| r11.o.lencr.org/ |  23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashcc687a19f2854a47020b22f4aa1806ef 9d4058393445f64f6dda190557bf37686e19e7a0 df2db18fa10eeb1d535253183d68a561c6b52b77b539df6a0a36aec736a9da9c
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "DF2DB18FA10EEB1D535253183D68A561C6B52B77B539DF6A0A36AEC736A9DA9C"
Last-Modified: Fri, 23 Aug 2024 14:37:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10034
Expires: Sat, 24 Aug 2024 02:09:20 GMT
Date: Fri, 23 Aug 2024 23:22:06 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash5a54df7ab1a35ec424b9be7e9c3c9a4b e7cea7d874319740ce20d0b7c37e99b5e21461ff 38f07545bd30ef0b4adec907deb75c1cb2365d645a54b545486599117707e28b
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "38F07545BD30EF0B4ADEC907DEB75C1CB2365D645A54B545486599117707E28B"
Last-Modified: Fri, 23 Aug 2024 14:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10309
Expires: Sat, 24 Aug 2024 02:13:55 GMT
Date: Fri, 23 Aug 2024 23:22:06 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash44d2fa336203fefa7fcc2e369e453d16 71a006973afdbe2deb2374768a328cf9307fd4d1 cb3bf00db937121aa64ed4b8047093cd89cb7376a3c66cf46ecb6974ca047d4c
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "CB3BF00DB937121AA64ED4B8047093CD89CB7376A3C66CF46ECB6974CA047D4C"
Last-Modified: Fri, 23 Aug 2024 14:33:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7717
Expires: Sat, 24 Aug 2024 01:30:43 GMT
Date: Fri, 23 Aug 2024 23:22:06 GMT
Connection: keep-alive
|
|
| r11.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashd21875813a4615132f2e197bb897ae27 b6b5a044f9c44a3ae031ab297b41868fa3dd567b 747b2971dd7ec0cd3ff2a29f0353a092babfe1666532d6aed0f34971159bbf2c
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "747B2971DD7EC0CD3FF2A29F0353A092BABFE1666532D6AED0F34971159BBF2C"
Last-Modified: Fri, 23 Aug 2024 14:47:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17515
Expires: Sat, 24 Aug 2024 04:14:02 GMT
Date: Fri, 23 Aug 2024 23:22:07 GMT
Connection: keep-alive
|
|
| gn.metallcorrupt.com/rKWFmMF5MuJh/kwgQE |  23.109.170.127 | 200 OK | 20 B |
URL GET HTTP/1.1gn.metallcorrupt.com/rKWFmMF5MuJh/kwgQE IP23.109.170.127:443
Requested byhttps://kickasstorrents.to/usearch/microsoft%20office%202022/ CertificateIssuerLet's Encrypt Subjectgn.metallcorrupt.com Fingerprint6A:E4:43:6A:34:A5:46:3D:40:9C:C1:D6:7E:AB:EB:EC:3B:7A:5E:1E ValidityWed, 14 Aug 2024 23:53:15 GMT - Tue, 12 Nov 2024 23:53:14 GMT
File typegzip compressed data, from Unix Hash7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /rKWFmMF5MuJh/kwgQE HTTP/1.1
Host: gn.metallcorrupt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kickasstorrents.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Aug 2024 23:22:07 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://kickasstorrents.to
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sat, 24-Aug-2024 23:22:07 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sat, 24-Aug-2024 23:22:07 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| kickasstorrents.to/static/images/logo.png |  104.21.12.249 | 200 OK | 26 kB |
URL GET HTTP/3kickasstorrents.to/static/images/logo.png IP104.21.12.249:443
Requested byhttps://kickasstorrents.to/usearch/microsoft%20office%202022/ CertificateIssuerGoogle Trust Services Subjectkickasstorrents.to Fingerprint66:8B:5B:ED:AC:F7:84:00:24:0D:7F:EE:97:E1:02:FD:21:4A:2D:77 ValidityFri, 09 Aug 2024 19:48:34 GMT - Thu, 07 Nov 2024 19:48:33 GMT
File typePNG image data, 231 x 40, 8-bit/color RGBA, non-interlaced Hashd98d4c22d0fff5cc438146ae15721f1e 6a5715d42abbde1467a505f8e0fbfe0b010383ba 29f9b90d5fe7daf36afcc5449615a61ce4e366e97a4e5e01ef1b6bec3e096251
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /static/images/logo.png HTTP/1.1
Host: kickasstorrents.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kickasstorrents.to/usearch/microsoft%20office%202022/
Cookie: state=1724455327180
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 23 Aug 2024 23:22:07 GMT
content-type: image/png
content-length: 25684
last-modified: Fri, 23 Nov 2018 06:44:02 GMT
etag: "5bf7a1b2-6454"
expires: Wed, 11 Sep 2024 07:39:15 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1006972
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zm5ShBTZ%2F%2BiB54hlOj3C601MB%2FowUNioLM5PyEzqd3VkpmOcJ38EY7dRu%2BDyWWDlHrufbQMXslaeNkAL7uLR%2F7lMhfi1%2FXRyhQ8lwkItkO8eu3B8iHTHB7djgLAKvtsWJ32ennE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7ed7c309aeb524-OSL
alt-svc: h3=":443"; ma=86400
|
|
| kickasstorrents.to/static/images/dataTableBorderVert.gif | 104.21.12.249 | 200 OK | 35 B |
URL GET HTTP/3kickasstorrents.to/static/images/dataTableBorderVert.gif IP104.21.12.249:443
Requested byhttps://kickasstorrents.to/usearch/microsoft%20office%202022/ CertificateIssuerGoogle Trust Services Subjectkickasstorrents.to Fingerprint66:8B:5B:ED:AC:F7:84:00:24:0D:7F:EE:97:E1:02:FD:21:4A:2D:77 ValidityFri, 09 Aug 2024 19:48:34 GMT - Thu, 07 Nov 2024 19:48:33 GMT
File typeGIF image data, version 89a, 1 x 6 Hashbec91b76ea85133c4ba417c0db91117a a7af8575ab88f0ba888ab1e2c6fe7405bf37c9e6 2ccea2836e68bb301f00edfdbaade7719f275c15b06c2bb4cb45992052c42e14
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /static/images/dataTableBorderVert.gif HTTP/1.1
Host: kickasstorrents.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kickasstorrents.to/static/all.css
Cookie: state=1724455327180
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 23 Aug 2024 23:22:07 GMT
content-type: image/gif
content-length: 35
last-modified: Fri, 23 Nov 2018 06:44:02 GMT
etag: "5bf7a1b2-23"
expires: Wed, 11 Sep 2024 07:35:31 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1007196
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=juciie77M%2FUN4eiOheg0tDbWLlOjVQJh5mipc356k7xv9cB6zKq29aJ9tX3ZV8XbZ1EggLGBGVVpdhwiWvGBPepaxwJSD3KSEKZ3uux1FIEjxzVfretE%2F1%2F57%2BljoFvCps%2BUjqQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7ed7c319ebb524-OSL
alt-svc: h3=":443"; ma=86400
|
|
| kickasstorrents.to/static/kar/images/indicator.gif | 104.21.12.249 | 200 OK | 721 B |
URL GET HTTP/3kickasstorrents.to/static/kar/images/indicator.gif IP104.21.12.249:443
Requested byhttps://kickasstorrents.to/usearch/microsoft%20office%202022/ CertificateIssuerGoogle Trust Services Subjectkickasstorrents.to Fingerprint66:8B:5B:ED:AC:F7:84:00:24:0D:7F:EE:97:E1:02:FD:21:4A:2D:77 ValidityFri, 09 Aug 2024 19:48:34 GMT - Thu, 07 Nov 2024 19:48:33 GMT
File typeGIF image data, version 89a, 16 x 16 Hash77b1780fa6b1d29d985523dc2cae72df a52404b6307567beb5ced0dedaa0e8856dd84a60 5165b05b5f9bf55f906f9b194dcdbb1b4c55f4b9169c0418f1bfd8de5d62ec3f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /static/kar/images/indicator.gif HTTP/1.1
Host: kickasstorrents.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kickasstorrents.to/usearch/microsoft%20office%202022/
Cookie: state=1724455327180
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 23 Aug 2024 23:22:07 GMT
content-type: image/gif
content-length: 721
last-modified: Fri, 23 Nov 2018 06:44:02 GMT
etag: "5bf7a1b2-2d1"
expires: Wed, 11 Sep 2024 11:04:26 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 994661
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=54%2FRsFo4nK15Jjw02MCkzYx8D0P8KFAVdA2pUiaE%2FZnMGPsfxPsrE36R18UCkqHgjtkWDgdpWniMBp6MwGm0EvinqoBcpnPw%2B5rMJhRfBPQ82zzK74guJuYgq1WUH53VbMpyO24%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7ed7c40b31b524-OSL
alt-svc: h3=":443"; ma=86400
|
|
| kickasstorrents.to/static/fonts/katfont-Regular-v2.woff | 104.21.12.249 | 200 OK | 21 kB |
URL GET HTTP/3kickasstorrents.to/static/fonts/katfont-Regular-v2.woff IP104.21.12.249:443
Requested byhttps://kickasstorrents.to/usearch/microsoft%20office%202022/ CertificateIssuerGoogle Trust Services Subjectkickasstorrents.to Fingerprint66:8B:5B:ED:AC:F7:84:00:24:0D:7F:EE:97:E1:02:FD:21:4A:2D:77 ValidityFri, 09 Aug 2024 19:48:34 GMT - Thu, 07 Nov 2024 19:48:33 GMT
File typeWeb Open Font Format, TrueType, length 21053, version 2.0 Hash80dee43990adc065497b11dffcd5e1f1 49503d9f7825e5e9bdbd17a66922853d0ccb6289 cd6ee26f04ac0cfc677ffd9b7febad366f28a592ef81c2483a2386ce197718dc
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /static/fonts/katfont-Regular-v2.woff HTTP/1.1
Host: kickasstorrents.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://kickasstorrents.to/static/all.css
Cookie: state=1724455327180
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 23 Aug 2024 23:22:07 GMT
content-type: font/woff
content-length: 21053
last-modified: Fri, 23 Nov 2018 06:44:02 GMT
etag: "5bf7a1b2-523d"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IxFJF1fbW6ftY4%2Bfh1KDQLCoxa6Rxk6%2Fhw%2BBoJ07o26DkQ%2BMkJLo2MgR0GRp9JvaI0u4UbfJsUPg6lUXDNz0yOeek4dPeNKRxTyqF1HbNBTMVr7awYIQsNEe9cLVU%2FAxYguGssE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7ed7c33a28b524-OSL
alt-svc: h3=":443"; ma=86400
|
|
| kickasstorrents.to/static/apple-touch-icon.png | 104.21.12.249 | 200 OK | 14 kB |
URL GET HTTP/3kickasstorrents.to/static/apple-touch-icon.png IP104.21.12.249:443
Requested byhttps://kickasstorrents.to/usearch/microsoft%20office%202022/ CertificateIssuerGoogle Trust Services Subjectkickasstorrents.to Fingerprint66:8B:5B:ED:AC:F7:84:00:24:0D:7F:EE:97:E1:02:FD:21:4A:2D:77 ValidityFri, 09 Aug 2024 19:48:34 GMT - Thu, 07 Nov 2024 19:48:33 GMT
File typePNG image data, 114 x 114, 8-bit/color RGB, non-interlaced Hashafdd4e3837bec1a829a587a27035cace 49b370b64dbb295362c312c185a196973bcb95fc 2aeaf0d166c8ac33c84252da6b3ec83cf14c1952b8a0b0f5542272ec0dc92ad0
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /static/apple-touch-icon.png HTTP/1.1
Host: kickasstorrents.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kickasstorrents.to/usearch/microsoft%20office%202022/
Cookie: state=1724455327180
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 23 Aug 2024 23:22:07 GMT
content-type: image/png
content-length: 14452
last-modified: Fri, 23 Nov 2018 06:44:02 GMT
etag: "5bf7a1b2-3874"
expires: Wed, 11 Sep 2024 11:23:09 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 993537
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SKswqX299czR%2FX0HutBfJXjY0%2B%2BWSYdYqjV%2F5cm9RuzdKLzbwKnwzXrXYQyuP979G81gVcg9BEHBJq9ZrIG5ThP9wF%2FMQD7EbJSV1UpEL8k%2BR7GxoLBAOxhx%2FHISXIetr1cQptw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7ed7c4ccabb524-OSL
alt-svc: h3=":443"; ma=86400
|
|
| r11.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash858eda022f9abab07abe65d5db47bdd7 50676984a7c33451e955b30f0c2796d8cbd39b37 d5d1370d54dbc79eef9d826334b31217d5b9823cfd1d012036b1bc4f38b724b4
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "D5D1370D54DBC79EEF9D826334B31217D5B9823CFD1D012036B1BC4F38B724B4"
Last-Modified: Fri, 23 Aug 2024 14:37:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9329
Expires: Sat, 24 Aug 2024 01:57:37 GMT
Date: Fri, 23 Aug 2024 23:22:08 GMT
Connection: keep-alive
|
|
| r11.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash858eda022f9abab07abe65d5db47bdd7 50676984a7c33451e955b30f0c2796d8cbd39b37 d5d1370d54dbc79eef9d826334b31217d5b9823cfd1d012036b1bc4f38b724b4
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "D5D1370D54DBC79EEF9D826334B31217D5B9823CFD1D012036B1BC4F38B724B4"
Last-Modified: Fri, 23 Aug 2024 14:37:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9329
Expires: Sat, 24 Aug 2024 01:57:37 GMT
Date: Fri, 23 Aug 2024 23:22:08 GMT
Connection: keep-alive
|
|
| kickasstorrents.to/favicon.ico | 104.21.12.249 | 200 OK | 7.4 kB |
URL GET HTTP/3kickasstorrents.to/favicon.ico IP104.21.12.249:443
Requested byhttps://kickasstorrents.to/usearch/microsoft%20office%202022/ CertificateIssuerGoogle Trust Services Subjectkickasstorrents.to Fingerprint66:8B:5B:ED:AC:F7:84:00:24:0D:7F:EE:97:E1:02:FD:21:4A:2D:77 ValidityFri, 09 Aug 2024 19:48:34 GMT - Thu, 07 Nov 2024 19:48:33 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash31b7bae5cc5cb5bb117d3083308db325 aac601e8e656e1917fa3035b49b35ac7dde16b84 a3aa2d892cc04ad9f5c8fc2a3ed64489605d6eeef282eedf1fa403da7483d013
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: kickasstorrents.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kickasstorrents.to/usearch/microsoft%20office%202022/
Cookie: state=1724455327180
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 23 Aug 2024 23:22:07 GMT
content-type: image/x-icon
last-modified: Fri, 23 Nov 2018 07:32:55 GMT
etag: W/"5bf7ad27-47e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3890
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CcudYC2mB0sd783qMfHjHxrmwDe72OkxD95wB6xHfm8WVG9AVVyJcswhKXnriZrolRK51N91ZHmVNdsK%2BwN9FaEpqzOCizgk6k7K4WyXQCOTqGSuj20PAWgjm2KHf%2B8Gq2VntxE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7ed7c4ccb2b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kickasstorrents.to/usearch/microsoft%20office%202022/ | 104.21.12.249 | 200 OK | 42 kB |
URL User Request GET HTTP/2kickasstorrents.to/usearch/microsoft%20office%202022/ IP104.21.12.249:443
CertificateIssuerGoogle Trust Services Subjectkickasstorrents.to Fingerprint66:8B:5B:ED:AC:F7:84:00:24:0D:7F:EE:97:E1:02:FD:21:4A:2D:77 ValidityFri, 09 Aug 2024 19:48:34 GMT - Thu, 07 Nov 2024 19:48:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /usearch/microsoft%20office%202022/ HTTP/1.1
Host: kickasstorrents.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 Aug 2024 23:22:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RbkAGT%2FLCYwc99KW9l94%2BTuM7I10EA5UriPdlXGiGtZVrpG6HlAy4O5Jcq3TLk2amUJeS6mVy8V%2FQrnagRM8D3%2Bmd4lJTj5Jqd%2Ff0gzpf9Wfn1vKkIZgEkKJ%2Fv3noswbmMwbvYo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b7ed7bf9a6a5690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| kickasstorrents.to/static/all.css | 104.21.12.249 | 200 OK | 147 kB |
URL GET HTTP/3kickasstorrents.to/static/all.css IP104.21.12.249:443
Requested byhttps://kickasstorrents.to/usearch/microsoft%20office%202022/ CertificateIssuerGoogle Trust Services Subjectkickasstorrents.to Fingerprint66:8B:5B:ED:AC:F7:84:00:24:0D:7F:EE:97:E1:02:FD:21:4A:2D:77 ValidityFri, 09 Aug 2024 19:48:34 GMT - Thu, 07 Nov 2024 19:48:33 GMT
Size147 kB (146722 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /static/all.css HTTP/1.1
Host: kickasstorrents.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kickasstorrents.to/usearch/microsoft%20office%202022/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 23 Aug 2024 23:22:07 GMT
content-type: text/css
cache-control: max-age=43200
cf-bgj: minify
cf-polished: origSize=149243
etag: W/"5bf7a1b2-246fb"
expires: Sat, 24 Aug 2024 06:37:17 GMT
last-modified: Fri, 23 Nov 2018 06:44:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 17090
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rtnu3QBcMl665zAgKRkXeqcedXtWDEriLM%2FwnsJ1fG8ya%2BiS78EtxYsQBK%2BW2NzMVnZkHnvVGI1tq6iAFpcMB7gcLCLQ6bmFQO7dXZivr9DLFI4nvP2wL2swetthfyTZaaEQmxE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b7ed7c1e805b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kickasstorrents.to/static/js/all.js | 104.21.12.249 | 200 OK | 362 kB |
URL GET HTTP/3kickasstorrents.to/static/js/all.js IP104.21.12.249:443
Requested byhttps://kickasstorrents.to/usearch/microsoft%20office%202022/ CertificateIssuerGoogle Trust Services Subjectkickasstorrents.to Fingerprint66:8B:5B:ED:AC:F7:84:00:24:0D:7F:EE:97:E1:02:FD:21:4A:2D:77 ValidityFri, 09 Aug 2024 19:48:34 GMT - Thu, 07 Nov 2024 19:48:33 GMT
File typeJavaScript source, ASCII text, with very long lines (44165) Size362 kB (361619 bytes) Hash4911a097c8b216031c8f3513f13d5264 ede28f1c283e5bb458a09d4b9c9af35dff31e392 d18223c0dd31c1f375ccf3a341b11f66817ed0ee7430fa309116c7566b826b4d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /static/js/all.js HTTP/1.1
Host: kickasstorrents.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kickasstorrents.to/usearch/microsoft%20office%202022/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 23 Aug 2024 23:22:07 GMT
content-type: application/javascript
cache-control: max-age=43200
cf-bgj: minify
cf-polished: origSize=489940
etag: W/"5e5b441c-779d4"
expires: Sat, 24 Aug 2024 06:37:17 GMT
last-modified: Sun, 01 Mar 2020 05:11:56 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 17090
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7BNMIEBwyxgsg6Hzd%2FrbOy2jSvD2GkJq4G%2BEufMpfknXdVEOJ0Y2uqv4sSCKzY2zbVbxkUzlfH0PXP47IfW4icRyMatrjF57YFNc%2BDJHf%2BcfBBSaTUV0HRpWFBM7wobAK29nzuc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b7ed7c1e806b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|