY4FAfM921QWRi%2B1PRjO%2B2M40G26A22yGwuBEHcWYtVMj2I9VZKGj19SPKNc8T79eHY0vbWYNGo6Gc9ktf7LvT4w4xGi320jHuhVrF3p%2B6oOe4Ao8KvooY0Q00JzxrHczZ28pndXC6N89Chk3NPMkWyGYFtcR6KbX4N4jizRdXcz84CsvZGAy4isacujssGSOq1oydVlgJVOqt2uJcnrt8Aym4QLSY9cVenC54Itrz3D4sBLvrTdi017dgLW6gXCicctKiaVKy6l%2BokGCs5ISN%2FHtp2d85b6anQyLFzciIwDCaD1ShvUmk2Hg9NcdQ%2Be5V03SnMxtDbTqVJixjSHhtgLNIcF0MnWa7jTTyq5G5r3Z7Wu6Q5c1TtnKf95maUwMq6Nm2RQSz6eiu0hsAxe6IIHYIN0t9hXl%2Fb5mnmuJmHYCrV4miIZJR49b04GI9PB6027gdAGyD%2BBFfuZm6ffE%2Br86JR07vNLkpS3gDbtTpPBlZvMBfG%2B5UudeFQRkoM62%2FS3fNYcL7snjxyX9L%2Bq8w8%2FOLxd%2F9w%2BB%2FvoTUDzi1L8E9I4Uv%2FWfIdto3LDNBvs8C%2FZVl8yzLvlgHvKUvSn3lOo%2FjF438RH4w5Xvm548XlDxwv9t5%2F1bkl5OUVll3OxZyAHVdzXBVwSHMlzQEaj1VHBjyjyT38oz%2F%2B%2BP8AAAD%2F%2FwEAAP%2F%2FmMlZ5%2FEMAAA%3D IP173.233.137.44:0
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /ren.gif?sid=H4sIAAAAAAAC%2F3SWTcgrWVrHk7YFcRZi40ZBeJnXOyiYN%2FVdqW6HS1JJKkklla%2FKJxfjqXNOJSepr1Sd%2BkhWgyMyLpTbG0dw895zu6cde3BsQVwJ8rYbuSj260Jvgy1uXOsIs5a890rPQN%2BHqjrPqecsznOe3%2F%2Fw%2FP6z9IsSx1LwcjQIz8TzQFW%2B4a5%2BfUECFObJlWVf8dwN997VggSK9N5VcfnE2bs8J99wv3FlYHgIqwLHcxzP8VdtEmM3LKoPUUaiH2j8jcbdSMINL0usiH96nqRlloAyQ9kXpXcYQfc%2Fu%2FuHTxiBdyzw%2F7KJkwMNo99s%2BakHaBizDH00Cw5BmAfM%2F9J14zJzg49er2Zhcl8q%2FclbLAw%2Bep0BC7MPLhkwh9yXyv%2FKMyf46PU2mZN9%2BGqnjsdwwBz0NZZndwx7d4yAOwbDbzOCPisxBhGzhizwv2eFcQ5Or6LgEr0vvf3j%2F2Ukvy%2B9%2Fe%2B%2FxAL%2FLxoeKa6moZdSEgYJK9xbRoo7RrZ3LEo%2FZfRcZiT%2FlEH6u4ygfypVf9xngf%2FBMPFCRtDLXxNrNQdhDlRkWeEqUg3hiqZoakWAWFUhL6uqIz8cESF3jLh3zMNPGUjKLL28pMxSt8zSqMx89PIKyJrLcarruKJYkyCEogihXFOQjESp5nIshZccnjIaPWXQe8pg%2FC0Wxd9iB%2FL%2BZ%2FI7LE7%2FjiW7W5agMktoiWXoluW4xPKkxHJQYjkpsZyWWJ7dfoi8REhuv4e8JHX416PwehRvn4d0%2Bwx8GNItDkrPoi9Kv3g5u%2FLX%2FvEP2AG%2FvBIUCDhFBrLr1FQeqpIqaoqkAEFxOUUQHJaQW0aStx4yPV8K%2BVvvs4h89gsGc8AdS7w7Bsk7DKS%2FykD%2BXBU4BnbPpRrHzsEPaRjHOKAHQunphmYMhbcsom8zeio%2F874o%2FfJDEcVv%2FIhh%2BOLxX333P4W%2F%2Fu0fMRjfsii%2BZXvy9yW29b7zfBLmpQ8mYZ6UPhlGlPjkDC4FnlJAcenPTXzKwxh1m8nT79fhJXBxf2DjhPZBgEiwTUofNwhCOG6HMcSlv%2B0mC%2ByM0mTXSOMgjfojvd31oxgnCQmDOwbIZ86cQXJf%2BrlPf%2F4B3V9Bf8pI%2FCmL08%2FL%2F7OjNHq3WgUIF3AHgi3eAopvYOhXUViFN9EuepxQ4AP6Tf%2BRqj8SLs9WWO9X%2B7ZCjZnY6GlGh0Mt1BmJxehG4LVHgp7NanS52ekrTtUOkpfCHTAGx%2BFS6vdod9CItzAxiaQWgylKgqw5zfA85xebcXrij3owH5nqIFdMF00zRa7N9HmKdXkxWkJnaY%2FWVoN6871zMFpie9DQ%2Bo3paHqsUDPxsbMmzeO5suBCOPSaXEBpN0qHFA8La20pEsXZfqFwxungWE5X8Csi2TTmuTXt7DfmylzpGU%2BnkmYpXSrK6wMnGbqhOoa0dcS9ZbTIIQqlwUYpWnDckdcuIZJvZfy0cDVdzevekN%2FrGmpvO0EjUcxiDPOoHY8nonPYe1uaT%2Ba0r7ViYdpPjutAPDlDuMzC88Q4eXCIwoU9OBzcmqGMUH0upnx2QgHGmq1a7srk1R2u4aVpGzNx5U7boRPjqD7rzmR%2FDox5YkyiUGlwAWdyYaqnMD91k8HIhtiqN1pa6hvwlOWvisf89MXj%2Fy49GCPhHYPR7%2F3w%2BrrZmuqT7sjuDq3r67%2FRQz8CMb6iO3zl4IRezUfWzc3NJ9fXo%2BHUbtR1czOb9KfX15%2B%2F9W9ff0DoSfXJV0B0%2BVc8qYYRDmLqPKkKT6o5Cd5AFQGxRUwhvFAlV36SKk12Hwl6Hawm%2FWzUTzOUAq4xi0d42FYrFUSDYGHuJQ3CODSl7nI9m082ApV1lDu6ZCoEL8%2FFWBg3RTWUvLW8abvJdDR2VnWtkx7TUczNdmrvALcH14IDbNcpDxFccS5e8EVTURDHqY32Vlw2yU6rTNLTfp8P%2FGFbmRy5jrYRD01BcozMCCN9I2gFXClpe4I8VDln7YWzt%2FaLfjMWdy20AJtxGkwhMTqjgePXe426JXcHBom5lYbqkS8bwsrgkoMzNHr7Yy3rWK0htFxXnse8byhqQRWv0ZvKtNY7hgN%2B4cRYR17rOJBlxYk3eWCPGrHMNdc9D9a2Am1a8yxqUq9YiZXe1vVbSz3dhJKr86N61FS5NcSh2zV7IxOGSSDl7clx0ipszRtwiT2sr9HAGcrATTqO3jhGm%2F1s3Bys93mjf5zRvj%2BZVwY2zoodPcLcGrepNukPbbKwK1To5SORZFarWZ%2BdO8vkIHqHnRaoZrbnjDPviRbCFLQswFmqksVNsxkXEddeeoY7icPxkRt0z5v%2BXjwmS5nIU70%2B3vhzfjHCSbZryXpldai0QlsYx1lxcGeZtZZ6pkbUDTSijM7ba7euWb3ORlT8eRFM8yLvqecu19%2Blq9ZRmPq8uI9wJ6fhbvwKvm8AVGyimED8Te6GUwVF%2FPqfXV939YsaXv7OhfDk3WoVxjGOwofbERfUAUFV5BRNqHECV4UxBpRkOKkKoiwJnCpVZRVISBE4AddEFwhOjeM0xcEIYVmRVRdtVEXibqJg%2B%2F3ra7tr91vX1x9bGKMrcNHbY5ZEL0qvjSVhicXel3MnKrM8%2Ffytf37zBQ5Q8f%2FKqwpv1t14t1K7ZGV%2Fhe5U6DwSdC%2BRJ06rTUlYqLhSdPgTEIEcbne7oiX1wWE%2Btypq3CEoMbu9Rq0rpnQiW53KNInB4XxumVtbHa6VszOPlDlPxU3RmvvWdCGue%2BZprp05OIy8vlZX7KXhNYi5IgY4FAfM921QWRi%2B1PRjO%2B2M40G26A22yGwuBEHcWYtVMj2I9VZKGj19SPKNc8T79eHY0vbWYNGo6Gc9ktf7LvT4w4xGi320jHuhVrF3p%2B6oOe4Ao8KvooY0Q00JzxrHczZ28pndXC6N89Chk3NPMkWyGYFtcR6KbX4N4jizRdXcz84CsvZGAy4isacujssGSOq1oydVlgJVOqt2uJcnrt8Aym4QLSY9cVenC54Itrz3D4sBLvrTdi017dgLW6gXCicctKiaVKy6l%2BokGCs5ISN%2FHtp2d85b6anQyLFzciIwDCaD1ShvUmk2Hg9NcdQ%2Be5V03SnMxtDbTqVJixjSHhtgLNIcF0MnWa7jTTyq5G5r3Z7Wu6Q5c1TtnKf95maUwMq6Nm2RQSz6eiu0hsAxe6IIHYIN0t9hXl%2Fb5mnmuJmHYCrV4miIZJR49b04GI9PB6027gdAGyD%2BBFfuZm6ffE%2Br86JR07vNLkpS3gDbtTpPBlZvMBfG%2B5UudeFQRkoM62%2FS3fNYcL7snjxyX9L%2Bq8w8%2FOLxd%2F9w%2BB%2FvoTUDzi1L8E9I4Uv%2FWfIdto3LDNBvs8C%2FZVl8yzLvlgHvKUvSn3lOo%2FjF438RH4w5Xvm548XlDxwv9t5%2F1bkl5OUVll3OxZyAHVdzXBVwSHMlzQEaj1VHBjyjyT38oz%2F%2B%2BP8AAAD%2F%2FwEAAP%2F%2FmMlZ5%2FEMAAA%3D HTTP/1.1
Host: kidhumiliateessay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Cookie: u_pl=17550729; uid_id2=388bde0a-5560-48de-9697-2ce77c1577b5:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 06 Dec 2022 01:11:07 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c2d722144948ed131f4c646ef4834969
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashd2ac700f4345b8a632a29fa9fd8dceee 4a5924b0a38471ee69b22e6f801641d56062311b ca893ca35eb16dceef8e0754927fb6579daa6b41d30ddf264b8b80b81832f9fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA893CA35EB16DCEEF8E0754927FB6579DAA6B41D30DDF264B8B80B81832F9FE"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16548
Expires: Tue, 06 Dec 2022 05:46:55 GMT
Date: Tue, 06 Dec 2022 01:11:07 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc69a25b07dd690540ccbd3dcd885b7d8 3e457a884cdd89322592e571f7c5411a99eba29f b28b957159b81b77f88525867c2261ddab32ed9a4f3b3fd71e727bd5522d93d7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B28B957159B81B77F88525867C2261DDAB32ED9A4F3B3FD71E727BD5522D93D7"
Last-Modified: Sat, 03 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13994
Expires: Tue, 06 Dec 2022 05:04:21 GMT
Date: Tue, 06 Dec 2022 01:11:07 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashd616b0b14e0c5cda5c98d0b99cccbaf3 657299c8f642a892045dbfe2a6958133e6b57f99 3590d6a37989c47a5d082655909defed76f2f4a467d3f6700134bba4ffb130f7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3590D6A37989C47A5D082655909DEFED76F2F4A467D3F6700134BBA4FFB130F7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6295
Expires: Tue, 06 Dec 2022 02:56:02 GMT
Date: Tue, 06 Dec 2022 01:11:07 GMT
Connection: keep-alive
|
|
| unseenreport.com/pxf.gif?uuid=388bde0a-5560-48de-9697-2ce77c1577b5&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=26ca065a5fb871c74739646a26f0622b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=1 | 173.233.139.164 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=388bde0a-5560-48de-9697-2ce77c1577b5&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=26ca065a5fb871c74739646a26f0622b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=1 IP173.233.139.164:0
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pxf.gif?uuid=388bde0a-5560-48de-9697-2ce77c1577b5&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=26ca065a5fb871c74739646a26f0622b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=1 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 06 Dec 2022 01:11:07 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2002a11e2c4f5cf13ec1ef072415a07d
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg | 45.133.44.10 | 200 OK | 25 kB |
URL HTTP/2cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg IP45.133.44.10:0 ASN#39572 DataWeb Global Group B.V.
File typeJPEG image data, baseline, precision 8, 320x50, components 3\012- data Hashd465d02b90e928dfd9d9846e102a9dac 22f7333777bec813bd9a7b870913a2b79b6d2fe4 e393d4f1c6b5d4973e157f0f10764b92037dc18239500f42b72bed8ecef462fd
GET /cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 01:11:07 GMT
content-type: image/jpeg
content-length: 24714
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 14:06:18 GMT
etag: "62e1465a-608a"
expires: Thu, 08 Dec 2022 01:11:07 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 472 B |
IP172.64.155.188:0
Hashec988f67736b03805da237598094e3f4 15f5140839c2427314963b52903838c34217d7c5 19b54f532635be4114895facaab3ee8d2f8d84a9e6c8339dea41f4f46f36b556
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:11:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 18:36:00 GMT
Expires: Sun, 11 Dec 2022 18:35:59 GMT
Etag: "15f5140839c2427314963b52903838c34217d7c5"
Cache-Control: max-age=494090,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7751255308a20af6-OSL
|
|
| kidhumiliateessay.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Frtb%2Fwindows%2F2%2Findex.html&l=1207&fd=246 | 173.233.137.44 | 200 OK | 0 B |
URL HTTP/1.1kidhumiliateessay.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Frtb%2Fwindows%2F2%2Findex.html&l=1207&fd=246 IP173.233.137.44:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Frtb%2Fwindows%2F2%2Findex.html&l=1207&fd=246 HTTP/1.1
Host: kidhumiliateessay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Cookie: u_pl=17550729; uid_id2=388bde0a-5560-48de-9697-2ce77c1577b5:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 06 Dec 2022 01:11:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash8017f571df5727fe6f3e8c58e931076b e09e55a3c306f2cb715e4ce1e2f0738ddf202c93 6478758dd37e708534996b23f8189e79637690d22edff70d5183a19ec66854db
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6478758DD37E708534996B23F8189E79637690D22EDFF70D5183A19EC66854DB"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=843
Expires: Tue, 06 Dec 2022 01:25:11 GMT
Date: Tue, 06 Dec 2022 01:11:08 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash8017f571df5727fe6f3e8c58e931076b e09e55a3c306f2cb715e4ce1e2f0738ddf202c93 6478758dd37e708534996b23f8189e79637690d22edff70d5183a19ec66854db
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6478758DD37E708534996B23F8189E79637690D22EDFF70D5183A19EC66854DB"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=843
Expires: Tue, 06 Dec 2022 01:25:11 GMT
Date: Tue, 06 Dec 2022 01:11:08 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashc10bc583c46449dc192a809398b4e814 ff0f7ad905d32d7f3d01e4054552d0ad551503a5 defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 01:11:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdn.creative-bars1.com/sb/notifications/rtb/windows/2/img/close.png | 172.64.108.13 | 200 OK | 6.3 kB |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/rtb/windows/2/img/close.png IP172.64.108.13:0
File typePNG image data, 500 x 500, 8-bit gray+alpha, non-interlaced\012- data Hashfa3847143b5b8c7823d091ca8e88289f eb32235cc1d642145643b4a218742564df1db6d9 a78f358b462449955b39bd7957586ab99c75c8ab453975f4789e72d55d921cea
GET /sb/notifications/rtb/windows/2/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 01:11:08 GMT
content-type: image/png
content-length: 6318
last-modified: Mon, 17 May 2021 11:56:20 GMT
etag: "60a259e4-18ae"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1768787
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6txGUijW7jN5c36Ssk3AgBcd2qcP22o0h6z29V3WT57a57lpsUIJcy9lBKgFxZDSMd%2BEwQnqtAEqio5ZXJFsd0%2BMV3MbNwC8BLsT9K23uCHJDBJ6jDBk0qV1UP6%2BkxkcJ%2BYZIXp7FqMO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77512553fae37308-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/rtb/windows/2/img/number.png | 172.64.108.13 | 200 OK | 1.1 kB |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/rtb/windows/2/img/number.png IP172.64.108.13:0
File typePNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced\012- data Hash9e4414e85c588bf7db195e49c02ab2bb 09254e79b255f1b2dfe45adbbe44583a4b433782 0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762
GET /sb/notifications/rtb/windows/2/img/number.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 01:11:08 GMT
content-type: image/png
content-length: 1138
last-modified: Mon, 17 May 2021 11:56:20 GMT
etag: "60a259e4-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1768787
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2Eub3efWZMJ89cnpan8lg7Ebu47VvxW0q526tCtMKJqYHvnO98RdRCElQfr3DBza37Q92o2gRGgwesxVYgh%2ByyCt3BHHlyjW3IbrJFJMSsKU5ltcAB3gEcTWlM%2FXk8HLhhMhGyrn2TS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77512553fae57308-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash8659965418293d547284f88331744569 2fd03e084598798c4712b5d1419e4c1d6de33b63 ea0d1b3b025dd15ee3734c95de80194762d9583081732a608830e74fa0497d42
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5369
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 01:11:08 GMT
Last-Modified: Mon, 05 Dec 2022 23:41:39 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
|
|
| intellipopup.com/eEs.asp?_=BAYAY46WqwFjjpargAGBAsAAIC093vvqePRdyV_IrMeNlTLi03c2kDYEqEyLkR7qU72WwQBIMEYCIQDFYAx6MagfhwhwQL04FDFbWYvlJ7q3FPyDdsdoXy8_LAIhAMAAkx80kbQcECEzQ8xzHUh632TZCvqRwtESPAIUSCAE&v=4&THjQhuvf=4367297&minBid=&MYKnEabU=0:1,0&kJYFXsEn=&XWQbrKSZ=&s=1280,1024,1,1280,1024,0 | 216.21.13.26 | 200 OK | 44 B |
URL HTTP/2intellipopup.com/eEs.asp?_=BAYAY46WqwFjjpargAGBAsAAIC093vvqePRdyV_IrMeNlTLi03c2kDYEqEyLkR7qU72WwQBIMEYCIQDFYAx6MagfhwhwQL04FDFbWYvlJ7q3FPyDdsdoXy8_LAIhAMAAkx80kbQcECEzQ8xzHUh632TZCvqRwtESPAIUSCAE&v=4&THjQhuvf=4367297&minBid=&MYKnEabU=0:1,0&kJYFXsEn=&XWQbrKSZ=&s=1280,1024,1,1280,1024,0 IP216.21.13.26:0
File typeASCII text, with no line terminators Hashd5f0a25e4d3522d56d48ce7bc3e518fb 86794caff58f7fee6e684c2ba7195f970a8d6f4c 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /eEs.asp?_=BAYAY46WqwFjjpargAGBAsAAIC093vvqePRdyV_IrMeNlTLi03c2kDYEqEyLkR7qU72WwQBIMEYCIQDFYAx6MagfhwhwQL04FDFbWYvlJ7q3FPyDdsdoXy8_LAIhAMAAkx80kbQcECEzQ8xzHUh632TZCvqRwtESPAIUSCAE&v=4&THjQhuvf=4367297&minBid=&MYKnEabU=0:1,0&kJYFXsEn=&XWQbrKSZ=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: intellipopup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Tue, 06 Dec 2022 01:11:08 GMT
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash7dfb548d8f8a99d32050803775fad5d6 8b47999a01db7c2217d76a1cec576809a229cf1b 68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 01:11:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 346 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha9ff5fa0b5c4765b050f2381f57f5520 0ce842b0fbaef98e256cc66eff4615df094b9d51 95e33b8d7c38a952cbc353b5e2587cd1154da32d9ba29f010bd4b70a4ff2c487
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "95E33B8D7C38A952CBC353B5E2587CD1154DA32D9BA29F010BD4B70A4FF2C487"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17097
Expires: Tue, 06 Dec 2022 05:56:05 GMT
Date: Tue, 06 Dec 2022 01:11:08 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash8659965418293d547284f88331744569 2fd03e084598798c4712b5d1419e4c1d6de33b63 ea0d1b3b025dd15ee3734c95de80194762d9583081732a608830e74fa0497d42
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5369
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 01:11:08 GMT
Last-Modified: Mon, 05 Dec 2022 23:41:39 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
|
|
| adexchangegate.com/adx/openrtb/2/win.php?stamat=m%7C%2C%2CgiarNiK2oGU3B5-GH0dEdHP3xP.95f%2CAaYRLvPLuvdua0BUrPeOF7--dtnnWKj49ccroK4IXZUVR_2t5CdwbC4K6ieXzxQ2QD37o4lZ5_FfsSPQbYA9HuquPr0Uh7JkcgkfNcMeTAt1cdcY0feW1xD66d007BFg3XDih9-RuyjjwMmOF6Rq0H9_3kD24bGvGopC_29xcY6uFRdld-zvFWbjNjWLDr3hEdWa_QunSciGHPMbmAJBAN5IMGir0Y9dApm5G2YG0skbOGJjq8vHNEOcNff5Vr1mG67xt6lBJS5t8JqoM1WbreCdlEqM556br_wnTPBr50DZJlc8g2tDNVvpDtlxY3-JgfmEXCu_o4fC1PApD70ZceofIKJPKcosn4wFRqRExT9lM0sTOAZdMbO5afsHbCBqp_jUQDMZjwBLqUtLmRV-MTevxhtqcwNQFt9RLOTiWT-t2JwP3ivNEDAUzHXsk3lkh9n7Kvj0Gz1l3NdetaENa0N76vrDKDrxp0FXlGfRroQq0MIz_Lj3qsX5i5SCAQ_mV1WPesvhE5C-Yk-EoT2QrvxkfUvNZ4JK9i7_cGpvtVFZfA9NJH_36mVxnSwxwJ7zI0LhuYEq2Sm13jpeHwtohQ%2C%2C&adx_price=0.07263 | 35.208.56.33 | 204 No Content | 0 B |
URL HTTP/1.1adexchangegate.com/adx/openrtb/2/win.php?stamat=m%7C%2C%2CgiarNiK2oGU3B5-GH0dEdHP3xP.95f%2CAaYRLvPLuvdua0BUrPeOF7--dtnnWKj49ccroK4IXZUVR_2t5CdwbC4K6ieXzxQ2QD37o4lZ5_FfsSPQbYA9HuquPr0Uh7JkcgkfNcMeTAt1cdcY0feW1xD66d007BFg3XDih9-RuyjjwMmOF6Rq0H9_3kD24bGvGopC_29xcY6uFRdld-zvFWbjNjWLDr3hEdWa_QunSciGHPMbmAJBAN5IMGir0Y9dApm5G2YG0skbOGJjq8vHNEOcNff5Vr1mG67xt6lBJS5t8JqoM1WbreCdlEqM556br_wnTPBr50DZJlc8g2tDNVvpDtlxY3-JgfmEXCu_o4fC1PApD70ZceofIKJPKcosn4wFRqRExT9lM0sTOAZdMbO5afsHbCBqp_jUQDMZjwBLqUtLmRV-MTevxhtqcwNQFt9RLOTiWT-t2JwP3ivNEDAUzHXsk3lkh9n7Kvj0Gz1l3NdetaENa0N76vrDKDrxp0FXlGfRroQq0MIz_Lj3qsX5i5SCAQ_mV1WPesvhE5C-Yk-EoT2QrvxkfUvNZ4JK9i7_cGpvtVFZfA9NJH_36mVxnSwxwJ7zI0LhuYEq2Sm13jpeHwtohQ%2C%2C&adx_price=0.07263 IP35.208.56.33:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adx/openrtb/2/win.php?stamat=m%7C%2C%2CgiarNiK2oGU3B5-GH0dEdHP3xP.95f%2CAaYRLvPLuvdua0BUrPeOF7--dtnnWKj49ccroK4IXZUVR_2t5CdwbC4K6ieXzxQ2QD37o4lZ5_FfsSPQbYA9HuquPr0Uh7JkcgkfNcMeTAt1cdcY0feW1xD66d007BFg3XDih9-RuyjjwMmOF6Rq0H9_3kD24bGvGopC_29xcY6uFRdld-zvFWbjNjWLDr3hEdWa_QunSciGHPMbmAJBAN5IMGir0Y9dApm5G2YG0skbOGJjq8vHNEOcNff5Vr1mG67xt6lBJS5t8JqoM1WbreCdlEqM556br_wnTPBr50DZJlc8g2tDNVvpDtlxY3-JgfmEXCu_o4fC1PApD70ZceofIKJPKcosn4wFRqRExT9lM0sTOAZdMbO5afsHbCBqp_jUQDMZjwBLqUtLmRV-MTevxhtqcwNQFt9RLOTiWT-t2JwP3ivNEDAUzHXsk3lkh9n7Kvj0Gz1l3NdetaENa0N76vrDKDrxp0FXlGfRroQq0MIz_Lj3qsX5i5SCAQ_mV1WPesvhE5C-Yk-EoT2QrvxkfUvNZ4JK9i7_cGpvtVFZfA9NJH_36mVxnSwxwJ7zI0LhuYEq2Sm13jpeHwtohQ%2C%2C&adx_price=0.07263 HTTP/1.1
Host: adexchangegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 204 No Content
Server: openresty
Date: Tue, 06 Dec 2022 01:11:08 GMT
Access-Control-Allow-Origin: *
Via: 1.1 google
|
|
| 5lrztnrdqx5z.s4.adsco.re/ |  185.200.116.90 | 200 OK | 0 B |
URL HTTP/1.15lrztnrdqx5z.s4.adsco.re/ IP185.200.116.90:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 5lrztnrdqx5z.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:11:08 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
|
|
| kidhumiliateessay.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fwindows%2F2%2Fcss%2Fstyle.css&l=4073&fd=383 | 173.233.137.44 | 200 OK | 0 B |
URL HTTP/1.1kidhumiliateessay.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fwindows%2F2%2Fcss%2Fstyle.css&l=4073&fd=383 IP173.233.137.44:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fwindows%2F2%2Fcss%2Fstyle.css&l=4073&fd=383 HTTP/1.1
Host: kidhumiliateessay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Cookie: u_pl=17550729; uid_id2=388bde0a-5560-48de-9697-2ce77c1577b5:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 06 Dec 2022 01:11:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash79c225db327a78b782f5a9512b07eaf0 398a1be3a70264d959146d6670d2ca54cdf4e91a 8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 01:11:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 452213
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| kidhumiliateessay.com/impr.gif?sid=H4sIAAAAAAAC%2F3SWTcgrWVrHk7YFcRZi40ZBeJnXOyiYN%2FVdqW6HS1JJKkklla%2FKJxdj1TmnkpPUV06d%2BkhWgyMyLpTbG0dw895zu6cde3BsQVwJ8rYbuSj260Jvgy1uXOsIs5a890rPQN%2BHqjrPqecsznOe3%2F%2Fw%2FP6z9IsSx1Ln5WgQnbHvO1X5hrv69QUOYZQnV5Z9xXM33HtXCxwq0ntXxeVDsnd5Tr7hfuPKQOAQVQWO5zie46%2FamCAvKqoPUYbjH2j8jcbdSMINL0usID89T9IyS5wyg9kXpXcYhvc%2Fu%2FuHTxgGdywM%2FrKJkgON4t9sBanv0IiwDH40Cw9hlIcs%2BNL1SJl54UevV7MouS%2BV%2FuQtFoUfvc6ARdkHlwyYi%2B9L5X%2FlmRt%2B9HqbzM0%2BfLVT12coZC78GsuzO4b8O4adOwaibzMMPysxBiCzhiwMvmdFJHdOr6LOJXpfevvH%2F8twfl96%2B99%2FiYXBXzR8XFxNIz%2BlOAoTVni3DBd3DG%2FvWJx%2Byui5zHD%2BKQP0dxmG%2F1Sq%2FrjPwuCDYeJHDMOXvybWai5EnFORZYWrSDWIKpqiqRUBIFUFvKyqrvxwRBjfMezdMR89ZU5SZunlxWWWemWWxmUWwJdXjqx5HKd6rieKNQkAIIoAyDUFylCUah7HUnDJ4Smj8VMG%2FKcMkG%2BxmHyLHfD7n8nvMJL%2BHUt2tyyBZZbQEsvgLctRieVJieVOieW4xHJaYnl2%2ByH0EyG5%2FR70k9TlX4%2FC61G8fR7R7TPnw4huUVh6Fn9R%2BsXL2ZW%2F9o9%2FwA7o5ZWgAIdTZEf23JrKA1VSRU2RFEdQPE4RBJcl%2BJbh5K2HTM%2BXQv7W%2ByzGn%2F2CwVznjiX%2BHQP4Heakv8qc%2FLkqcMzZPZdqHDuHP6QRISikB0zp6YZmDEa3LKZvM3oqP%2FO%2FKP3yQxHFb%2FyIIfDi8V999z%2BFv%2F7tHzFAbllMbtke%2F32Jbf3vPJ9EeemDSZQnpU%2BGMcUBPjuXAk%2BpQ1Hpz010yiMCu83k6ffr4BK4uD%2BwUUL7TghxuE1KHzcwhIi0IwJQ6W%2B7yQK5ozTZNVISpnF%2FpLe7QUxQkuAovGMO%2FsydM4DvSz%2F36c8%2FoPsr8E8ZJp8ykn5e%2Fp8dpfG71aoDUQF2TrhFW4eiGxAFVRhVwU28ix8n1Akc%2Bs3gkao%2FEi7PVljvV%2Fu2Qo2Z2OhpRoeDLdgZicXoRuC1R4KezWp0udnpK07VDpKfgp1jDI7DpdTv0e6gQbYgMbGkFoMpTMKsOc3QPOcXm3F64o96OB%2BZ6iBXTA9OM0WuzfR5inR5MVoCd2mP1laD%2BvO9ezBaYnvQ0PqN6Wh6rFAzCZC7xs3jubLgIjD0m1xIaTdOhxQNC2ttKRJF2X6hcMbp4FpuVwgqIt405rk17ew35spc6RlPp5JmKV0qyusDJxm6obqGtHXFvWW08CGOpMFGKVpg3JHXHsZSYGX8tPA0Xc3r%2FpDf6xpsbzthI1HMYgzyuE3GE9E97P0tzSdz2tdaRJj2k%2BM6FE%2FuECyz6DwxTj4YwmhhDw4Hr2YoI1ifiymfnWCIkGarlrcyeXWHamhp2sZMXHnTduQSFNdn3ZkczB1jnhiTOFIaXMiZXJTqKchP3WQwsgGy6o2WlgYGOGX5q%2BKxIH3x%2BL9LD8ZwdMdA%2FHs%2FvL5utqb6pDuyu0Pr%2Bvpv9CiIHYKu6A5duSihV%2FORdXNz88n19Wg4tRt13dzMJv3p9fXnb%2F3b1x8QelJ98hUQXf4VT6pRjEJC3SdV4Uk1x%2BEbqMIOsbApRBeq5MpPUqXJ3iNBrzurST8b9dMMpg7XmJERGrbVSgXSMFyYe0kDgESm1F2uZ%2FPJRqCyDnNXl0wFo%2BW5GAvjpqhGkr%2BWN20vmY7G7qquddJjOiLcbKf2DmB78CwwQHad8gCCFeehBV80FQVynNpob8VlE%2B%2B0yiQ97ff5IBi2lcmR62gb8dAUJNfIjCjWN4JWgJWStifQh5Vz1l64e2u%2F6DeJuGvBhbMZp%2BEUYKMzGrhBvdeoW3J3YGDCrTRYjwPZEFYGlxzcodHbH2tZx2oNgeV58pzwgaGoBVX8Rm8q01rvGA34hUuQDv3WcSDLiks2eWiPGkTmmuueD2pbgTateRY3qV%2BsxEpv6wWtpZ5uIsnT%2BVE9bqrcGqDI65q9kQmiJJTy9uQ4aRW25g%2B4xB7W13DgDmXHSzqu3jjGm%2F1s3Bys93mjf5zRfjCZVwY2yoodPYLcGrepNukPbbywK1To5SMRZ1arWZ%2BdO8vkIPqHnRaqZrbnjDPvixZE1GlZDmepSkaaZpMUMdde%2BoY3IdH4yA26501%2FLx6TpYzlqV4fb4I5vxihJNu1ZL2yOlRakS2MSVYcvFlmraWeqWF1A4w4o%2FP22qtrVq%2BzEZVgXoTTvMh76rnL9XfpqnUUpgEv7mPUyWm0G7%2BC7xsOLDYxwQB9k7vhVEERv%2F5n19dd%2FaKGl79zITx5t1oFhKA4ergdUUFdJ6yKnKIJNU7gqoAgh%2BIMJVVBlCWBU6WqrDoSVAROQDXRcwS3xnGa4iIIkazIqgc3qiJxN3G4%2Ff71td21%2B63r648thOCVc9HbY5bEL0qvjSVRiRH%2Fy7kbl1mefv7WP7%2F5Andg8f%2FKqwpv1t14t1K7eGV%2Fhe5U4D4SdD%2BRJ26rTXFUqKhSdPiTIzpytN3tipbUdw7zuVVRSQfDxOz2GrWumNKJbHUq04Q4h%2FO5ZW5tdbhWzu48VuY8FTdFax5Y04W47pmnuXbmwDD2%2B1pdsZeG38DmChvOoTggvm87lYURSM2A2GlnTAbZojfYQrO5EARxZy1WyfQg1lspbvT0Ic437hHt14djS9tbg0Wjop%2F1WF7vu8DnDzMaL%2FbxkvQirWLvTt1Rc9xxjAq%2FihvSDDYlNGscz9nYzWd2c7k0zkOXTs49yRTxZuRsi%2FNQbPNrh5DMFlVzPzsL0NobDbCIxZ66OC4bTlKvHX2pshSo0lm1o7088YKGo%2BwG8WLSE3d1uuCxYMv74LAYoKI%2FbddS0yZ%2B1IK9SDihsEXVpGLV%2FVTH4VjJMR4F88i2u3PeSk%2BFho%2Bdkxs7w3AyWI3yJpVm4%2FHQFEfts19J153CbAz97VSatLAh7ZHhjEWao2LoJss12ZBRJfda6%2Fa03sXNmatq5zztNzejBFTWtWkLD4gY6K3IGjqu2RNF4GJk4P4O8fraNk8z18t8CFKpRuIhlGHi1%2FfiYDw%2BHbTauB862gDyJ7DyNnP7FPhanReNmt5tdmGS8oazXavzZGD1BnNhvF%2FpUhcMZagQUH%2BT7p4Twf2ye%2FLxfUn7rzLz0YvH3%2F3D4X%2B8B9fMcW9Zgn5CCl%2F6z5LvsC0pM4d%2Bm4XBLcvILcv8W%2Bb4T1mS%2FsxzGpMXj%2F9FfDDm%2BuXnrk%2FKH7g%2B8d9%2F1bkl%2BOWVzEuo5tZUAKGLAORVQayJHCdAKKka4jVGk3vwR3%2F88f8BAAD%2F%2FwEAAP%2F%2FjMHXAfEMAAA%3D | 173.233.137.44 | 200 OK | 7 B |
URL HTTP/1.1kidhumiliateessay.com/impr.gif?sid=H4sIAAAAAAAC%2F3SWTcgrWVrHk7YFcRZi40ZBeJnXOyiYN%2FVdqW6HS1JJKkklla%2FKJxdj1TmnkpPUV06d%2BkhWgyMyLpTbG0dw895zu6cde3BsQVwJ8rYbuSj260Jvgy1uXOsIs5a890rPQN%2BHqjrPqecsznOe3%2F%2Fw%2FP6z9IsSx1Ln5WgQnbHvO1X5hrv69QUOYZQnV5Z9xXM33HtXCxwq0ntXxeVDsnd5Tr7hfuPKQOAQVQWO5zie46%2FamCAvKqoPUYbjH2j8jcbdSMINL0usID89T9IyS5wyg9kXpXcYhvc%2Fu%2FuHTxgGdywM%2FrKJkgON4t9sBanv0IiwDH40Cw9hlIcs%2BNL1SJl54UevV7MouS%2BV%2FuQtFoUfvc6ARdkHlwyYi%2B9L5X%2FlmRt%2B9HqbzM0%2BfLVT12coZC78GsuzO4b8O4adOwaibzMMPysxBiCzhiwMvmdFJHdOr6LOJXpfevvH%2F8twfl96%2B99%2FiYXBXzR8XFxNIz%2BlOAoTVni3DBd3DG%2FvWJx%2Byui5zHD%2BKQP0dxmG%2F1Sq%2FrjPwuCDYeJHDMOXvybWai5EnFORZYWrSDWIKpqiqRUBIFUFvKyqrvxwRBjfMezdMR89ZU5SZunlxWWWemWWxmUWwJdXjqx5HKd6rieKNQkAIIoAyDUFylCUah7HUnDJ4Smj8VMG%2FKcMkG%2BxmHyLHfD7n8nvMJL%2BHUt2tyyBZZbQEsvgLctRieVJieVOieW4xHJaYnl2%2ByH0EyG5%2FR70k9TlX4%2FC61G8fR7R7TPnw4huUVh6Fn9R%2BsXL2ZW%2F9o9%2FwA7o5ZWgAIdTZEf23JrKA1VSRU2RFEdQPE4RBJcl%2BJbh5K2HTM%2BXQv7W%2ByzGn%2F2CwVznjiX%2BHQP4Heakv8qc%2FLkqcMzZPZdqHDuHP6QRISikB0zp6YZmDEa3LKZvM3oqP%2FO%2FKP3yQxHFb%2FyIIfDi8V999z%2BFv%2F7tHzFAbllMbtke%2F32Jbf3vPJ9EeemDSZQnpU%2BGMcUBPjuXAk%2BpQ1Hpz010yiMCu83k6ffr4BK4uD%2BwUUL7TghxuE1KHzcwhIi0IwJQ6W%2B7yQK5ozTZNVISpnF%2FpLe7QUxQkuAovGMO%2FsydM4DvSz%2F36c8%2FoPsr8E8ZJp8ykn5e%2Fp8dpfG71aoDUQF2TrhFW4eiGxAFVRhVwU28ix8n1Akc%2Bs3gkao%2FEi7PVljvV%2Fu2Qo2Z2OhpRoeDLdgZicXoRuC1R4KezWp0udnpK07VDpKfgp1jDI7DpdTv0e6gQbYgMbGkFoMpTMKsOc3QPOcXm3F64o96OB%2BZ6iBXTA9OM0WuzfR5inR5MVoCd2mP1laD%2BvO9ezBaYnvQ0PqN6Wh6rFAzCZC7xs3jubLgIjD0m1xIaTdOhxQNC2ttKRJF2X6hcMbp4FpuVwgqIt405rk17ew35spc6RlPp5JmKV0qyusDJxm6obqGtHXFvWW08CGOpMFGKVpg3JHXHsZSYGX8tPA0Xc3r%2FpDf6xpsbzthI1HMYgzyuE3GE9E97P0tzSdz2tdaRJj2k%2BM6FE%2FuECyz6DwxTj4YwmhhDw4Hr2YoI1ifiymfnWCIkGarlrcyeXWHamhp2sZMXHnTduQSFNdn3ZkczB1jnhiTOFIaXMiZXJTqKchP3WQwsgGy6o2WlgYGOGX5q%2BKxIH3x%2BL9LD8ZwdMdA%2FHs%2FvL5utqb6pDuyu0Pr%2Bvpv9CiIHYKu6A5duSihV%2FORdXNz88n19Wg4tRt13dzMJv3p9fXnb%2F3b1x8QelJ98hUQXf4VT6pRjEJC3SdV4Uk1x%2BEbqMIOsbApRBeq5MpPUqXJ3iNBrzurST8b9dMMpg7XmJERGrbVSgXSMFyYe0kDgESm1F2uZ%2FPJRqCyDnNXl0wFo%2BW5GAvjpqhGkr%2BWN20vmY7G7qquddJjOiLcbKf2DmB78CwwQHad8gCCFeehBV80FQVynNpob8VlE%2B%2B0yiQ97ff5IBi2lcmR62gb8dAUJNfIjCjWN4JWgJWStifQh5Vz1l64e2u%2F6DeJuGvBhbMZp%2BEUYKMzGrhBvdeoW3J3YGDCrTRYjwPZEFYGlxzcodHbH2tZx2oNgeV58pzwgaGoBVX8Rm8q01rvGA34hUuQDv3WcSDLiks2eWiPGkTmmuueD2pbgTateRY3qV%2BsxEpv6wWtpZ5uIsnT%2BVE9bqrcGqDI65q9kQmiJJTy9uQ4aRW25g%2B4xB7W13DgDmXHSzqu3jjGm%2F1s3Bys93mjf5zRfjCZVwY2yoodPYLcGrepNukPbbywK1To5SMRZ1arWZ%2BdO8vkIPqHnRaqZrbnjDPvixZE1GlZDmepSkaaZpMUMdde%2BoY3IdH4yA26501%2FLx6TpYzlqV4fb4I5vxihJNu1ZL2yOlRakS2MSVYcvFlmraWeqWF1A4w4o%2FP22qtrVq%2BzEZVgXoTTvMh76rnL9XfpqnUUpgEv7mPUyWm0G7%2BC7xsOLDYxwQB9k7vhVEERv%2F5n19dd%2FaKGl79zITx5t1oFhKA4ergdUUFdJ6yKnKIJNU7gqoAgh%2BIMJVVBlCWBU6WqrDoSVAROQDXRcwS3xnGa4iIIkazIqgc3qiJxN3G4%2Ff71td21%2B63r648thOCVc9HbY5bEL0qvjSVRiRH%2Fy7kbl1mefv7WP7%2F5Andg8f%2FKqwpv1t14t1K7eGV%2Fhe5U4D4SdD%2BRJ26rTXFUqKhSdPiTIzpytN3tipbUdw7zuVVRSQfDxOz2GrWumNKJbHUq04Q4h%2FO5ZW5tdbhWzu48VuY8FTdFax5Y04W47pmnuXbmwDD2%2B1pdsZeG38DmChvOoTggvm87lYURSM2A2GlnTAbZojfYQrO5EARxZy1WyfQg1lspbvT0Ic437hHt14djS9tbg0Wjop%2F1WF7vu8DnDzMaL%2FbxkvQirWLvTt1Rc9xxjAq%2FihvSDDYlNGscz9nYzWd2c7k0zkOXTs49yRTxZuRsi%2FNQbPNrh5DMFlVzPzsL0NobDbCIxZ66OC4bTlKvHX2pshSo0lm1o7088YKGo%2BwG8WLSE3d1uuCxYMv74LAYoKI%2FbddS0yZ%2B1IK9SDihsEXVpGLV%2FVTH4VjJMR4F88i2u3PeSk%2BFho%2Bdkxs7w3AyWI3yJpVm4%2FHQFEfts19J153CbAz97VSatLAh7ZHhjEWao2LoJss12ZBRJfda6%2Fa03sXNmatq5zztNzejBFTWtWkLD4gY6K3IGjqu2RNF4GJk4P4O8fraNk8z18t8CFKpRuIhlGHi1%2FfiYDw%2BHbTauB862gDyJ7DyNnP7FPhanReNmt5tdmGS8oazXavzZGD1BnNhvF%2FpUhcMZagQUH%2BT7p4Twf2ye%2FLxfUn7rzLz0YvH3%2F3D4X%2B8B9fMcW9Zgn5CCl%2F6z5LvsC0pM4d%2Bm4XBLcvILcv8W%2Bb4T1mS%2FsxzGpMXj%2F9FfDDm%2BuXnrk%2FKH7g%2B8d9%2F1bkl%2BOWVzEuo5tZUAKGLAORVQayJHCdAKKka4jVGk3vwR3%2F88f8BAAD%2F%2FwEAAP%2F%2FjMHXAfEMAAA%3D IP173.233.137.44:0
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /impr.gif?sid=H4sIAAAAAAAC%2F3SWTcgrWVrHk7YFcRZi40ZBeJnXOyiYN%2FVdqW6HS1JJKkklla%2FKJxdj1TmnkpPUV06d%2BkhWgyMyLpTbG0dw895zu6cde3BsQVwJ8rYbuSj260Jvgy1uXOsIs5a890rPQN%2BHqjrPqecsznOe3%2F%2Fw%2FP6z9IsSx1Ln5WgQnbHvO1X5hrv69QUOYZQnV5Z9xXM33HtXCxwq0ntXxeVDsnd5Tr7hfuPKQOAQVQWO5zie46%2FamCAvKqoPUYbjH2j8jcbdSMINL0usID89T9IyS5wyg9kXpXcYhvc%2Fu%2FuHTxgGdywM%2FrKJkgON4t9sBanv0IiwDH40Cw9hlIcs%2BNL1SJl54UevV7MouS%2BV%2FuQtFoUfvc6ARdkHlwyYi%2B9L5X%2FlmRt%2B9HqbzM0%2BfLVT12coZC78GsuzO4b8O4adOwaibzMMPysxBiCzhiwMvmdFJHdOr6LOJXpfevvH%2F8twfl96%2B99%2FiYXBXzR8XFxNIz%2BlOAoTVni3DBd3DG%2FvWJx%2Byui5zHD%2BKQP0dxmG%2F1Sq%2FrjPwuCDYeJHDMOXvybWai5EnFORZYWrSDWIKpqiqRUBIFUFvKyqrvxwRBjfMezdMR89ZU5SZunlxWWWemWWxmUWwJdXjqx5HKd6rieKNQkAIIoAyDUFylCUah7HUnDJ4Smj8VMG%2FKcMkG%2BxmHyLHfD7n8nvMJL%2BHUt2tyyBZZbQEsvgLctRieVJieVOieW4xHJaYnl2%2ByH0EyG5%2FR70k9TlX4%2FC61G8fR7R7TPnw4huUVh6Fn9R%2BsXL2ZW%2F9o9%2FwA7o5ZWgAIdTZEf23JrKA1VSRU2RFEdQPE4RBJcl%2BJbh5K2HTM%2BXQv7W%2ByzGn%2F2CwVznjiX%2BHQP4Heakv8qc%2FLkqcMzZPZdqHDuHP6QRISikB0zp6YZmDEa3LKZvM3oqP%2FO%2FKP3yQxHFb%2FyIIfDi8V999z%2BFv%2F7tHzFAbllMbtke%2F32Jbf3vPJ9EeemDSZQnpU%2BGMcUBPjuXAk%2BpQ1Hpz010yiMCu83k6ffr4BK4uD%2BwUUL7TghxuE1KHzcwhIi0IwJQ6W%2B7yQK5ozTZNVISpnF%2FpLe7QUxQkuAovGMO%2FsydM4DvSz%2F36c8%2FoPsr8E8ZJp8ykn5e%2Fp8dpfG71aoDUQF2TrhFW4eiGxAFVRhVwU28ix8n1Akc%2Bs3gkao%2FEi7PVljvV%2Fu2Qo2Z2OhpRoeDLdgZicXoRuC1R4KezWp0udnpK07VDpKfgp1jDI7DpdTv0e6gQbYgMbGkFoMpTMKsOc3QPOcXm3F64o96OB%2BZ6iBXTA9OM0WuzfR5inR5MVoCd2mP1laD%2BvO9ezBaYnvQ0PqN6Wh6rFAzCZC7xs3jubLgIjD0m1xIaTdOhxQNC2ttKRJF2X6hcMbp4FpuVwgqIt405rk17ew35spc6RlPp5JmKV0qyusDJxm6obqGtHXFvWW08CGOpMFGKVpg3JHXHsZSYGX8tPA0Xc3r%2FpDf6xpsbzthI1HMYgzyuE3GE9E97P0tzSdz2tdaRJj2k%2BM6FE%2FuECyz6DwxTj4YwmhhDw4Hr2YoI1ifiymfnWCIkGarlrcyeXWHamhp2sZMXHnTduQSFNdn3ZkczB1jnhiTOFIaXMiZXJTqKchP3WQwsgGy6o2WlgYGOGX5q%2BKxIH3x%2BL9LD8ZwdMdA%2FHs%2FvL5utqb6pDuyu0Pr%2Bvpv9CiIHYKu6A5duSihV%2FORdXNz88n19Wg4tRt13dzMJv3p9fXnb%2F3b1x8QelJ98hUQXf4VT6pRjEJC3SdV4Uk1x%2BEbqMIOsbApRBeq5MpPUqXJ3iNBrzurST8b9dMMpg7XmJERGrbVSgXSMFyYe0kDgESm1F2uZ%2FPJRqCyDnNXl0wFo%2BW5GAvjpqhGkr%2BWN20vmY7G7qquddJjOiLcbKf2DmB78CwwQHad8gCCFeehBV80FQVynNpob8VlE%2B%2B0yiQ97ff5IBi2lcmR62gb8dAUJNfIjCjWN4JWgJWStifQh5Vz1l64e2u%2F6DeJuGvBhbMZp%2BEUYKMzGrhBvdeoW3J3YGDCrTRYjwPZEFYGlxzcodHbH2tZx2oNgeV58pzwgaGoBVX8Rm8q01rvGA34hUuQDv3WcSDLiks2eWiPGkTmmuueD2pbgTateRY3qV%2BsxEpv6wWtpZ5uIsnT%2BVE9bqrcGqDI65q9kQmiJJTy9uQ4aRW25g%2B4xB7W13DgDmXHSzqu3jjGm%2F1s3Bys93mjf5zRfjCZVwY2yoodPYLcGrepNukPbbywK1To5SMRZ1arWZ%2BdO8vkIPqHnRaqZrbnjDPvixZE1GlZDmepSkaaZpMUMdde%2BoY3IdH4yA26501%2FLx6TpYzlqV4fb4I5vxihJNu1ZL2yOlRakS2MSVYcvFlmraWeqWF1A4w4o%2FP22qtrVq%2BzEZVgXoTTvMh76rnL9XfpqnUUpgEv7mPUyWm0G7%2BC7xsOLDYxwQB9k7vhVEERv%2F5n19dd%2FaKGl79zITx5t1oFhKA4ergdUUFdJ6yKnKIJNU7gqoAgh%2BIMJVVBlCWBU6WqrDoSVAROQDXRcwS3xnGa4iIIkazIqgc3qiJxN3G4%2Ff71td21%2B63r648thOCVc9HbY5bEL0qvjSVRiRH%2Fy7kbl1mefv7WP7%2F5Andg8f%2FKqwpv1t14t1K7eGV%2Fhe5U4D4SdD%2BRJ26rTXFUqKhSdPiTIzpytN3tipbUdw7zuVVRSQfDxOz2GrWumNKJbHUq04Q4h%2FO5ZW5tdbhWzu48VuY8FTdFax5Y04W47pmnuXbmwDD2%2B1pdsZeG38DmChvOoTggvm87lYURSM2A2GlnTAbZojfYQrO5EARxZy1WyfQg1lspbvT0Ic437hHt14djS9tbg0Wjop%2F1WF7vu8DnDzMaL%2FbxkvQirWLvTt1Rc9xxjAq%2FihvSDDYlNGscz9nYzWd2c7k0zkOXTs49yRTxZuRsi%2FNQbPNrh5DMFlVzPzsL0NobDbCIxZ66OC4bTlKvHX2pshSo0lm1o7088YKGo%2BwG8WLSE3d1uuCxYMv74LAYoKI%2FbddS0yZ%2B1IK9SDihsEXVpGLV%2FVTH4VjJMR4F88i2u3PeSk%2BFho%2Bdkxs7w3AyWI3yJpVm4%2FHQFEfts19J153CbAz97VSatLAh7ZHhjEWao2LoJss12ZBRJfda6%2Fa03sXNmatq5zztNzejBFTWtWkLD4gY6K3IGjqu2RNF4GJk4P4O8fraNk8z18t8CFKpRuIhlGHi1%2FfiYDw%2BHbTauB862gDyJ7DyNnP7FPhanReNmt5tdmGS8oazXavzZGD1BnNhvF%2FpUhcMZagQUH%2BT7p4Twf2ye%2FLxfUn7rzLz0YvH3%2F3D4X%2B8B9fMcW9Zgn5CCl%2F6z5LvsC0pM4d%2Bm4XBLcvILcv8W%2Bb4T1mS%2FsxzGpMXj%2F9FfDDm%2BuXnrk%2FKH7g%2B8d9%2F1bkl%2BOWVzEuo5tZUAKGLAORVQayJHCdAKKka4jVGk3vwR3%2F88f8BAAD%2F%2FwEAAP%2F%2FjMHXAfEMAAA%3D HTTP/1.1
Host: kidhumiliateessay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Cookie: u_pl=17550729; uid_id2=388bde0a-5560-48de-9697-2ce77c1577b5:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 06 Dec 2022 01:11:08 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 20d7dadc4a87f1aab28362426935f10d
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.barscreative1.com/sb/notifications/rtb/windows/2/index.html | 45.133.44.3 | 200 OK | 2.0 kB |
URL HTTP/2cdn.barscreative1.com/sb/notifications/rtb/windows/2/index.html IP45.133.44.3:0 ASN#39572 DataWeb Global Group B.V.
Hash74af5325ed84bb1c3863d247fa97c729 6b9e5ece516bb2d5f721145e5687dea6828d89f3 1a955642217a674ca2ae191fc009a00f65f28701b06d69fb64488bea2f5337ef
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /sb/notifications/rtb/windows/2/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 01:11:07 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Mon, 17 May 2021 11:56:17 GMT
etag: W/"60a259e1-4b7"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Tue, 06 Dec 2022 02:11:07 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| kidhumiliateessay.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fwindows%2F2%2Fjs%2Fscript.js&l=380&fd=382 | 173.233.137.44 | 200 OK | 0 B |
URL HTTP/1.1kidhumiliateessay.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fwindows%2F2%2Fjs%2Fscript.js&l=380&fd=382 IP173.233.137.44:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fwindows%2F2%2Fjs%2Fscript.js&l=380&fd=382 HTTP/1.1
Host: kidhumiliateessay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Cookie: u_pl=17550729; uid_id2=388bde0a-5560-48de-9697-2ce77c1577b5:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 06 Dec 2022 01:11:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| kidhumiliateessay.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fwindows%2F2%2Fcss%2Fanimate.css&l=79245&fd=392 | 173.233.137.44 | 200 OK | 0 B |
URL HTTP/1.1kidhumiliateessay.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fwindows%2F2%2Fcss%2Fanimate.css&l=79245&fd=392 IP173.233.137.44:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fwindows%2F2%2Fcss%2Fanimate.css&l=79245&fd=392 HTTP/1.1
Host: kidhumiliateessay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Cookie: u_pl=17550729; uid_id2=388bde0a-5560-48de-9697-2ce77c1577b5:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 06 Dec 2022 01:11:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| kidhumiliateessay.com/pixel/sbs?c=1 | 173.233.137.44 | 200 OK | 0 B |
URL HTTP/1.1kidhumiliateessay.com/pixel/sbs?c=1 IP173.233.137.44:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/sbs?c=1 HTTP/1.1
Host: kidhumiliateessay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Cookie: u_pl=17550729; uid_id2=388bde0a-5560-48de-9697-2ce77c1577b5:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 06 Dec 2022 01:11:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| www.torrentkitty.lol/search/search/08_19 |  188.114.96.1 | 200 OK | 0 B |
URL HTTP/2www.torrentkitty.lol/search/search/08_19 IP188.114.96.1:0
GET /search/search/08_19 HTTP/1.1
Host: www.torrentkitty.lol
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 06 Dec 2022 01:11:04 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: max-age=14400, must-revalidate
pragma: no-cache
cf-cache-status: MISS
last-modified: Tue, 06 Dec 2022 01:11:04 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bduVYOaJvFLAF31FJq%2Fe5woUHraRVuXtLC4jkM13WHTCsDl85KaVlIOgIX4ZgpFe10Ja5MiAmFEfzzG%2FyhVETjN0wSQLD0eRmPCXkuiPDn%2BNU%2FMlONVdVugnRvjPSm1o5EGxhNh9wA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775125361a2cb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| secure.statcounter.com/counter/counter.js | 104.20.218.77 | 200 OK | 0 B |
URL HTTP/2secure.statcounter.com/counter/counter.js IP104.20.218.77:0
GET /counter/counter.js HTTP/1.1
Host: secure.statcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 01:11:06 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 01 Dec 2022 18:49:39 GMT
etag: W/"6388f743-aa70"
expires: Tue, 06 Dec 2022 06:33:28 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 23858
server: cloudflare
cf-ray: 775125487998fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.cloudflare.com/cdn-cgi/trace | 104.16.123.96 | 200 OK | 0 B |
URL HTTP/2www.cloudflare.com/cdn-cgi/trace IP104.16.123.96:0
GET /cdn-cgi/trace HTTP/1.1
Host: www.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 01:11:06 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 775125490b180b31-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.intellipopup.com/split.min.js |  185.76.9.25 | 200 OK | 0 B |
URL HTTP/2www.intellipopup.com/split.min.js IP185.76.9.25:0 ASN#60068 Datacamp Limited
GET /split.min.js HTTP/1.1
Host: www.intellipopup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 01:11:06 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.20:443"; ma=2592000; v="44,43,39"
expires: Tue, 13 Dec 2022 01:11:06 GMT
access-control-allow-origin: *
link: <https://intellipopup.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1670893866
server: CDN77-Turbo
x-77-nzt: AblMCRQXO2eh
x-77-nzt-ray: af585630c08403d3aa968e633184481a
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2
|
|
| c.statcounter.com/t.php?sc_project=10571718&u1=C90A353096E24F1E51A8B328AADBF693&java=1&security=6b4a9073&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//www.torrentkitty.lol/search/search/08_19&t=search%20-%20Torrent%20Kitty&invisible=1&sc_rum_e_s=3529&sc_rum_e_e=3536&sc_rum_f_s=0&sc_rum_f_e=3516&get_config=true | 104.20.218.77 | 200 OK | 0 B |
URL HTTP/2c.statcounter.com/t.php?sc_project=10571718&u1=C90A353096E24F1E51A8B328AADBF693&java=1&security=6b4a9073&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//www.torrentkitty.lol/search/search/08_19&t=search%20-%20Torrent%20Kitty&invisible=1&sc_rum_e_s=3529&sc_rum_e_e=3536&sc_rum_f_s=0&sc_rum_f_e=3516&get_config=true IP104.20.218.77:0
GET /t.php?sc_project=10571718&u1=C90A353096E24F1E51A8B328AADBF693&java=1&security=6b4a9073&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//www.torrentkitty.lol/search/search/08_19&t=search%20-%20Torrent%20Kitty&invisible=1&sc_rum_e_s=3529&sc_rum_e_e=3536&sc_rum_f_s=0&sc_rum_f_e=3516&get_config=true HTTP/1.1
Host: c.statcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 01:11:06 GMT
content-type: application/json
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
expires: Mon, 26 Jul 1997 05:00:00 GMT
set-cookie: is_unique=sc10571718.1670289066.0; SameSite=None; Secure; Expires=Sunday, 05-Dec-2027 09:11:06 HKT; Path=/; Domain=.statcounter.com
is_visitor_unique=1670289066161719882; SameSite=None; Secure; Expires=Thursday, 05-Dec-2024 09:11:06 HKT; Path=/; Domain=.statcounter.com
access-control-allow-origin: https://www.torrentkitty.lol
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7751254aba03fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| c.adsco.re/ | 104.17.167.186 | 200 OK | 0 B |
IP104.17.167.186:0
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 01:11:06 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Fri, 06 Jan 2023 01:11:06 GMT
etag: W/"xkCBFtC0Wl/JiS60JFipuQ=="
cf-cache-status: HIT
age: 112580
vary: Accept-Encoding
server: cloudflare
cf-ray: 7751254caacab51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| crrepo.com/extban/306928020/creatives/23542074/57a4d6202e83fa2b80096bedde5657fd_7640.png | 104.21.235.114 | 200 OK | 0 B |
URL HTTP/2crrepo.com/extban/306928020/creatives/23542074/57a4d6202e83fa2b80096bedde5657fd_7640.png IP104.21.235.114:0
GET /extban/306928020/creatives/23542074/57a4d6202e83fa2b80096bedde5657fd_7640.png HTTP/1.1
Host: crrepo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 01:11:08 GMT
content-type: image/png
last-modified: Sat, 12 Nov 2022 09:34:43 GMT
etag: W/"636f68b3-2132"
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: HIT
age: 6099
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D3k15WrxDz7iS8wNQ45dmQsKRXDIoQhaHu3LN0Btx6Tcq9IXakFiC2G3EBUY6mSyefRm88DemUibuvJIWQX58KbD8nbXF0PWeG8Lf1JVel%2FDcdxatqc%2Bv4JkbkMq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775125543bfd23e2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/rtb/windows/2/js/script.js | 172.64.108.13 | 200 OK | 0 B |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/rtb/windows/2/js/script.js IP172.64.108.13:0
GET /sb/notifications/rtb/windows/2/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 01:11:08 GMT
content-type: application/javascript
last-modified: Mon, 17 May 2021 11:56:22 GMT
etag: W/"60a259e6-17c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWqLcQfutYPSDSCldwUlOpHzV095XC6th36HLtqaWCYmaV1TsZ96Kraxwz61gTi773YF0KPVfkDRIMmArrZ9oFhlBzcHw5t4lPAQRPG24lZJGjczL2wZadoNGytvLFqWym4BAKuP9pqe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77512553bfd675b5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| get.geojs.io/v1/ip/geo.js | 104.26.1.100 | 200 OK | 0 B |
URL HTTP/2get.geojs.io/v1/ip/geo.js IP104.26.1.100:0
GET /v1/ip/geo.js HTTP/1.1
Host: get.geojs.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 01:11:05 GMT
content-type: application/javascript; charset=utf-8
x-request-id: 28032d0e7cb05d7e1fe4a20dc5818691-AMS
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-origin: *
access-control-allow-methods: GET
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
x-geojs-location: AMS
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGFYkY3NHGpF04q4aBTaxa7ST2maPsXEPdHwEUIsRhu%2Fzss8MSBsDGQ8f7Q6VJ709VbbHkh0V9gCIaqICPcsNGqmPknaHS1CEqIdVb%2BsAht4zR9HcmDQJA9F9Jq99g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 775125406d461bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/rtb/windows/2/css/animate.css | 172.64.108.13 | 200 OK | 0 B |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/rtb/windows/2/css/animate.css IP172.64.108.13:0
GET /sb/notifications/rtb/windows/2/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 01:11:08 GMT
content-type: text/css
last-modified: Mon, 17 May 2021 12:00:37 GMT
etag: W/"60a25ae5-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQTeShwZmuwO78mX4coDC9nmxb8ijQvXiZYAOMVPrZIOkUkjip3k8EbuXtH9ZmCVU5%2BqK2EyF5uVWNs%2F%2F9fxgKWV4JXCvO255CoVzrrEIRGtWBYCmkShUAo9nL05ZKRo5WCHHj9jpuYX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77512553bfd375b5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|