| r3.o.lencr.org/ |  23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash7c60904d097cde276e4e5632cef1b9f1 4f805026462589345d85e8df2d18eafba6237504 12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3840
Expires: Fri, 25 Nov 2022 05:04:35 GMT
Date: Fri, 25 Nov 2022 04:00:35 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash260e9998c20d831b66f1029c8f47aac9 716d630f647c54dc69a7f9c63a6cac294b3df7f7 c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15778
Expires: Fri, 25 Nov 2022 08:23:33 GMT
Date: Fri, 25 Nov 2022 04:00:35 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashaf40a2fcf8debb90c3608002da6c907a 3c75d6c0b557a3bd8d5db50155b8d896e852c145 555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2554
Cache-Control: max-age=112390
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:00:35 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:13:45 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain |  34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FojPZJYaxcWy7aWW2Zzo2GhLheewgsHHpN55eyIN0iypZ/3RX5oOmseF1tvVmdzHAVf6RHb7zGQ=
x-amz-request-id: J3KJ3ARVZWVE4G1J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 03:43:41 GMT
age: 1014
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashd130218d0e2841f39c99610fe1a2ab90 29fbe1e177ee55c7a61ae0a206afff271cf5f945 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 03:17:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2591
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:00:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| book.dypics.com/search/Mxgs%201088 |  104.21.61.235 | 301 Moved Permanently | 175 B |
URL HTTP/1.1book.dypics.com/search/Mxgs%201088 IP104.21.61.235:0
File typeHTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text Hash2ffb6f2826751779400ada1e4a61d5e4 4c13b74600a82ac49d6f18878dcf241084d9987b c95aecb3518819bc7a005ab44157042b179d6cc757c2c333ff378d191a617b48
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /search/Mxgs%201088 HTTP/1.1
Host: book.dypics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 25 Nov 2022 04:00:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.torrentkitty.lol/search/search/Mxgs 1088
X-Powered-By: ASP.NET
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RFruzYMDna9YfdiK1wgXOhMsh%2BOmYPKk7HPaG6j9TedkSilmxKjYe%2BvUC8vfDjVTOL3OldYiiGoH5vmCNWSKTYex2h4xUjFD7npc2KS10vIB7rXcqq1XYZoQAbeVt9KGds%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f77a6f28bd1c16-OSL
alt-svc: h2=":443"; ma=60
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 03:08:53 GMT
cache-control: public,max-age=3600
age: 3103
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashfb6949e7abaa473393f7c604691de14f 599681bba3947709baa603bbae2dd7afd04059a4 36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4224
Cache-Control: max-age=108997
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:00:36 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:17:13 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 52.38.198.114 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.38.198.114:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /aPmFGKr6PqE4aWYrWmOXg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wmkriLzN3+EtXsIbJBdCY+UeglY=
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash1efaf01eba0de40ed54c1aba850a12f4 2e446a30d880a9efedb19f63a25365781fa06bf3 fb6cddbc05e7706c1ef88587a630f7c549649770b7b05a40b94cfe17a3292f15
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1949
Cache-Control: max-age=132638
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:00:37 GMT
Etag: "637f9966-117"
Expires: Sat, 26 Nov 2022 16:51:15 GMT
Last-Modified: Thu, 24 Nov 2022 16:18:46 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
|
|
| get.geojs.io/v1/ip/geo.js | 172.67.70.233 | 200 OK | 482 B |
URL HTTP/2get.geojs.io/v1/ip/geo.js IP172.67.70.233:0
File typeASCII text, with very long lines (306) Hashe3622fbdb3ca0d7311ad783afe6095a9 01bf137643829ceab64cc5ae57ffb8825b4e0329 1dafe45fe49a5373143d40fdeadf35c959d5a7f795a40f01710fd144ec371e70
GET /v1/ip/geo.js HTTP/1.1
Host: get.geojs.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:00:37 GMT
content-type: application/javascript; charset=utf-8
x-request-id: 0d441561f6f3746b8927792ff0caeaaf-AMS
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-origin: *
access-control-allow-methods: GET
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
x-geojs-location: AMS
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Img2Dpes2EiLfxwMmQ49PnWF8x6PpRn6XNTf76J1eKEcy22GUyJQIfbbycQ1%2FCqnvEx1OdBRUKVDzY0MA937mbjKJO5L5WjPS26A3ez1ZQ5y3A0FhifMtRlAk9bJlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76f77a78ef20b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashaeb86bef699dd6ddc9e42deae1940fe0 8dbbda35b12c2ab74637dbba5f94a07e7c54f43e b7ebc826622ed546ee01cda4a1eb5fe71e0cf29b475b878ff1c08717b0bae3db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7EBC826622ED546EE01CDA4A1EB5FE71E0CF29B475B878FF1C08717B0BAE3DB"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9228
Expires: Fri, 25 Nov 2022 06:34:25 GMT
Date: Fri, 25 Nov 2022 04:00:37 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashec8215d05c4da837cc6b7542f6ecfd59 f9f4ec876bf7fa2c691a62d01ee91f9088f9f91c e6fdc71b975c5df705617997e842bd5b40ae1142e9dbe1b932913b0c36bf7e5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E6FDC71B975C5DF705617997E842BD5B40AE1142E9DBE1B932913B0C36BF7E5A"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19221
Expires: Fri, 25 Nov 2022 09:20:58 GMT
Date: Fri, 25 Nov 2022 04:00:37 GMT
Connection: keep-alive
|
|
| charmshoist.com/90/56/63/90566380a88c4f754ae2676c3e590ba1.js | 192.243.61.227 | 200 OK | 21 kB |
URL HTTP/1.1charmshoist.com/90/56/63/90566380a88c4f754ae2676c3e590ba1.js IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
File typeHTML document, ASCII text, with very long lines (60180), with no line terminators Hash5b211faef7b73c7a38d8c38036507190 2f7b251de52d405b1b83c95fed227b4f1ea572a2 6d36f825a18d2be31bffccb01aebe51904354aeef13c117037d0ca5ccbba4471
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /90/56/63/90566380a88c4f754ae2676c3e590ba1.js HTTP/1.1
Host: charmshoist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 25 Nov 2022 04:00:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0b764ccea8166d240d9a07e2df6cd074
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| charmshoist.com/26/ca/06/26ca065a5fb871c74739646a26f0622b.js | 192.243.61.227 | 200 OK | 13 kB |
URL HTTP/1.1charmshoist.com/26/ca/06/26ca065a5fb871c74739646a26f0622b.js IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with very long lines (37153), with no line terminators Hashf33ffe5c696b5b09c5e844f9c6e3db34 88e23ac810fbcdf46f066f1b08d98367aeabbc91 0628b3b06baf99e7d5200caa9af03b62568049b698a931b22372b841952175e3
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /26/ca/06/26ca065a5fb871c74739646a26f0622b.js HTTP/1.1
Host: charmshoist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 25 Nov 2022 04:00:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9a4296920587dd850a6754b724e0ee23
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash6827d82f488045e02e40d6a2fdbae4b3 4944139a4b08769511ffc6aa913857d88a0db7bc 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3607
Expires: Fri, 25 Nov 2022 05:00:45 GMT
Date: Fri, 25 Nov 2022 04:00:38 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash6827d82f488045e02e40d6a2fdbae4b3 4944139a4b08769511ffc6aa913857d88a0db7bc 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3607
Expires: Fri, 25 Nov 2022 05:00:45 GMT
Date: Fri, 25 Nov 2022 04:00:38 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash6827d82f488045e02e40d6a2fdbae4b3 4944139a4b08769511ffc6aa913857d88a0db7bc 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3607
Expires: Fri, 25 Nov 2022 05:00:45 GMT
Date: Fri, 25 Nov 2022 04:00:38 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash6827d82f488045e02e40d6a2fdbae4b3 4944139a4b08769511ffc6aa913857d88a0db7bc 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3607
Expires: Fri, 25 Nov 2022 05:00:45 GMT
Date: Fri, 25 Nov 2022 04:00:38 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72e29c5-d9d3-43d5-8c71-f66a22a3f112.jpeg | 34.120.237.76 | 200 OK | 6.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72e29c5-d9d3-43d5-8c71-f66a22a3f112.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9bc7c4877bfa24d0c1bbb774cd906af1 75d9a14e98ffba5a71a6f710be721b593338ffdc b0e1d9af095632e6d75bc7606bccfb0c1903f5173696cefb7e36c3d34a98358e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72e29c5-d9d3-43d5-8c71-f66a22a3f112.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6560
x-amzn-requestid: e8956a92-d016-41a2-99b4-631a6db3b8db
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: byQzsFY3IAMF9iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63772e7d-2337148b0a824d134aaab9d7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 07:04:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nqv3cZb0_TFYs1XuLw1pCg4B1HmA87mj4S1Sjh3cgXyWd3GnweAY7w==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 04:26:03 GMT
age: 84875
etag: "75d9a14e98ffba5a71a6f710be721b593338ffdc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68dc3a7e-f975-440d-a07f-305243b24788.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68dc3a7e-f975-440d-a07f-305243b24788.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc71b83b77af9bb19b3845048a3008b43 050da47a42e16a83c1d59419055961fe9f1f4cc0 cb36e84116edbaa02347bc53611a8318ac8284ac71346006cb95688a6a08f662
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68dc3a7e-f975-440d-a07f-305243b24788.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10531
x-amzn-requestid: aa926e70-4b20-40ba-849d-50e96cab8bea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICPAHoqoAMFXHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3f9-28cdb407069866236c99a0c7;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:36:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G4LR5DxkDi5dC9OLvwdK6-e2bbGjJMWLInRD1r_CKYKxFMqOoG1Z0w==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:47 GMT
age: 21891
etag: "050da47a42e16a83c1d59419055961fe9f1f4cc0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg | 34.120.237.76 | 200 OK | 8.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf59a591b222397ff0f01c22a0786e660 6a8504212141af411a18ce58960c8bb52e8116ac 624847cfdfcd770d2dee8a2b85f3c7c480cda58ba2aef1135184f3dffc30d1f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8277
x-amzn-requestid: e84a5668-cd91-42af-b6de-5eb694ea56e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-KFtmIAMF00Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38d-64513fb257d83b9847c82929;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O4PtH20kVWgH-Jf_TivPqMqjnwrZB_8XvZAkDDzLLFPXVjqzkz1YJw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:59:22 GMT
age: 21676
etag: "6a8504212141af411a18ce58960c8bb52e8116ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2302d358-ba65-4bf0-9d74-b5fb532a1d52.jpeg | 34.120.237.76 | 200 OK | 6.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2302d358-ba65-4bf0-9d74-b5fb532a1d52.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash1adbf0cd373a4c06caa71eac14e1286c 236199a790f16dcf96dba80b9945836b37e3c2eb 767fd66cf0751dd80b2453588f9363fac7d9637da3dc9098d25fb65699ca8c5e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2302d358-ba65-4bf0-9d74-b5fb532a1d52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6590
x-amzn-requestid: 5d8b02c4-673a-4c77-8f24-498d9b8a28ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8zGeAIAMF4HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-661ce3991caf87e8558158c3;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4iFMdgZvXpHdbGKY-3exNXsKVn2FuWGQg70mCqzGLSHk_bSTiXSCxA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:01:38 GMT
age: 21540
etag: "236199a790f16dcf96dba80b9945836b37e3c2eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg | 34.120.237.76 | 200 OK | 4.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash841a4b110022a99ddea6f7bf66df0fa1 126771b86638108050cf57c0d12faa27f80f0edb 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:04:28 GMT
age: 82570
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash8784bb7a8b88736a6016f712e3183bf3 b0ddc1555d2506177adcdcea77864d75f1245d07 8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11743
x-amzn-requestid: 9ab0aba7-5cd1-4f6c-8984-dc221e1cbf8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICD-F7joAMFqmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3b2-152ba5f1495a44447356cdab;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oWSNdsrz59sJC2znLnFqa_Zm3T14_d6j-rjzDQe4yV22Dy2Qc4Swaw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:45 GMT
age: 21953
etag: "b0ddc1555d2506177adcdcea77864d75f1245d07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| accentneglectporter.com/80497e49a2c17fe3a1aff4077eee1810/invoke.js | 173.233.137.52 | 200 OK | 13 kB |
URL HTTP/1.1accentneglectporter.com/80497e49a2c17fe3a1aff4077eee1810/invoke.js IP173.233.137.52:0
Hash895393a8de08e2662991afbff2e784cb 3dc9ab3c8dd89f88f53ebf7acc45fa9e6329de6c c002b94887a4d94967ec79f6fe3cbdc27817492700d75c176e2678ee3565a10b
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /80497e49a2c17fe3a1aff4077eee1810/invoke.js HTTP/1.1
Host: accentneglectporter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 25 Nov 2022 04:00:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fff366a4de6c1fb9484c242519cdaa42
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 472 B |
IP104.18.32.68:0
Hash176c5bdeeb799ec212e8b21126aa58d5 02c76719828821643ec84cfe61ecb4499838021c eaa1c4ffce046f2951b93258d2c8c396da596a86c40cb3954ea8ceb4b13aa842
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:00:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 16:30:36 GMT
Expires: Wed, 30 Nov 2022 16:30:35 GMT
Etag: "02c76719828821643ec84cfe61ecb4499838021c"
Cache-Control: max-age=476396,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f77a7ebb7ab4f1-OSL
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.100 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.100:0
Hash5348b4ee74a9c894db836c2b61cc7086 9a65195ea94f2f7326007ad86ca1675010f4c00e d2c786795613bca9a9bee9143dc278307b828a07b40880cfa20e087895aa359a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=121475
Date: Fri, 25 Nov 2022 04:00:38 GMT
Etag: "637f7219-1d7"
Expires: Sat, 26 Nov 2022 13:45:13 GMT
Last-Modified: Thu, 24 Nov 2022 13:31:05 GMT
Server: ECS (dcb/7FA6)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Lvjv_bxmdPUulFssnwP-mRCFfVir722JOmuDmQWPZhhcKJtQ0ga2eQ==
Age: 848
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hash7b98ac1094d321a6bb554e6b826049e6 e70520ebe479d6824e19b7a187046fb607c52cdf 1c57bbf97d397e410f66c52011bf2aa12b253e889f66465be5a20a0d7f3611d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5957
Cache-Control: max-age=111114
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:00:38 GMT
Etag: "637f35ab-118"
Expires: Sat, 26 Nov 2022 10:52:32 GMT
Last-Modified: Thu, 24 Nov 2022 09:13:15 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
|
|
| simplewebanalysis.com/stats |  18.185.190.54 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP18.185.190.54:0
File typeASCII text, with no line terminators Hasha3a601c4533c8d79b526e97a3948b56f 4e9594defe3351691948dc1bf4549e8e788b445d 6ea2a6872fb02e35daa81f67a9af77882d534f98716cb1c5b9869f372f08c759
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:00:38 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.torrentkitty.lol
access-control-allow-credentials: true
set-cookie: uid_id2=aa070032-ce81-4e32-b9af-967444deaa99:1:1; expires=Mon, 22 Nov 2032 04:00:38 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashdaedbf6ef8bc447ac2d08a42d4c4bf9f 2864128c9304bd42925932eda5b14ab62f805081 3d745fbf6d7563deeac08ec38de8db388536ff113a89fd20e8e51d9fd6f200d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3D745FBF6D7563DEEAC08EC38DE8DB388536FF113A89FD20E8E51D9FD6F200D1"
Last-Modified: Tue, 22 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2291
Expires: Fri, 25 Nov 2022 04:38:49 GMT
Date: Fri, 25 Nov 2022 04:00:38 GMT
Connection: keep-alive
|
|
| simplewebanalysis.com/stats | 18.185.190.54 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP18.185.190.54:0
File typeASCII text, with no line terminators Hash054956894615c672713cb784dc7055ad 733fea989a2c510815ba8c3b0bac7feaa8d405ee 1727be2056da768032b4cf24585a7f70ac8d5ff9541c49309964e9e6b8f6f6c6
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:00:38 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.torrentkitty.lol
access-control-allow-credentials: true
set-cookie: uid_id2=05046504-71c3-4801-aca1-7e49a566ba14:1:1; expires=Mon, 22 Nov 2032 04:00:38 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| secure.statcounter.com/counter/counter.js | 104.20.229.67 | 200 OK | 14 kB |
URL HTTP/2secure.statcounter.com/counter/counter.js IP104.20.229.67:0
File typeASCII text, with very long lines (43632), with no line terminators Hash1c0e986b429c69f7d467260b6d2d7539 8b6b033db880baf0cfe0a59f23a5cd7dda233db8 484ec6e9272bd292745c8560bae3164c3c39154a48eafbcfc75833908c46c2d0
GET /counter/counter.js HTTP/1.1
Host: secure.statcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:00:38 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 24 Nov 2022 18:22:34 GMT
etag: W/"637fb66a-aa70"
expires: Fri, 25 Nov 2022 06:32:46 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 34072
server: cloudflare
cf-ray: 76f77a7f0901fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashdaedbf6ef8bc447ac2d08a42d4c4bf9f 2864128c9304bd42925932eda5b14ab62f805081 3d745fbf6d7563deeac08ec38de8db388536ff113a89fd20e8e51d9fd6f200d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3D745FBF6D7563DEEAC08EC38DE8DB388536FF113A89FD20E8E51D9FD6F200D1"
Last-Modified: Tue, 22 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2291
Expires: Fri, 25 Nov 2022 04:38:49 GMT
Date: Fri, 25 Nov 2022 04:00:38 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashe0b0e9f608a10b7c905c4a51b890ab2a 607db8d4c0c88c28738d4428efa82a4750828ef1 7fe69b639eb6808e7551b00f33482471296308afd7fa504da3c14ca6f44f57cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7FE69B639EB6808E7551B00F33482471296308AFD7FA504DA3C14CA6F44F57CF"
Last-Modified: Thu, 24 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13368
Expires: Fri, 25 Nov 2022 07:43:26 GMT
Date: Fri, 25 Nov 2022 04:00:38 GMT
Connection: keep-alive
|
|
| integrityprinciplesthorough.com/pixel/purst?dl=0&th=0&sc=0&rs=2393&rd=2393&fd=897&bv=22.10.v.9&tmpl=70 | 173.233.137.60 | 200 OK | 0 B |
URL HTTP/1.1integrityprinciplesthorough.com/pixel/purst?dl=0&th=0&sc=0&rs=2393&rd=2393&fd=897&bv=22.10.v.9&tmpl=70 IP173.233.137.60:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/purst?dl=0&th=0&sc=0&rs=2393&rd=2393&fd=897&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 25 Nov 2022 04:00:38 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| friendshipmale.com/sfp.js | 172.64.203.23 | 200 OK | 28 kB |
URL HTTP/2friendshipmale.com/sfp.js IP172.64.203.23:0
File typeUnicode text, UTF-8 text, with very long lines (65529), with no line terminators Hash360e186bee99313b986b4a4e00d0f11d 6b6781c4a72549cf7ce33ea821ea51071ba52685 c8d0db8c8bdaf2dd8a07a354786b9c4adfdd03faa27dc7c805b6131106cccc4c
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:00:38 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 265a232df1766a08b13ac932fe69887e
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 25 Nov 2022 04:00:38 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEqJ046KF7T22%2Btgs4hz2e68bTjcS06buouN%2FCVGYst9ABi5l%2FMJ%2FZ75zs2NFmIj1zIrUNE1t2aMcZsF7tRO4MmrKLEa4ha35ZkW6gNRrgGxPeDT2GP9QNmDIhM17fdhEWv6oRI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f77a7fdd0d888b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.cloudflare.com/cdn-cgi/trace | 104.16.123.96 | 200 OK | 737 B |
URL HTTP/2www.cloudflare.com/cdn-cgi/trace IP104.16.123.96:0
Hash132c54dfeb90f00aab6a0947ae9f7c4b 8c84d1f345d190308d5e9dbf93e28e4334f2d760 10e215a4ce022a497baf3d8ccd2de1d3da74f3ff4b71d07ba8d056d4b796a3bd
GET /cdn-cgi/trace HTTP/1.1
Host: www.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:00:38 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 76f77a7f9f07b4eb-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash15442b0808c5d6324d8abbcf530fd024 6345943f61f535f9ce1e95911cc1746df8c289cc 0c52e416df30432ba5857bdbdc0a6fa9bcf0c9c8d829c5e75e865a6d834444bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0C52E416DF30432BA5857BDBDC0A6FA9BCF0C9C8D829C5E75E865A6D834444BB"
Last-Modified: Thu, 24 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9307
Expires: Fri, 25 Nov 2022 06:35:46 GMT
Date: Fri, 25 Nov 2022 04:00:39 GMT
Connection: keep-alive
|
|
| banquetunarmedgrater.com/advertisers.js | 173.233.139.164 | 200 OK | 6 B |
URL HTTP/1.1banquetunarmedgrater.com/advertisers.js IP173.233.139.164:0
Hash7d14c6d06a6075d413d43d381c992eba 49bdfc1145f7c7a7bf870f069b9d23a97966cb30 f48bd14f1f30b485d99a2904d06cbd9fa03ccaa5779105a3d3cf963edb2ac385
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 25 Nov 2022 04:00:39 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dc1dc990652835bc4374e5942466109d
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| whiskerssituationdisturb.com/watch.817583857392.js?key=80497e49a2c17fe3a1aff4077eee1810&kw=%5B%22search%22%2C%22-%22%2C%22torrent%22%2C%22kitty%22%5D&refer=https%3A%2F%2Fwww.torrentkitty.lol%2Fsearch%2Fsearch%2FMxgs%25201088&tz=0&dev=e&res=12.1055&uuid=aa070032-ce81-4e32-b9af-967444deaa99%3A1%3A1 | 192.243.59.20 | 307 Temporary Redirect | 248 B |
URL HTTP/1.1whiskerssituationdisturb.com/watch.817583857392.js?key=80497e49a2c17fe3a1aff4077eee1810&kw=%5B%22search%22%2C%22-%22%2C%22torrent%22%2C%22kitty%22%5D&refer=https%3A%2F%2Fwww.torrentkitty.lol%2Fsearch%2Fsearch%2FMxgs%25201088&tz=0&dev=e&res=12.1055&uuid=aa070032-ce81-4e32-b9af-967444deaa99%3A1%3A1 IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
Hash4ef2bfa2d463aba675303aa1299f702e e066f8d322141fce8dd50728e8dcf00ca5b4d599 88c1228ccb8a7bdb248dfb8ba6b2f79b24ffcc85fd7e69df5257626fe0a8f7eb
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /watch.817583857392.js?key=80497e49a2c17fe3a1aff4077eee1810&kw=%5B%22search%22%2C%22-%22%2C%22torrent%22%2C%22kitty%22%5D&refer=https%3A%2F%2Fwww.torrentkitty.lol%2Fsearch%2Fsearch%2FMxgs%25201088&tz=0&dev=e&res=12.1055&uuid=aa070032-ce81-4e32-b9af-967444deaa99%3A1%3A1 HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Fri, 25 Nov 2022 04:00:39 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.torrentkitty.lol
Access-Control-Allow-Origin: https://www.torrentkitty.lol
Access-Control-Allow-Credentials: true
Location: https://whiskerssituationdisturb.com/watch.817583857392.js?key=80497e49a2c17fe3a1aff4077eee1810&kw=%5B%22search%22%2C%22-%22%2C%22torrent%22%2C%22kitty%22%5D&refer=https%3A%2F%2Fwww.torrentkitty.lol%2Fsearch%2Fsearch%2FMxgs%25201088&tz=0&dev=e&res=12.1055&uuid=aa070032-ce81-4e32-b9af-967444deaa99%3A1%3A1&shu=635a4083413236bb07367025f55de7dda99dd9f63f0e2c68c99a24c0d5cb1bbe37e0c5a9d51c571e460116ef74eb2e957a52345985ea20aab54d7ebdc76f98ca9c8ddd6c47ad97bb48d5846797be195e922abaf0bfdf5daa9cd5bc2c3e67e391&pst=1669348899&rmtc=t
Set-Cookie: u_pl=17298897; expires=Sat, 26 Nov 2022 04:00:39 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI5ODg5NywiayI6IjgwNDk3ZTQ5YTJjMTdmZTNhMWFmZjQwNzdlZWUxODEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo4MTA0MSwicGlkIjozOTExLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE4LCJhaWQiOjMyLCJwdCI6NCwicGsiOiJ0MzhhMGF3a3oiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudG9ycmVudGtpdHR5LmxvbC9zZWFyY2gvc2VhcmNoL014Z3MlMjAxMDg4In19.sjNya_OrwLfprxv9i6A7yYc3NUJqgDpNnnxHQmv4o34; expires=Fri, 25 Nov 2022 04:01:39 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d4e1648e0642867e8aaf9e386b6161b5
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| whiskerssituationdisturb.com/watch.817583857392.js?key=80497e49a2c17fe3a1aff4077eee1810&kw=%5B%22search%22%2C%22-%22%2C%22torrent%22%2C%22kitty%22%5D&refer=https%3A%2F%2Fwww.torrentkitty.lol%2Fsearch%2Fsearch%2FMxgs%25201088&tz=0&dev=e&res=12.1055&uuid=aa070032-ce81-4e32-b9af-967444deaa99%3A1%3A1&shu=635a4083413236bb07367025f55de7dda99dd9f63f0e2c68c99a24c0d5cb1bbe37e0c5a9d51c571e460116ef74eb2e957a52345985ea20aab54d7ebdc76f98ca9c8ddd6c47ad97bb48d5846797be195e922abaf0bfdf5daa9cd5bc2c3e67e391&pst=1669348899&rmtc=t | 192.243.59.20 | 200 OK | 2.1 kB |
URL HTTP/1.1whiskerssituationdisturb.com/watch.817583857392.js?key=80497e49a2c17fe3a1aff4077eee1810&kw=%5B%22search%22%2C%22-%22%2C%22torrent%22%2C%22kitty%22%5D&refer=https%3A%2F%2Fwww.torrentkitty.lol%2Fsearch%2Fsearch%2FMxgs%25201088&tz=0&dev=e&res=12.1055&uuid=aa070032-ce81-4e32-b9af-967444deaa99%3A1%3A1&shu=635a4083413236bb07367025f55de7dda99dd9f63f0e2c68c99a24c0d5cb1bbe37e0c5a9d51c571e460116ef74eb2e957a52345985ea20aab54d7ebdc76f98ca9c8ddd6c47ad97bb48d5846797be195e922abaf0bfdf5daa9cd5bc2c3e67e391&pst=1669348899&rmtc=t IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
File typeHTML document text\012- HTML document, ASCII text, with very long lines (2657) Hasha142e76bd0a49b8f7e21801fdd7c2738 a8011addc9a3e12ade2bab6dadc71ab40a0e2260 2f9918b8e25f4e92552e493abac7f4e08980337e725d3f9194632213a9bb6510
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /watch.817583857392.js?key=80497e49a2c17fe3a1aff4077eee1810&kw=%5B%22search%22%2C%22-%22%2C%22torrent%22%2C%22kitty%22%5D&refer=https%3A%2F%2Fwww.torrentkitty.lol%2Fsearch%2Fsearch%2FMxgs%25201088&tz=0&dev=e&res=12.1055&uuid=aa070032-ce81-4e32-b9af-967444deaa99%3A1%3A1&shu=635a4083413236bb07367025f55de7dda99dd9f63f0e2c68c99a24c0d5cb1bbe37e0c5a9d51c571e460116ef74eb2e957a52345985ea20aab54d7ebdc76f98ca9c8ddd6c47ad97bb48d5846797be195e922abaf0bfdf5daa9cd5bc2c3e67e391&pst=1669348899&rmtc=t HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Referer: https://www.torrentkitty.lol/
Connection: keep-alive
Cookie: u_pl=17298897; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI5ODg5NywiayI6IjgwNDk3ZTQ5YTJjMTdmZTNhMWFmZjQwNzdlZWUxODEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo4MTA0MSwicGlkIjozOTExLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE4LCJhaWQiOjMyLCJwdCI6NCwicGsiOiJ0MzhhMGF3a3oiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudG9ycmVudGtpdHR5LmxvbC9zZWFyY2gvc2VhcmNoL014Z3MlMjAxMDg4In19.sjNya_OrwLfprxv9i6A7yYc3NUJqgDpNnnxHQmv4o34
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 25 Nov 2022 04:00:39 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.torrentkitty.lol
Access-Control-Allow-Origin: https://www.torrentkitty.lol
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=aa070032-ce81-4e32-b9af-967444deaa99:1:1; expires=Fri, 02 Dec 2022 04:00:39 GMT; secure; SameSite=None
iprc04dc8724b252ec52f53f35b8675cf54f=3570421; expires=Fri, 25 Nov 2022 08:00:39 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 26 Nov 2022 04:00:39 GMT; secure; SameSite=None
uncs=1; expires=Sat, 26 Nov 2022 04:00:39 GMT; secure; SameSite=None
pdhtkv32=true; expires=Sat, 26 Nov 2022 04:00:39 GMT; secure; SameSite=None
uncs32=1; expires=Sat, 26 Nov 2022 04:00:39 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e8f0ee84ef8a7b4a2ef645eea8379bc4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| whiskerssituationdisturb.com/sbar.json?key=26ca065a5fb871c74739646a26f0622b&uuid=4d88e22e-3628-4e77-941e-126fb112e7e3%3A3%3A1 | 192.243.59.20 | 200 OK | 4.1 kB |
URL HTTP/1.1whiskerssituationdisturb.com/sbar.json?key=26ca065a5fb871c74739646a26f0622b&uuid=4d88e22e-3628-4e77-941e-126fb112e7e3%3A3%3A1 IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
File typeJSON data\012- , ASCII text, with very long lines (5755), with no line terminators Hash0770ff739427e5cc9f34857d98dd15ae ea5ae2d16f525f132e9c17c9c185b5064ab2d94e 6d48f3c3b37b239dfd20ee33ce9222daff9edc26ae508b9c2937b4c769060b53
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /sbar.json?key=26ca065a5fb871c74739646a26f0622b&uuid=4d88e22e-3628-4e77-941e-126fb112e7e3%3A3%3A1 HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 25 Nov 2022 04:00:39 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.torrentkitty.lol
Access-Control-Allow-Origin: https://www.torrentkitty.lol
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17550729; expires=Sat, 26 Nov 2022 04:00:39 GMT; secure; SameSite=None
uid_id2=4d88e22e-3628-4e77-941e-126fb112e7e3:3:1; expires=Fri, 02 Dec 2022 04:00:39 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 26 Nov 2022 04:00:39 GMT; secure; SameSite=None
uncs=1; expires=Sat, 26 Nov 2022 04:00:39 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 26 Nov 2022 04:00:39 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 26 Nov 2022 04:00:39 GMT; secure; SameSite=None
slec26ca065a5fb871c74739646a26f0622b=[3760951]; expires=Fri, 25 Nov 2022 04:00:44 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 017db18ca5a220e48019c5d67e6ac950
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash4f6c1497d491ebdec0b24caf356dad1f 6efe847d68565760b80862295cb809e7efee7de8 5a7ebb4a3bfc1046cd3c07cef6bd550f3452c3cf4d48d48e6428473f2de44c51
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5A7EBB4A3BFC1046CD3C07CEF6BD550F3452C3CF4D48D48E6428473F2DE44C51"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7926
Expires: Fri, 25 Nov 2022 06:12:45 GMT
Date: Fri, 25 Nov 2022 04:00:39 GMT
Connection: keep-alive
|
|
| whiskerssituationdisturb.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRidTUxDCkREQwG6ggIkfN7d27u9I6CIEBJF5JeSoNQzs7Pn4eZ2VjOzt2dXFpFQkCguoqFcv7NjBSIgfwACrWkiCyQfBXKBWyhBSCkQBTr7JIuvmO%2FH%2B4rvvTefbBaHxEdBD25e0%2BtSKbrSbvqN1%2B%2FKLNGlbVy%2F0wj8pn%2BucVdmnehcYzx%2FzOitwG83%2FTcalwUf6JXQD3w%2F8IPGJWlEqscrRyhk%2FrgXNHt%2BMwqbQTvC2Py%2Ft4UHSz0ko0NyFjKZPbf69Akkr5ENv70o7MDp%2FM33h4WiThuMkp0Ps0GmywzDkzI1HtJsZ7ENbWeEfHEKOttZMIAebc0ZgMkZ8X4NwLKdxZlgo%2B3jS5mCyMCSMyhHNYSqIWkNru9BJvsE4Amu30A2fHhdm5KuHaN0js7I0rO%2FIcsZWfrtJWTDry8oOW7c1qpwUmcW47SCHNeQ%2FRp5sQu37kGWu%2BDuY8jkZ7Ly7Cqy4dYNqzRkcvBalHS7IgzFcqsTdpcjEcfLvSgQy0HYSVkQhCIWrSOJpKwh0xpKTEDtaRTWQyE9FKmHIvcwTA4atN1LfT9OWdpqdSPOeavFebvbSdpJK%2BqmPgo%2B5zCByyfgagJuNpCbDQzkg%2F32WZjiB9jVCjbxYB3BKKlQCoLSEpSUoJQEpSMoR9V2omxoq4eJsgULFjlc5FY11a6%2FSbe164uMbOaH5MW5dt6Znz7FQBw0wg6nfqdN2ynrxgGPo7jV60QdGnZSvxOGDFZWkPYUqPWwPjfy7QfI5f4Ll8FoDatqcHkWtHgFtJzGoQ%2B6Oo26Ptazb5w2RmRuIJ1ba7oREl0hd0twa96mOiQvH5nY4zEE3zv%2FD7s2%2B%2BvRv%2BCmQm4qfCR%2FJOir%2B9NbuiRbt3RpyZMbuZNDuU7nBt921ImlLz8Qa6U2yZWLdvLoXT4H5uXjO8K6qzRLZNa35KsLMkmEuaQNF%2BS7K%2FauYDcLu3qhMFmRX7353qUrw9wIa6XOalC5H38OLmfk%2BWsbR1%2F31c%2BeQpoapqgwLPbIIiD1Lni%2BAZvvnf9jMbOawKiTHZZ7KItqakJ2MlSSQImTnrIKVpxIwMTe938eY5v2PvrGA3X3kA0rjEyFkapA1QS2OD11udk7%2F0vrKMCUN2XKeFtMGfXgWForDxqinfqp8EPB0h5LY%2BonvTTqMdoLRMzaNICzM77xzu%2F%2FAQAA%2F%2F8BAAD%2F%2F1bpzHuSBAAA | 192.243.59.20 | 200 OK | 7 B |
URL HTTP/1.1whiskerssituationdisturb.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRidTUxDCkREQwG6ggIkfN7d27u9I6CIEBJF5JeSoNQzs7Pn4eZ2VjOzt2dXFpFQkCguoqFcv7NjBSIgfwACrWkiCyQfBXKBWyhBSCkQBTr7JIuvmO%2FH%2B4rvvTefbBaHxEdBD25e0%2BtSKbrSbvqN1%2B%2FKLNGlbVy%2F0wj8pn%2BucVdmnehcYzx%2FzOitwG83%2FTcalwUf6JXQD3w%2F8IPGJWlEqscrRyhk%2FrgXNHt%2BMwqbQTvC2Py%2Ft4UHSz0ko0NyFjKZPbf69Akkr5ENv70o7MDp%2FM33h4WiThuMkp0Ps0GmywzDkzI1HtJsZ7ENbWeEfHEKOttZMIAebc0ZgMkZ8X4NwLKdxZlgo%2B3jS5mCyMCSMyhHNYSqIWkNru9BJvsE4Amu30A2fHhdm5KuHaN0js7I0rO%2FIcsZWfrtJWTDry8oOW7c1qpwUmcW47SCHNeQ%2FRp5sQu37kGWu%2BDuY8jkZ7Ly7Cqy4dYNqzRkcvBalHS7IgzFcqsTdpcjEcfLvSgQy0HYSVkQhCIWrSOJpKwh0xpKTEDtaRTWQyE9FKmHIvcwTA4atN1LfT9OWdpqdSPOeavFebvbSdpJK%2BqmPgo%2B5zCByyfgagJuNpCbDQzkg%2F32WZjiB9jVCjbxYB3BKKlQCoLSEpSUoJQEpSMoR9V2omxoq4eJsgULFjlc5FY11a6%2FSbe164uMbOaH5MW5dt6Znz7FQBw0wg6nfqdN2ynrxgGPo7jV60QdGnZSvxOGDFZWkPYUqPWwPjfy7QfI5f4Ll8FoDatqcHkWtHgFtJzGoQ%2B6Oo26Ptazb5w2RmRuIJ1ba7oREl0hd0twa96mOiQvH5nY4zEE3zv%2FD7s2%2B%2BvRv%2BCmQm4qfCR%2FJOir%2B9NbuiRbt3RpyZMbuZNDuU7nBt921ImlLz8Qa6U2yZWLdvLoXT4H5uXjO8K6qzRLZNa35KsLMkmEuaQNF%2BS7K%2FauYDcLu3qhMFmRX7353qUrw9wIa6XOalC5H38OLmfk%2BWsbR1%2F31c%2BeQpoapqgwLPbIIiD1Lni%2BAZvvnf9jMbOawKiTHZZ7KItqakJ2MlSSQImTnrIKVpxIwMTe938eY5v2PvrGA3X3kA0rjEyFkapA1QS2OD11udk7%2F0vrKMCUN2XKeFtMGfXgWForDxqinfqp8EPB0h5LY%2BonvTTqMdoLRMzaNICzM77xzu%2F%2FAQAA%2F%2F8BAAD%2F%2F1bpzHuSBAAA IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRidTUxDCkREQwG6ggIkfN7d27u9I6CIEBJF5JeSoNQzs7Pn4eZ2VjOzt2dXFpFQkCguoqFcv7NjBSIgfwACrWkiCyQfBXKBWyhBSCkQBTr7JIuvmO%2FH%2B4rvvTefbBaHxEdBD25e0%2BtSKbrSbvqN1%2B%2FKLNGlbVy%2F0wj8pn%2BucVdmnehcYzx%2FzOitwG83%2FTcalwUf6JXQD3w%2F8IPGJWlEqscrRyhk%2FrgXNHt%2BMwqbQTvC2Py%2Ft4UHSz0ko0NyFjKZPbf69Akkr5ENv70o7MDp%2FM33h4WiThuMkp0Ps0GmywzDkzI1HtJsZ7ENbWeEfHEKOttZMIAebc0ZgMkZ8X4NwLKdxZlgo%2B3jS5mCyMCSMyhHNYSqIWkNru9BJvsE4Amu30A2fHhdm5KuHaN0js7I0rO%2FIcsZWfrtJWTDry8oOW7c1qpwUmcW47SCHNeQ%2FRp5sQu37kGWu%2BDuY8jkZ7Ly7Cqy4dYNqzRkcvBalHS7IgzFcqsTdpcjEcfLvSgQy0HYSVkQhCIWrSOJpKwh0xpKTEDtaRTWQyE9FKmHIvcwTA4atN1LfT9OWdpqdSPOeavFebvbSdpJK%2BqmPgo%2B5zCByyfgagJuNpCbDQzkg%2F32WZjiB9jVCjbxYB3BKKlQCoLSEpSUoJQEpSMoR9V2omxoq4eJsgULFjlc5FY11a6%2FSbe164uMbOaH5MW5dt6Znz7FQBw0wg6nfqdN2ynrxgGPo7jV60QdGnZSvxOGDFZWkPYUqPWwPjfy7QfI5f4Ll8FoDatqcHkWtHgFtJzGoQ%2B6Oo26Ptazb5w2RmRuIJ1ba7oREl0hd0twa96mOiQvH5nY4zEE3zv%2FD7s2%2B%2BvRv%2BCmQm4qfCR%2FJOir%2B9NbuiRbt3RpyZMbuZNDuU7nBt921ImlLz8Qa6U2yZWLdvLoXT4H5uXjO8K6qzRLZNa35KsLMkmEuaQNF%2BS7K%2FauYDcLu3qhMFmRX7353qUrw9wIa6XOalC5H38OLmfk%2BWsbR1%2F31c%2BeQpoapqgwLPbIIiD1Lni%2BAZvvnf9jMbOawKiTHZZ7KItqakJ2MlSSQImTnrIKVpxIwMTe938eY5v2PvrGA3X3kA0rjEyFkapA1QS2OD11udk7%2F0vrKMCUN2XKeFtMGfXgWForDxqinfqp8EPB0h5LY%2BonvTTqMdoLRMzaNICzM77xzu%2F%2FAQAA%2F%2F8BAAD%2F%2F1bpzHuSBAAA HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Cookie: u_pl=17550729; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI5ODg5NywiayI6IjgwNDk3ZTQ5YTJjMTdmZTNhMWFmZjQwNzdlZWUxODEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo4MTA0MSwicGlkIjozOTExLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE4LCJhaWQiOjMyLCJwdCI6NCwicGsiOiJ0MzhhMGF3a3oiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudG9ycmVudGtpdHR5LmxvbC9zZWFyY2gvc2VhcmNoL014Z3MlMjAxMDg4In19.sjNya_OrwLfprxv9i6A7yYc3NUJqgDpNnnxHQmv4o34; uid_id2=4d88e22e-3628-4e77-941e-126fb112e7e3:3:1; iprc04dc8724b252ec52f53f35b8675cf54f=3570421; pdhtkv=true; uncs=1; pdhtkv32=true; uncs32=1; pdhtkv29=true; uncs29=1; slec26ca065a5fb871c74739646a26f0622b=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 25 Nov 2022 04:00:39 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f72ee83709d45262cc3c937844de85b3
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg | 45.133.44.9 | 200 OK | 25 kB |
URL HTTP/2cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg IP45.133.44.9:0 ASN#39572 DataWeb Global Group B.V.
File typeJPEG image data, baseline, precision 8, 320x50, components 3\012- data Hashd465d02b90e928dfd9d9846e102a9dac 22f7333777bec813bd9a7b870913a2b79b6d2fe4 e393d4f1c6b5d4973e157f0f10764b92037dc18239500f42b72bed8ecef462fd
GET /cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:00:39 GMT
content-type: image/jpeg
content-length: 24714
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 14:06:18 GMT
etag: "62e1465a-608a"
expires: Sun, 27 Nov 2022 04:00:39 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| c.statcounter.com/t.php?sc_project=10571718&u1=54C6CE9F801F4F0D4ADB0729A63E8E89&java=1&security=6b4a9073&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//www.torrentkitty.lol/search/search/Mxgs%25201088&t=search%20-%20Torrent%20Kitty&invisible=1&sc_rum_e_s=2629&sc_rum_e_e=2638&sc_rum_f_s=0&sc_rum_f_e=2619&get_config=true | 104.20.229.67 | 200 OK | 429 B |
URL HTTP/2c.statcounter.com/t.php?sc_project=10571718&u1=54C6CE9F801F4F0D4ADB0729A63E8E89&java=1&security=6b4a9073&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//www.torrentkitty.lol/search/search/Mxgs%25201088&t=search%20-%20Torrent%20Kitty&invisible=1&sc_rum_e_s=2629&sc_rum_e_e=2638&sc_rum_f_s=0&sc_rum_f_e=2619&get_config=true IP104.20.229.67:0
File typeJSON data\012- , ASCII text, with no line terminators Hashbc74e4d9a735294411765016a2b97d5f fa1f9f7207ef2a0f8436608c3da49d70c704d32b bf08fa2d57379f9db6b59ee86c9e2206f35bdfe3a74840515a6eaa1fe83a592a
GET /t.php?sc_project=10571718&u1=54C6CE9F801F4F0D4ADB0729A63E8E89&java=1&security=6b4a9073&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//www.torrentkitty.lol/search/search/Mxgs%25201088&t=search%20-%20Torrent%20Kitty&invisible=1&sc_rum_e_s=2629&sc_rum_e_e=2638&sc_rum_f_s=0&sc_rum_f_e=2619&get_config=true HTTP/1.1
Host: c.statcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:00:38 GMT
content-type: application/json
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
expires: Mon, 26 Jul 1997 05:00:00 GMT
set-cookie: is_unique=sc10571718.1669348838.0; SameSite=None; Secure; Expires=Wednesday, 24-Nov-2027 12:00:38 HKT; Path=/; Domain=.statcounter.com
is_visitor_unique=1669348838296685112; SameSite=None; Secure; Expires=Sunday, 24-Nov-2024 12:00:38 HKT; Path=/; Domain=.statcounter.com
access-control-allow-origin: https://www.torrentkitty.lol
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76f77a813960fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash65f96a268c71dd2240b791911c212326 1c35b60c96efc632a131cb94748ee415a879f3b2 eecc5be54045ae30a37b00d7b96102d40dacc0e1c761a6432425673e04761c3a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EECC5BE54045AE30A37B00D7B96102D40DACC0E1C761A6432425673E04761C3A"
Last-Modified: Wed, 23 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5741
Expires: Fri, 25 Nov 2022 05:36:21 GMT
Date: Fri, 25 Nov 2022 04:00:40 GMT
Connection: keep-alive
|
|
| unseenreport.com/pxf.gif?uuid=4d88e22e-3628-4e77-941e-126fb112e7e3&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=90566380a88c4f754ae2676c3e590ba1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4 | 192.243.59.20 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=4d88e22e-3628-4e77-941e-126fb112e7e3&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=90566380a88c4f754ae2676c3e590ba1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4 IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pxf.gif?uuid=4d88e22e-3628-4e77-941e-126fb112e7e3&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=90566380a88c4f754ae2676c3e590ba1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 25 Nov 2022 04:00:40 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1489b399512b7c374fb97babda2a9fae
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=4d88e22e-3628-4e77-941e-126fb112e7e3&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=26ca065a5fb871c74739646a26f0622b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4 | 192.243.59.20 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=4d88e22e-3628-4e77-941e-126fb112e7e3&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=26ca065a5fb871c74739646a26f0622b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4 IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pxf.gif?uuid=4d88e22e-3628-4e77-941e-126fb112e7e3&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=26ca065a5fb871c74739646a26f0622b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 25 Nov 2022 04:00:40 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 53682d9fc4e63c4e9ca3404051ce68d4
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash666f0822fa3b2bd37642dc6f1f9b95ea b082ce304fa32d1afd9eee2c00c4d751d444f730 ea0fd5b59bc464c03f64e107247d245f8b9e65b5ad6593400952e0f978ba5251
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EA0FD5B59BC464C03F64E107247D245F8B9E65B5AD6593400952E0F978BA5251"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5405
Expires: Fri, 25 Nov 2022 05:30:45 GMT
Date: Fri, 25 Nov 2022 04:00:40 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash666f0822fa3b2bd37642dc6f1f9b95ea b082ce304fa32d1afd9eee2c00c4d751d444f730 ea0fd5b59bc464c03f64e107247d245f8b9e65b5ad6593400952e0f978ba5251
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EA0FD5B59BC464C03F64E107247D245F8B9E65B5AD6593400952E0F978BA5251"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5405
Expires: Fri, 25 Nov 2022 05:30:45 GMT
Date: Fri, 25 Nov 2022 04:00:40 GMT
Connection: keep-alive
|
|
| cdn.yourwebbars.com/sb/notifications/software/multi/browsers/ff/3/index.html | 104.26.7.19 | 200 OK | 499 B |
URL HTTP/2cdn.yourwebbars.com/sb/notifications/software/multi/browsers/ff/3/index.html IP104.26.7.19:0
File typeHTML document text\012- HTML document, ASCII text Hash8c91c3dfa2f35669b8c77ce2f5be55d1 e82f3a9d6390323f6b5cd9dce80902a3b8675c54 64a1f65b99f7e54ddf005a2f6a9dfdb461cbfa7445967d35b3433a5608578fca
GET /sb/notifications/software/multi/browsers/ff/3/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:00:40 GMT
content-type: text/html
last-modified: Thu, 08 Sep 2022 07:49:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9rKk3LbuJQA9bATNJtPEVpTDKItr1DjTce26ozQPKrW12uUpv7OMyCP1ORTQzb5FvgZ4EIAcMzLBJs3GpFwl8NyfKdYTq9MajmGSrbluyVzXkg3XcCPILJ0ri0ydikoplnnAO%2Bg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f77a893e69b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashb44543de9922ec7d97f2e0be1865553e caef856450efd75de0cfae9402903b1f4bd6de4c d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:00:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/img/close.png | 172.64.109.13 | 200 OK | 6.0 kB |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/img/close.png IP172.64.109.13:0
File typePNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data Hashc489ce2c491a22ee37a55e26a92dfd73 2fa588ab09e94dd902e5bd24b48f98ad1949c9d6 1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/notifications/software/multi/browsers/ff/3/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:00:40 GMT
content-type: image/png
content-length: 5982
last-modified: Thu, 08 Sep 2022 07:49:57 GMT
etag: "63199ea5-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 515721
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H925kaB%2Ficl1CensiSewJ%2BqLIYmFFVCUmL3PvN3I8FsND7ig0p1D6fy2Io3yFu18XILjGCqoJKoyz0mhktOz01%2FRe8%2BCkqo3PI8DCTHD4bNTndhlfOo3fu6TGGq8QdS2yu%2FAbv8qukIc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f77a8e0880719c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/img/update-icon.png | 172.64.109.13 | 200 OK | 175 kB |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/img/update-icon.png IP172.64.109.13:0
File typePNG image data, 452 x 453, 8-bit/color RGBA, non-interlaced\012- data Size175 kB (174730 bytes) Hash85bc2f8a287afa33ac84c90178055d00 c98e7ebd06397a77a20607f55fe4ebf1b57ca334 85d20d101efc753f9b0619a33901e1689d1e0c11a46bf6d6d657c1393542cc30
GET /sb/notifications/software/multi/browsers/ff/3/img/update-icon.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:00:40 GMT
content-type: image/png
content-length: 174730
last-modified: Thu, 08 Sep 2022 07:49:58 GMT
etag: "63199ea6-2aa8a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 515721
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTwlK20jdt1ou%2FgkkA%2BpbzGHj7%2Fl%2F7OpCT7mvISma2Ca1zCs8rC5PFdOhN%2BJB21OAXUcluuYWj6LLSFg4Z1fLRrWSameCt3wnAvWqM%2B%2FCdOcLZTYbFmhI6ehNiF0%2FKz%2F4wnZDPqdhF%2BX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f77a8e0882719c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash666f0822fa3b2bd37642dc6f1f9b95ea b082ce304fa32d1afd9eee2c00c4d751d444f730 ea0fd5b59bc464c03f64e107247d245f8b9e65b5ad6593400952e0f978ba5251
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EA0FD5B59BC464C03F64E107247D245F8B9E65B5AD6593400952E0F978BA5251"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5405
Expires: Fri, 25 Nov 2022 05:30:45 GMT
Date: Fri, 25 Nov 2022 04:00:40 GMT
Connection: keep-alive
|
|
| cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/jquery.min.js | 172.64.109.13 | 200 OK | 31 kB |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/jquery.min.js IP172.64.109.13:0
File typeASCII text, with very long lines (32025), with CRLF line terminators Hash31a333c65b409b1de260e768bef2d78e 0c4c8abfe24c00d449474ce686fd0e22aa7d567f e5895e7d894f2a8e953f7f79219f674690b1f1fccae85bf1203a28782a501a23
GET /sb/notifications/software/multi/browsers/ff/3/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:00:40 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:49:59 GMT
etag: W/"63199ea7-149a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 515721
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZN3f4%2B4v%2BKzWwacdFUbl2QJ5kdBZhOunqurT9K%2B3q8fBfoYRMFmbfUbd5duS4bTxTw3mFmfxeq1Wkf%2BeIFBNVS4ZBczll6xNJixeQeytU3cUjyq3P%2FNR%2BXYwzUwHI3blsi2txyqcAUW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f77a8e0886719c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| whiskerssituationdisturb.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fmagic.css&l=45250&fd=337 | 192.243.59.20 | 200 OK | 0 B |
URL HTTP/1.1whiskerssituationdisturb.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fmagic.css&l=45250&fd=337 IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fmagic.css&l=45250&fd=337 HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Cookie: u_pl=17550729; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI5ODg5NywiayI6IjgwNDk3ZTQ5YTJjMTdmZTNhMWFmZjQwNzdlZWUxODEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo4MTA0MSwicGlkIjozOTExLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE4LCJhaWQiOjMyLCJwdCI6NCwicGsiOiJ0MzhhMGF3a3oiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudG9ycmVudGtpdHR5LmxvbC9zZWFyY2gvc2VhcmNoL014Z3MlMjAxMDg4In19.sjNya_OrwLfprxv9i6A7yYc3NUJqgDpNnnxHQmv4o34; uid_id2=4d88e22e-3628-4e77-941e-126fb112e7e3:3:1; iprc04dc8724b252ec52f53f35b8675cf54f=3570421; pdhtkv=true; uncs=1; pdhtkv32=true; uncs32=1; pdhtkv29=true; uncs29=1; slec26ca065a5fb871c74739646a26f0622b=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 25 Nov 2022 04:00:40 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/css/magic.css | 172.64.109.13 | 200 OK | 2.9 kB |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/css/magic.css IP172.64.109.13:0
Hash0effca5fab677a1d7c71fbf26b86d726 bae9b92cc8d69e40575158a120bc091f4e5dab9d 7913960f54312d8ae17bdd007ea41e103152cf2e177fec0569c22b685a6bf82f
GET /sb/notifications/software/multi/browsers/ff/3/css/magic.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:00:40 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 07:49:55 GMT
etag: W/"63199ea3-b0c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x1etqJVHGgxCdLEY7EOIzZ6OfOSz9imsQyC%2FIQ33tldMe5VS%2Fx5HR4oj2sS%2BOMsSSPB5bDUz6zHEVGBbNuoQbSoOmRELD%2FL3fufu3FzxufL0a23mKzj5Ev6eRJzVkt2n8hB0actT0IxQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f77a8dd86f719c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashaee1eaa2ef2d0edbb0bc5703979e6439 8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:00:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hash87de3dd2c7dce12b01a337d1554a222a 30e0bd68bbb78995aa8a0686ac02848fd5a7a699 533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:00:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/css/style.css | 172.64.109.13 | 200 OK | 17 kB |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/css/style.css IP172.64.109.13:0
Hash7ac284dd1ab75915e66e8f2b5752aa5d e01fe4bf4866bc98790fbe2c628c5c0d0de0cb9c 7b2ea540380549487eeda1b697e815f3bb7e3daab39d7094d2cad201fbe29dc5
GET /sb/notifications/software/multi/browsers/ff/3/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:00:40 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 07:49:56 GMT
etag: W/"63199ea4-e97"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z04S%2BtF%2FWjz%2BA22miuwn0vAxBygHwBgs8lYhV9muIE3o7Ba73UzmobgQdnwqoP08cgM9pPwxd1WNd7P4qPSb3EQsHZgV66FnrFTBo6ssyj9R%2BtOSKJ0xq4BuodCJ2RckZcchhy7lvzLS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f77a8dd870719c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.195 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 119212
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| whiskerssituationdisturb.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fjs%2Fscript.js&l=8814&fd=260 | 192.243.59.20 | 200 OK | 0 B |
URL HTTP/1.1whiskerssituationdisturb.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fjs%2Fscript.js&l=8814&fd=260 IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fjs%2Fscript.js&l=8814&fd=260 HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Cookie: u_pl=17550729; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI5ODg5NywiayI6IjgwNDk3ZTQ5YTJjMTdmZTNhMWFmZjQwNzdlZWUxODEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo4MTA0MSwicGlkIjozOTExLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE4LCJhaWQiOjMyLCJwdCI6NCwicGsiOiJ0MzhhMGF3a3oiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudG9ycmVudGtpdHR5LmxvbC9zZWFyY2gvc2VhcmNoL014Z3MlMjAxMDg4In19.sjNya_OrwLfprxv9i6A7yYc3NUJqgDpNnnxHQmv4o34; uid_id2=4d88e22e-3628-4e77-941e-126fb112e7e3:3:1; iprc04dc8724b252ec52f53f35b8675cf54f=3570421; pdhtkv=true; uncs=1; pdhtkv32=true; uncs32=1; pdhtkv29=true; uncs29=1; slec26ca065a5fb871c74739646a26f0622b=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 25 Nov 2022 04:00:41 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| whiskerssituationdisturb.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRidTUxDCkREQwG6ggIkfN5fd3tHQBEhJIrILyVBqWdnZu3h5nZWM7O3Z1cWkVCQKC6ioVy%2Fc2IFIiB%2FAAJtaCILJB8FcoFbKEFIKRAFOvski6%2BY78f7iu%2B9N59slQfER0n3r1%2FRG1IputJp%2B63Xb8uc68q2rt5qBX7bP9O6LfNufKY1nj9m9Fbgd9r%2BG62Lgg30SugHvh%2F4QeuCNCLT45VDFLJ41A%2Fafb8dh%2B2gE2Ns%2Ft%2Fb0oOlHvjogJyG5LPn1p4%2BhmQN8uG354UdOF28%2Bf6wVNRpgxHf%2BTAf5LrKMTwuM%2BMhy3cW29B2RsgXJ6DznQUD6NH2nAFSOSPerwHSfGdxJtLR%2FaNLUwWRI%2BWnUI0aCNVA0gZM34HkewRgHFevIR8%2BuKpNRdePUDpHZ2Tp2d%2BQ1Yws%2FfYS8uHX55Qct25qVTqpc4txVkOOG8jVBkX5BG7Dg6yegLmPIfnPZOXZZeTD7WtWaUi%2B%2F1rMez0RhmI56oa95VgkyXI%2FDsRyEHazNAhCkYjoUCIpG8isgRITUHsSpfVQSg9l5qEsPAz5fot2%2BpnvJ1maRVEvZoxFEWOdXpd3eBT3Mh8lm3OYwBUTMDUBM5sozCYG8t5e5zRM%2BQPsWg3LPVhHMOI1KkFQWYKKElSSoHIE1ai%2Bz5UNbf2AK1umwSKHixzVU%2B1Wt%2Bh97VZFTraKA%2FLiXDvv1E%2BfYiD2W2GXUb%2FboZ0s7SUBS%2BIk6nfjLg27md8NwxRW1pD2BKj1sDE38u17KOTeCxeR0gZWNWDyNGj5Cmg1TUIfdG0a93xs5N84bYzI3UA6t952I3Bdo3BLcOveljogLx%2Ba2GcJBNs9%2B096ZfbXw3%2FBTI3C1PhI%2Fkiwqu5Ob%2BiKbN%2FQlSWPrxVODuUGnRt801Enlr78QKxX2vBL5%2B3k4btsDszLR7eEdZdpzmW%2BaslX5yTnwlzQhgny3SV7W6TXS7t2rjR5WVy%2B%2Ft6FS8PCCGulzhtQuZd8DiZn5Pkrm4df99XPnkKaBqasMSx3ySIg9ROwYhO22D37x2JmNYFRxztp4aEq66kJ0%2BOhkgRKHPc0rWHFsQSp2P3%2BzyNsy97FqvFA3R3kwxojU2OkalA1gS1PTl1hds%2F%2BEh0GUuVNU2W87VQZde9IWiv3W50gFr20lzDOU8F4kIRRL%2FL9kPM46YugD2dnbPOd3%2F8DAAD%2F%2FwEAAP%2F%2FQuFCnZIEAAA%3D | 192.243.59.20 | 200 OK | 7 B |
URL HTTP/1.1whiskerssituationdisturb.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRidTUxDCkREQwG6ggIkfN5fd3tHQBEhJIrILyVBqWdnZu3h5nZWM7O3Z1cWkVCQKC6ioVy%2Fc2IFIiB%2FAAJtaCILJB8FcoFbKEFIKRAFOvski6%2BY78f7iu%2B9N59slQfER0n3r1%2FRG1IputJp%2B63Xb8uc68q2rt5qBX7bP9O6LfNufKY1nj9m9Fbgd9r%2BG62Lgg30SugHvh%2F4QeuCNCLT45VDFLJ41A%2Fafb8dh%2B2gE2Ns%2Ft%2Fb0oOlHvjogJyG5LPn1p4%2BhmQN8uG354UdOF28%2Bf6wVNRpgxHf%2BTAf5LrKMTwuM%2BMhy3cW29B2RsgXJ6DznQUD6NH2nAFSOSPerwHSfGdxJtLR%2FaNLUwWRI%2BWnUI0aCNVA0gZM34HkewRgHFevIR8%2BuKpNRdePUDpHZ2Tp2d%2BQ1Yws%2FfYS8uHX55Qct25qVTqpc4txVkOOG8jVBkX5BG7Dg6yegLmPIfnPZOXZZeTD7WtWaUi%2B%2F1rMez0RhmI56oa95VgkyXI%2FDsRyEHazNAhCkYjoUCIpG8isgRITUHsSpfVQSg9l5qEsPAz5fot2%2BpnvJ1maRVEvZoxFEWOdXpd3eBT3Mh8lm3OYwBUTMDUBM5sozCYG8t5e5zRM%2BQPsWg3LPVhHMOI1KkFQWYKKElSSoHIE1ai%2Bz5UNbf2AK1umwSKHixzVU%2B1Wt%2Bh97VZFTraKA%2FLiXDvv1E%2BfYiD2W2GXUb%2FboZ0s7SUBS%2BIk6nfjLg27md8NwxRW1pD2BKj1sDE38u17KOTeCxeR0gZWNWDyNGj5Cmg1TUIfdG0a93xs5N84bYzI3UA6t952I3Bdo3BLcOveljogLx%2Ba2GcJBNs9%2B096ZfbXw3%2FBTI3C1PhI%2Fkiwqu5Ob%2BiKbN%2FQlSWPrxVODuUGnRt801Enlr78QKxX2vBL5%2B3k4btsDszLR7eEdZdpzmW%2BaslX5yTnwlzQhgny3SV7W6TXS7t2rjR5WVy%2B%2Ft6FS8PCCGulzhtQuZd8DiZn5Pkrm4df99XPnkKaBqasMSx3ySIg9ROwYhO22D37x2JmNYFRxztp4aEq66kJ0%2BOhkgRKHPc0rWHFsQSp2P3%2BzyNsy97FqvFA3R3kwxojU2OkalA1gS1PTl1hds%2F%2BEh0GUuVNU2W87VQZde9IWiv3W50gFr20lzDOU8F4kIRRL%2FL9kPM46YugD2dnbPOd3%2F8DAAD%2F%2FwEAAP%2F%2FQuFCnZIEAAA%3D IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRidTUxDCkREQwG6ggIkfN5fd3tHQBEhJIrILyVBqWdnZu3h5nZWM7O3Z1cWkVCQKC6ioVy%2Fc2IFIiB%2FAAJtaCILJB8FcoFbKEFIKRAFOvski6%2BY78f7iu%2B9N59slQfER0n3r1%2FRG1IputJp%2B63Xb8uc68q2rt5qBX7bP9O6LfNufKY1nj9m9Fbgd9r%2BG62Lgg30SugHvh%2F4QeuCNCLT45VDFLJ41A%2Fafb8dh%2B2gE2Ns%2Ft%2Fb0oOlHvjogJyG5LPn1p4%2BhmQN8uG354UdOF28%2Bf6wVNRpgxHf%2BTAf5LrKMTwuM%2BMhy3cW29B2RsgXJ6DznQUD6NH2nAFSOSPerwHSfGdxJtLR%2FaNLUwWRI%2BWnUI0aCNVA0gZM34HkewRgHFevIR8%2BuKpNRdePUDpHZ2Tp2d%2BQ1Yws%2FfYS8uHX55Qct25qVTqpc4txVkOOG8jVBkX5BG7Dg6yegLmPIfnPZOXZZeTD7WtWaUi%2B%2F1rMez0RhmI56oa95VgkyXI%2FDsRyEHazNAhCkYjoUCIpG8isgRITUHsSpfVQSg9l5qEsPAz5fot2%2BpnvJ1maRVEvZoxFEWOdXpd3eBT3Mh8lm3OYwBUTMDUBM5sozCYG8t5e5zRM%2BQPsWg3LPVhHMOI1KkFQWYKKElSSoHIE1ai%2Bz5UNbf2AK1umwSKHixzVU%2B1Wt%2Bh97VZFTraKA%2FLiXDvv1E%2BfYiD2W2GXUb%2FboZ0s7SUBS%2BIk6nfjLg27md8NwxRW1pD2BKj1sDE38u17KOTeCxeR0gZWNWDyNGj5Cmg1TUIfdG0a93xs5N84bYzI3UA6t952I3Bdo3BLcOveljogLx%2Ba2GcJBNs9%2B096ZfbXw3%2FBTI3C1PhI%2Fkiwqu5Ob%2BiKbN%2FQlSWPrxVODuUGnRt801Enlr78QKxX2vBL5%2B3k4btsDszLR7eEdZdpzmW%2BaslX5yTnwlzQhgny3SV7W6TXS7t2rjR5WVy%2B%2Ft6FS8PCCGulzhtQuZd8DiZn5Pkrm4df99XPnkKaBqasMSx3ySIg9ROwYhO22D37x2JmNYFRxztp4aEq66kJ0%2BOhkgRKHPc0rWHFsQSp2P3%2BzyNsy97FqvFA3R3kwxojU2OkalA1gS1PTl1hds%2F%2BEh0GUuVNU2W87VQZde9IWiv3W50gFr20lzDOU8F4kIRRL%2FL9kPM46YugD2dnbPOd3%2F8DAAD%2F%2FwEAAP%2F%2FQuFCnZIEAAA%3D HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Cookie: u_pl=17550729; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI5ODg5NywiayI6IjgwNDk3ZTQ5YTJjMTdmZTNhMWFmZjQwNzdlZWUxODEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo4MTA0MSwicGlkIjozOTExLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE4LCJhaWQiOjMyLCJwdCI6NCwicGsiOiJ0MzhhMGF3a3oiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudG9ycmVudGtpdHR5LmxvbC9zZWFyY2gvc2VhcmNoL014Z3MlMjAxMDg4In19.sjNya_OrwLfprxv9i6A7yYc3NUJqgDpNnnxHQmv4o34; uid_id2=4d88e22e-3628-4e77-941e-126fb112e7e3:3:1; iprc04dc8724b252ec52f53f35b8675cf54f=3570421; pdhtkv=true; uncs=1; pdhtkv32=true; uncs32=1; pdhtkv29=true; uncs29=1; slec26ca065a5fb871c74739646a26f0622b=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 25 Nov 2022 04:00:41 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 458ae816b07f09a7337c90f0dd7e37a9
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashaee1eaa2ef2d0edbb0bc5703979e6439 8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:00:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| whiskerssituationdisturb.com/pixel/sbs?c=1 | 192.243.59.20 | 200 OK | 0 B |
URL HTTP/1.1whiskerssituationdisturb.com/pixel/sbs?c=1 IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/sbs?c=1 HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Cookie: u_pl=17550729; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI5ODg5NywiayI6IjgwNDk3ZTQ5YTJjMTdmZTNhMWFmZjQwNzdlZWUxODEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo4MTA0MSwicGlkIjozOTExLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE4LCJhaWQiOjMyLCJwdCI6NCwicGsiOiJ0MzhhMGF3a3oiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudG9ycmVudGtpdHR5LmxvbC9zZWFyY2gvc2VhcmNoL014Z3MlMjAxMDg4In19.sjNya_OrwLfprxv9i6A7yYc3NUJqgDpNnnxHQmv4o34; uid_id2=4d88e22e-3628-4e77-941e-126fb112e7e3:3:1; iprc04dc8724b252ec52f53f35b8675cf54f=3570421; pdhtkv=true; uncs=1; pdhtkv32=true; uncs32=1; pdhtkv29=true; uncs29=1; slec26ca065a5fb871c74739646a26f0622b=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 25 Nov 2022 04:00:41 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| www.torrentkitty.lol/search/search/Mxgs%201088 | 172.67.217.107 | 200 OK | 0 B |
URL HTTP/2www.torrentkitty.lol/search/search/Mxgs%201088 IP172.67.217.107:0
GET /search/search/Mxgs%201088 HTTP/1.1
Host: www.torrentkitty.lol
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:00:37 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: max-age=14400, must-revalidate
pragma: no-cache
cf-cache-status: MISS
last-modified: Fri, 25 Nov 2022 04:00:37 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DliMohQ6jDNq%2BD088h7rx66sCU5ag3bq6BusNlo8OKE6cB1FzVf5vzdOe0%2BtMljJS0iiI%2F5zkp0LqvK6hp9LJOmReIydYTN3Zvt3ZAqSHm2HvSRLxtq3LVnZZpgzdKZ2pE8O8bhHKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f77a719b4e0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/script.js | 172.64.109.13 | 200 OK | 0 B |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/script.js IP172.64.109.13:0
GET /sb/notifications/software/multi/browsers/ff/3/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.torrentkitty.lol
Connection: keep-alive
Referer: https://www.torrentkitty.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:00:40 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:49:59 GMT
etag: W/"63199ea7-2ae2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FOZxf9OIUZABzKsd1PZmtWELJU5qInjCpWYp29ZCpZyA00uZx0OjinilxDbubsErqxQGUfaxc%2ByzUF9wmsf1%2BtIl0rctuzzU8dQP3zvnNYNVnmkqnBvHIyVXvj%2BwADOSmHd6OG4Cxlm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f77a8ec8e0719c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.10:0
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 04:00:40 GMT
date: Fri, 25 Nov 2022 04:00:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
104.21.61.235