| www.mydoramas.com/dramas-japoneses/ | 104.21.13.222 | 301 Moved Permanently | 0 B |
URL HTTP/1.1www.mydoramas.com/dramas-japoneses/ IP104.21.13.222:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dramas-japoneses/ HTTP/1.1
Host: www.mydoramas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 24 Nov 2022 21:03:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 24 Nov 2022 22:03:30 GMT
Location: https://www.mydoramas.com/dramas-japoneses/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YN7vk54%2BxL7QMDnU%2BSVq%2FOAquXvw4TJ9duzjJIMbnNdo2yLuB12HX1XsQcwwI89NG1cI6dVl7YVYqpuaIvaHwigTTNJF4BumXz1syKxkxHQXt28S1xgnel3RvuCqsSuniQlpNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f517753a17b512-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7c60904d097cde276e4e5632cef1b9f1 4f805026462589345d85e8df2d18eafba6237504 12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11076
Expires: Fri, 25 Nov 2022 00:08:06 GMT
Date: Thu, 24 Nov 2022 21:03:30 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash8c63b226725ca6e92e3ef586ac19e603 d21ae42a1927501e5293ff3564f52b49f6b0decc 141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8655
Expires: Thu, 24 Nov 2022 23:27:45 GMT
Date: Thu, 24 Nov 2022 21:03:30 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashaf40a2fcf8debb90c3608002da6c907a 3c75d6c0b557a3bd8d5db50155b8d896e852c145 555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3127
Cache-Control: max-age=137988
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:30 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:23:18 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nwxucuF2G3uucYn4oZj5OCNBYt1IeFOi/ZE/WgQezWvpxLQHsjVllkVp5fp3KDtu5LrIpgP3YjU=
x-amz-request-id: H9BBTWJRMTMRBX83
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 20:40:32 GMT
age: 1378
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash4d7e4eed097b9c4e5d509419f1cfc85a 290bb3d428a7c6330e2e3d73a952b16f820896c8 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 20:17:20 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2770
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 21:03:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash468056f4f7dff1439cc8255d5d9f48d3 cb9d89fb98be15ab059e2d219bc419bb9b0f78a3 1b070d1908749dde98a73ba00a6d0ad584d2520b3935e4262764ecfc7ee4d781
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=130189
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:30 GMT
Etag: "637f35af-117"
Expires: Sat, 26 Nov 2022 09:13:19 GMT
Last-Modified: Thu, 24 Nov 2022 09:13:19 GMT
Server: nginx
Content-Length: 279
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash468056f4f7dff1439cc8255d5d9f48d3 cb9d89fb98be15ab059e2d219bc419bb9b0f78a3 1b070d1908749dde98a73ba00a6d0ad584d2520b3935e4262764ecfc7ee4d781
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=130189
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:30 GMT
Etag: "637f35af-117"
Expires: Sat, 26 Nov 2022 09:13:19 GMT
Last-Modified: Thu, 24 Nov 2022 09:13:19 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hashfd6e45fec9010f48d052dc17826c75f0 218e01b9707f1e123eef81d70f24f0d95e526465 8ba8111e6058eb953ea4804e6fcbbba380a2087609b5bc49c7ccade7fef100a8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4377
Cache-Control: max-age=126654
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:30 GMT
Etag: "637f16c7-116"
Expires: Sat, 26 Nov 2022 08:14:24 GMT
Last-Modified: Thu, 24 Nov 2022 07:01:27 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 34 kB |
IP142.250.74.3:0
Hash93eabf9d221c4d96e840f057344878cb 518213531c53d7141e2fc488803e1c6cb0e64998 b82425239528de07daa1113356b343e431224041be3b1a27ae621790a96daff3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 2.4 kB |
IP142.250.74.3:0
Hashf19c3172f2004baacc1ea3edbb706845 f58331c9b4461c07414735c7a065c65c1e49a809 71cd0a578e920fa073e47bca831c3bddba857f5ac3e779b6327074ae498011a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash4af780570d49b327d38dc189095448e9 1dd4193a2afeb237c5e475b603b1cbd137f7f97e f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashdd0dd96ca622aa07354fabdd0da767bf a29eaa02a81dabed2c12be20a89d65a5a0417524 6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdn.statically.io/img/www.mydoramas.com/wp-content/themes/mydoramas/images/logo2.png | 151.101.85.91 | 301 Moved Permanently | 30 B |
URL HTTP/2cdn.statically.io/img/www.mydoramas.com/wp-content/themes/mydoramas/images/logo2.png IP151.101.85.91:0
File typeASCII text, with no line terminators Hashe3865605dd5f30c730b091941513f2cd 7a84cfb40e4351cdcb28039c1f48466159871b9f c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571
GET /img/www.mydoramas.com/wp-content/themes/mydoramas/images/logo2.png HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Thu, 24 Nov 2022 21:03:31 GMT
location: https://www.mydoramas.com/wp-content/themes/mydoramas/images/logo2.png
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1634-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2
|
|
| cdn.statically.io/img/www.mydoramas.com/wp-content/uploads/2022/05/Hiru-243x140.png | 151.101.85.91 | 301 Moved Permanently | 30 B |
URL HTTP/2cdn.statically.io/img/www.mydoramas.com/wp-content/uploads/2022/05/Hiru-243x140.png IP151.101.85.91:0
File typeASCII text, with no line terminators Hashe3865605dd5f30c730b091941513f2cd 7a84cfb40e4351cdcb28039c1f48466159871b9f c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571
GET /img/www.mydoramas.com/wp-content/uploads/2022/05/Hiru-243x140.png HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Thu, 24 Nov 2022 21:03:31 GMT
location: https://www.mydoramas.com/wp-content/uploads/2022/05/Hiru-243x140.png
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1634-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hashfd6e45fec9010f48d052dc17826c75f0 218e01b9707f1e123eef81d70f24f0d95e526465 8ba8111e6058eb953ea4804e6fcbbba380a2087609b5bc49c7ccade7fef100a8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4378
Cache-Control: max-age=126654
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:31 GMT
Etag: "637f16c7-116"
Expires: Sat, 26 Nov 2022 08:14:25 GMT
Last-Modified: Thu, 24 Nov 2022 07:01:27 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js | 142.250.74.138 | 200 OK | 30 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js IP142.250.74.138:0
File typeASCII text, with very long lines (32030) Hash04ba0252a9f264db106d4eaab8df4ccb cf52d9b3df7839c5c64fbf33aafeced74b3db750 397852429e768ffbd12a78ce4b94f14e3ab4afabf84acb07c0bb5b7798e6e0b2
GET /ajax/libs/jquery/3.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 09:07:49 GMT
expires: Thu, 23 Nov 2023 09:07:49 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 129342
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-161725920-1 | 142.250.74.168 | 200 OK | 44 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=UA-161725920-1 IP142.250.74.168:0
File typeASCII text, with very long lines (1921) Hash94bff6514dd62635edbb04c7270443de 6579605c6a8fc3b767b096932fe336adfb76179b dcf575a527e03542989591a79c25c3d4ef62c2cdf8051cf7742e4922754f8ab3
GET /gtag/js?id=UA-161725920-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 21:03:31 GMT
expires: Thu, 24 Nov 2022 21:03:31 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43681
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4 | 104.18.21.226 | 200 OK | 1.5 kB |
URL HTTP/1.1ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4 IP104.18.21.226:0
Hash8b697e286964fb685c2c097b4e429174 584a2236f6067e060f364efbaadad98ce24ffb87 c71233b84ef6ff7f29f324da1b8cc97a980ce6d544e5d6037a0256cd45403a46
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 21:03:31 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "72E67C0B61D2072CD60681D3872E200E47C2E8D8"
Expires: Fri, 25 Nov 2022 08:00:00 GMT
Last-Modified: Thu, 24 Nov 2022 20:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1471
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f5177b7eab0b49-OSL
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashfb6949e7abaa473393f7c604691de14f 599681bba3947709baa603bbae2dd7afd04059a4 36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5612
Cache-Control: max-age=135410
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:31 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:40:21 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash4af780570d49b327d38dc189095448e9 1dd4193a2afeb237c5e475b603b1cbd137f7f97e f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash4af780570d49b327d38dc189095448e9 1dd4193a2afeb237c5e475b603b1cbd137f7f97e f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 484 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
Hash50914d2eec404b4a40daac4998942a96 90045a58b7da4e7cd8db638e5a5b392dc5a5fee8 f6a8ebd58b46ce1e2e21741ae4089c76ecda96fbb5ebcc39ea6a77f9e623e219
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 20:11:11 GMT
cache-control: public,max-age=3600
age: 3140
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashdd0dd96ca622aa07354fabdd0da767bf a29eaa02a81dabed2c12be20a89d65a5a0417524 6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| push.services.mozilla.com/ | 54.148.70.121 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.148.70.121:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0TmO4F5x6DVAqm9JXKKy3A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: I1T9IIjqPPEGP99sFqCqGkUI3y4=
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashdaacf94df2816d38601a25b4077fceef 26b5bca044775c3b8f4b6556cd9d62b73c42f098 5704038c31b23b06b29be2b2ab55db1ae013d1d20444887f9b13140091b897cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5704038C31B23B06B29BE2B2AB55DB1AE013D1D20444887F9B13140091B897CD"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 25 Nov 2022 03:03:31 GMT
Date: Thu, 24 Nov 2022 21:03:31 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 1.3 kB |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashb86b713f2f4545ca4248e165c64eaa93 c18e2817ab46162106d4a3c1403beb37de97a04d 29b1cd671a3274eb773f36e782b3be9f8196f7df0bc4130892da7566374da33b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B47B524C4B4825D95FFB41B7EB923573FF677D4881DB64EA1AFE82D24C4E6F9F"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21568
Expires: Fri, 25 Nov 2022 03:02:59 GMT
Date: Thu, 24 Nov 2022 21:03:31 GMT
Connection: keep-alive
|
|
| forcefulpacehauled.com/3d/7a/2d/3d7a2d5bf2b64118e6cf972becedf265.js | 173.233.139.164 | 200 OK | 21 kB |
URL HTTP/1.1forcefulpacehauled.com/3d/7a/2d/3d7a2d5bf2b64118e6cf972becedf265.js IP173.233.139.164:0
File typeHTML document, ASCII text, with very long lines (60151), with no line terminators Hashceffc1f01b1defa48c825c887a957a35 063b161f339b7ddd89189a3eefda8a4befa42beb f29cfc0fa3babc574aea2cb27935bad5fd16acf4c8065ed976d888faadd54f53
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /3d/7a/2d/3d7a2d5bf2b64118e6cf972becedf265.js HTTP/1.1
Host: forcefulpacehauled.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 21:03:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 794d534d361361d014edeb245e02b80b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| forcefulpacehauled.com/7a/11/27/7a112782e6a7c80a4da216d039a4e9a7.js | 173.233.139.164 | 200 OK | 13 kB |
URL HTTP/1.1forcefulpacehauled.com/7a/11/27/7a112782e6a7c80a4da216d039a4e9a7.js IP173.233.139.164:0
File typeASCII text, with very long lines (37163), with no line terminators Hash6df5d7d3845b737fa029e43e6c7658b6 cdb7b238fbf1c0fd0b53427efc7787051cd64bf6 b36f6981c400d150294ec7cb3756422e4e2725c2f9d4ce202c7f622e8ae57bcb
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /7a/11/27/7a112782e6a7c80a4da216d039a4e9a7.js HTTP/1.1
Host: forcefulpacehauled.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 21:03:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 054597c2fe22aef7d6a97b79c39466f8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashdaedbf6ef8bc447ac2d08a42d4c4bf9f 2864128c9304bd42925932eda5b14ab62f805081 3d745fbf6d7563deeac08ec38de8db388536ff113a89fd20e8e51d9fd6f200d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3D745FBF6D7563DEEAC08EC38DE8DB388536FF113A89FD20E8E51D9FD6F200D1"
Last-Modified: Tue, 22 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5645
Expires: Thu, 24 Nov 2022 22:37:36 GMT
Date: Thu, 24 Nov 2022 21:03:31 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashaee1eaa2ef2d0edbb0bc5703979e6439 8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashaee1eaa2ef2d0edbb0bc5703979e6439 8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.88 | 200 OK | 12 kB |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.88:0
Hashdad39dd78edb11c9c68885028da7f7fb a7678090dd1409fcf5df0c0377558ed3c0dd0333 8abc1d5b082b25240c5c80a30e7242917e47a0505cff8a105587845dae1c51ad
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=151781
Date: Thu, 24 Nov 2022 21:03:31 GMT
Etag: "637f7219-1d7"
Expires: Sat, 26 Nov 2022 15:13:12 GMT
Last-Modified: Thu, 24 Nov 2022 13:31:05 GMT
Server: ECS (dcb/7F17)
X-Cache: Miss from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2CazuUjHhqZSe-r8qp1bf4KZrQ1V-Y2rkTMzJQZcr2Q3eGQ-5VthhQ==
Age: 6127
|
|
| fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2 | 216.58.207.195 | 200 OK | 22 kB |
URL HTTP/2fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 22504, version 1.0\012- data Hash1c6c65523675abc6fcd78e804325bd77 898d9808304dc157f5dcb18ca169ec6e2b96b3d7 08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
GET /s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mydoramas.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 17:15:33 GMT
expires: Wed, 22 Nov 2023 17:15:33 GMT
cache-control: public, max-age=31536000
age: 186478
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2 | 216.58.207.195 | 200 OK | 23 kB |
URL HTTP/2fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 23236, version 1.0\012- data Hash716309aab2bca045f9627f63ad79d0bf 38804233a29aaf975d557fe14e762c627bef76e0 115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
GET /s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mydoramas.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 94182
last-modified: Tue, 26 Apr 2022 16:04:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashaee1eaa2ef2d0edbb0bc5703979e6439 8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.195 | 200 OK | 45 kB |
URL HTTP/2fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data Hash565ce506190ad3af920b40baf1794cec ad3cba5d06100e09449a864d3b5e58403b478b3d 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mydoramas.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:42:51 GMT
expires: Fri, 24 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 55240
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| simplewebanalysis.com/stats | 18.185.190.54 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP18.185.190.54:0
File typeASCII text, with no line terminators Hash10085d13d86fa6f4d85fcf85f0cca327 f1043529136456ec2dcfe6cc34da03cc0866e49f f5d7ea133ed6a1ec7bde0cdcd5496459692e87f79c16f035fd4955daeca86940
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mydoramas.com
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 21:03:31 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.mydoramas.com
access-control-allow-credentials: true
set-cookie: uid_id2=f2232483-3323-4d00-b41a-b83ccb812ac4:2:1; expires=Sun, 21 Nov 2032 21:03:31 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.88 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.88:0
Hash5348b4ee74a9c894db836c2b61cc7086 9a65195ea94f2f7326007ad86ca1675010f4c00e d2c786795613bca9a9bee9143dc278307b828a07b40880cfa20e087895aa359a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=150697
Date: Thu, 24 Nov 2022 21:03:31 GMT
Etag: "637f7219-1d7"
Expires: Sat, 26 Nov 2022 14:55:08 GMT
Last-Modified: Thu, 24 Nov 2022 13:31:05 GMT
Server: ECS (dcb/7F3A)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5rTvbrb99nJLVgbuLsekxgnh64r6bFuIbQj3pTClVEM83WbdtqS2KQ==
Age: 5043
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashaee1eaa2ef2d0edbb0bc5703979e6439 8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| simplewebanalysis.com/stats | 18.185.190.54 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP18.185.190.54:0
File typeASCII text, with no line terminators Hash1cc2ed998fec31f218f141cd038771a0 23a7d58600f79af892ada68b47dec1485fcec3c7 6e9fade7d37263b253b179777560ecd47028d1c79727c060f88da51b6a417bc1
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mydoramas.com
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 21:03:32 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.mydoramas.com
access-control-allow-credentials: true
set-cookie: uid_id2=289f4127-d290-4330-a0e0-c2c8a0af932f:1:1; expires=Sun, 21 Nov 2032 21:03:32 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 7.7 kB |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashcfda7ce449e52a4edcd55a9fcfd303c3 561ac24c0821bff5a691e01a5c7bbef58feff06a 7e45441031d40969e164e79b7b313406a0082e15c88f83d3b26e5349e814af76
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3D745FBF6D7563DEEAC08EC38DE8DB388536FF113A89FD20E8E51D9FD6F200D1"
Last-Modified: Tue, 22 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5644
Expires: Thu, 24 Nov 2022 22:37:36 GMT
Date: Thu, 24 Nov 2022 21:03:32 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4ef75fcea13092be20b3fdea1a1d0797 d509e59d1d06577d84491687167bba4884404a18 98c6ffd282eae8de84bb66b55c3c4c5077aae2f5bcfec1e31ec81320fad627db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98C6FFD282EAE8DE84BB66B55C3C4C5077AAE2F5BCFEC1E31EC81320FAD627DB"
Last-Modified: Tue, 22 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4480
Expires: Thu, 24 Nov 2022 22:18:12 GMT
Date: Thu, 24 Nov 2022 21:03:32 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash186f5295f578dc81663537fd23a898a8 212cd5caaa9d44817996854d067e7a4eae843a56 01a37259454aef3bf6436eeac239313c9bb17f58337ad0070c7784f154069e8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google-analytics.com/analytics.js | 142.250.74.174 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP142.250.74.174:0
File typeASCII text, with very long lines (1325) Hash47e6f374ca946fddd5b59871b325736c baa9282efc8785e84d247c3bff518eaa45f101c4 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 24 Nov 2022 20:41:08 GMT
expires: Thu, 24 Nov 2022 22:41:08 GMT
cache-control: public, max-age=7200
age: 1344
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash670dda5fda45a89db08867e9109f65b7 2a64bc381f8e795fe7a46a98c3e8add2f1ade404 7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4390
Cache-Control: max-age=119769
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:32 GMT
Etag: "637efbd7-1d7"
Expires: Sat, 26 Nov 2022 06:19:41 GMT
Last-Modified: Thu, 24 Nov 2022 05:06:31 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
|
|
| apis.google.com/js/platform.js | 142.250.74.174 | 200 OK | 21 kB |
URL HTTP/2apis.google.com/js/platform.js IP142.250.74.174:0
File typeASCII text, with very long lines (1279) Hash7ac44ef24e267df17ff72f195b252806 62db12d9ce11a576ccd7fa3544d851c5fd42f3b7 aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Thu, 24 Nov 2022 21:03:32 GMT
expires: Thu, 24 Nov 2022 21:03:32 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| connect.facebook.net/pt_BR/sdk.js | 157.240.200.14 | 200 OK | 1.7 kB |
URL HTTP/2connect.facebook.net/pt_BR/sdk.js IP157.240.200.14:0
File typeASCII text, with very long lines (1957) Hash2c39b4fec83757ecd0e8777f00a77fc1 c73e3df3124b63ab0613486226b4c83b0908fc8b 66ae4f223be7230cd8641583c649ebd4dd9939648acbe6083e18bc7d7c24cb0a
GET /pt_BR/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: ce342f1ff7cbe590aef67f52c682b721
etag: "ecf02fce1a3110a7aaec7d395e156201"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 24 Nov 2022 21:19:06 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: LDm0/sg3V+zQ6Hd/AKd/wQ==
x-fb-debug: VxfwlfhweYSxrDqPagsC3nGFjPERLa4pOXXQb3oYj81z8pMic9cWHpufkrT5j68ooW+LXil0C1//1iLgtHdl9g==
priority: u=3,i
content-length: 1686
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 21:03:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash670dda5fda45a89db08867e9109f65b7 2a64bc381f8e795fe7a46a98c3e8add2f1ade404 7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4390
Cache-Control: max-age=119769
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:32 GMT
Etag: "637efbd7-1d7"
Expires: Sat, 26 Nov 2022 06:19:41 GMT
Last-Modified: Thu, 24 Nov 2022 05:06:31 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash6fe23ae41ec0cbb3d702b1c64028cd13 e0e4d852454a5eae80a797aaa6f0991834dcc19a 47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| parkingridiculous.com/pixel/purst?dl=0&th=0&sc=0&rs=1662&rd=1662&fd=902&bv=22.10.v.9&tmpl=70 | 173.233.139.164 | 200 OK | 0 B |
URL HTTP/1.1parkingridiculous.com/pixel/purst?dl=0&th=0&sc=0&rs=1662&rd=1662&fd=902&bv=22.10.v.9&tmpl=70 IP173.233.139.164:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pixel/purst?dl=0&th=0&sc=0&rs=1662&rd=1662&fd=902&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 21:03:32 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| connect.facebook.net/pt_BR/sdk.js?hash=d4d741dc068cf3fed12da7cfeb405786 | 157.240.200.14 | 200 OK | 88 kB |
URL HTTP/2connect.facebook.net/pt_BR/sdk.js?hash=d4d741dc068cf3fed12da7cfeb405786 IP157.240.200.14:0
File typeASCII text, with very long lines (18530) Hashc77c9d2f2d3909dccbf5bd4bdbac77f8 c885298ffd039d86ce694c771f20ce614668a7e7 d719f88a5b83224a8d17668022925a15589bb2135874084a537a088e22209440
GET /pt_BR/sdk.js?hash=d4d741dc068cf3fed12da7cfeb405786 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mydoramas.com
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: c06254cd28f17e9636bbb956caff3492
etag: "7bc12af3889cb9fb90febc83fea91717"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 24 Nov 2023 20:32:02 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: x3ydLy05CdzL9b1L26x3+A==
x-fb-debug: cIuSE4D6hfL68BrhvhGxDqHJbBqDva7sQVBRo/ZflCEdNUNTScLQyqgmyZAEb3G/YOrUy/sBOgsEuXe1bq0Mnw==
content-length: 88408
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 21:03:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash6827d82f488045e02e40d6a2fdbae4b3 4944139a4b08769511ffc6aa913857d88a0db7bc 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10667
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 21:03:32 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 630 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash2f5662fb22b114a3dd96c443ec5beaaa 02a043abb0b4aad46cbbecb47f91394a4eed05c0 562cf33ba44d1aee1e993c7a56e70c5d23c47a8a0a06f101e5ea20336144b89d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10667
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 21:03:32 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 10 kB |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash0c5fb173f406bfe260767d89e3d97c41 1347191efc79207ae7d9353c5601c322bce9cb61 44a6f3c256ae0f44ab390013ea5651f783bc8c9ec0b8d06ee6a4954757949db3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10667
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 21:03:32 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash6827d82f488045e02e40d6a2fdbae4b3 4944139a4b08769511ffc6aa913857d88a0db7bc 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10667
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 21:03:32 GMT
Connection: keep-alive
|
|
| friendshipmale.com/sfp.js | 104.21.234.93 | 200 OK | 32 kB |
URL HTTP/2friendshipmale.com/sfp.js IP104.21.234.93:0
File typeUnicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf0bda620a23c0fa57452a292756e5d00 ea35e20d72a1beb1208e3925c91910fe0671a87d 8848cb179afffad8184bfe148665bf8e807bc5dda6fd8e94a6e0d4061abc62ab
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 21:03:32 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 7c5b252453dea77d5e9c2e43b170ae35
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 24 Nov 2022 21:03:31 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUzAcVxk2QqVMQHxF9A%2F8OeGhHGOLwKkdL3nkkfnPb336ruYg5eQx4KogYTq3egRxiwbAtbmZCAI4zTXxP%2FcJPh8LJQ7xA5VpZ83B8OBv8Xatg5WOb0DLhKecB0NyHJaqKsPZ6Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f517806ccc887d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp | 34.120.237.76 | 200 OK | 19 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp IP34.120.237.76:0
Hashc7ebaa240046625571d07865ba4da816 4e966970f61679bb03370b1797e69724391eea6d 6891f9b561d275902f680a284d57abeb66201bd2fc0dad22d1d0fbd23f887a78
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ve4q5FDkwMGhPK6ZVVVCZtoBTaGaz43r_PwINzwS5Nx5tcZeQkVIfw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:47 GMT
age: 83625
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg | 34.120.237.76 | 200 OK | 8.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash92c78302bcce1568eb6a5563100b932c 43d1dec7fc06879988c9c3cadd800cc8145df988 0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:06 GMT
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
age: 83786
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg | 34.120.237.76 | 200 OK | 6.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashd9d93b2a6875d446c3467eb49767eef5 303c571b13b05fcf27ee1159d8fdf6369aaef0a2 2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:15:22 GMT
age: 49690
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg | 34.120.237.76 | 200 OK | 4.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash841a4b110022a99ddea6f7bf66df0fa1 126771b86638108050cf57c0d12faa27f80f0edb 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 49765
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bda37a1-533d-48a6-bc76-7ecc9fe2dfc8.jpeg | 34.120.237.76 | 200 OK | 6.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bda37a1-533d-48a6-bc76-7ecc9fe2dfc8.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasheeac5ead5ce62f0d9e2d4bcefa946208 c2430d901f2b4e4a463e90c540294f334553a246 850a89160f840d7509806c5becd6b074a92613920474195f63d7e7a9cf18d908
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bda37a1-533d-48a6-bc76-7ecc9fe2dfc8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6426
x-amzn-requestid: 6f27f360-dd76-4aee-a9bc-cbd52cd80def
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvx8GtpIAMFvQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e933f-69fa8ba571cc62036406e6bf;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ow9srZWasko5f0TMk632PH2_NgfxBEwGPCXoRTp7gVxfDrP9st2opw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:03:45 GMT
age: 82787
etag: "c2430d901f2b4e4a463e90c540294f334553a246"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash6558a70780dc0cdfaefa2728c371d414 fb73032b8b168adfe13daa925eb3d2728db1a142 898b551893c7b6498bae30276b0c5b105596be0982ff810583192ec0b632192d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "898B551893C7B6498BAE30276B0C5B105596BE0982FF810583192EC0B632192D"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11410
Expires: Fri, 25 Nov 2022 00:13:43 GMT
Date: Thu, 24 Nov 2022 21:03:33 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash114fcbbbf1c185d571af73ae9ccf0730 b5e6644662439e6e80cbe9206b7047c22942afe7 742f3855fe106545e8f28ecdf5649649b5fe76099866379276defd773647ba70
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "742F3855FE106545E8F28ECDF5649649B5FE76099866379276DEFD773647BA70"
Last-Modified: Tue, 22 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8714
Expires: Thu, 24 Nov 2022 23:28:47 GMT
Date: Thu, 24 Nov 2022 21:03:33 GMT
Connection: keep-alive
|
|
| unseenreport.com/pxf.gif?uuid=289f4127-d290-4330-a0e0-c2c8a0af932f&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=7a112782e6a7c80a4da216d039a4e9a7&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 | 192.243.61.227 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=289f4127-d290-4330-a0e0-c2c8a0af932f&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=7a112782e6a7c80a4da216d039a4e9a7&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pxf.gif?uuid=289f4127-d290-4330-a0e0-c2c8a0af932f&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=7a112782e6a7c80a4da216d039a4e9a7&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 21:03:33 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8757e287c052f6044aee96283f7fdb3d
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=289f4127-d290-4330-a0e0-c2c8a0af932f&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=3d7a2d5bf2b64118e6cf972becedf265&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 | 192.243.61.227 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=289f4127-d290-4330-a0e0-c2c8a0af932f&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=3d7a2d5bf2b64118e6cf972becedf265&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pxf.gif?uuid=289f4127-d290-4330-a0e0-c2c8a0af932f&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=3d7a2d5bf2b64118e6cf972becedf265&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 21:03:33 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b05cf806248c526f608e864eca909860
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| soldierreproduceadmiration.com/sbar.json?key=7a112782e6a7c80a4da216d039a4e9a7&uuid=289f4127-d290-4330-a0e0-c2c8a0af932f%3A1%3A1 | 173.233.137.36 | 200 OK | 4.2 kB |
URL HTTP/1.1soldierreproduceadmiration.com/sbar.json?key=7a112782e6a7c80a4da216d039a4e9a7&uuid=289f4127-d290-4330-a0e0-c2c8a0af932f%3A1%3A1 IP173.233.137.36:0
File typeJSON data\012- , ASCII text, with very long lines (5763), with no line terminators Hash82288ed95afbc4e3f4631b1d1802b119 130149048f40f2d711d604a41434bd29752ddfeb 44130e95c17c3595b006e6c5e0741faa1c094033b3875cd39da38576900aeb5a
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /sbar.json?key=7a112782e6a7c80a4da216d039a4e9a7&uuid=289f4127-d290-4330-a0e0-c2c8a0af932f%3A1%3A1 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mydoramas.com
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 21:03:33 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.mydoramas.com
Access-Control-Allow-Origin: https://www.mydoramas.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15548788; expires=Fri, 25 Nov 2022 21:03:33 GMT; secure; SameSite=None
uid_id2=289f4127-d290-4330-a0e0-c2c8a0af932f:1:1; expires=Thu, 01 Dec 2022 21:03:33 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 25 Nov 2022 21:03:33 GMT; secure; SameSite=None
uncs=1; expires=Fri, 25 Nov 2022 21:03:33 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 25 Nov 2022 21:03:33 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 25 Nov 2022 21:03:33 GMT; secure; SameSite=None
slec7a112782e6a7c80a4da216d039a4e9a7=[3760951]; expires=Thu, 24 Nov 2022 21:03:38 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4cbf674c1a5c875025b1855c97d9af6e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash4ef155e76f73eaba1358ac3eb09b1cfd f16305cf346a1977c050fbec1e5e72c3b31660ad d334a371d644e3f0850d06dab872698dfcbb1fde34cbe0fa7c27e913cf4984e2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5737
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:33 GMT
Last-Modified: Thu, 24 Nov 2022 19:27:56 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
|
|
| soldierreproduceadmiration.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRSuTtaLngy5eDDOQSGCO1vdM7MzbQ4hMa4Ek2xMIgveqquqZ8ut7mqquqdn9%2BJiUHNQmOBBj73f7GZRo5ibF1FmvYQFYceDLOj6A0QQhIA3mdmBxQdV77363uH7vnofbhVHhKJghzevmw2lNVto1Wnt%2FIpKhSld7cadmk%2Fr9EJtRaWLzQu1%2FuSyvVd92qrTl2tvSL5mFgLqU%2BpTv7akrIxNf2GKQmUPQ78e0nozqPutJvr2%2F70rPDjmQfSOyBkoMX5q9fEjKD5Cmnx7Rbq13GSvvJ4UmuXGoid2307XUlOmSE7K2HqI093ZNIwbE%2FL5KZh0d6YAprc9UYBIjYn3q48o3Z3RRNTbOWYaacgUkXgGZW8EqUdQbARu7kKJAwJwgRvLSJMHN4wt2foxyibomMw9%2BQeqHJO5388iTb65rFW%2FdtvoIlcmdejHFVR%2FBNUdISv2kG94UOUeeP4%2BlPiZLDy5hjTZXnbaQInDF4NOGDf9oD0vgpDONxsNOs%2BopPM84B1GWRw2gnhqkVIjqHgELQdgzkMxOcpDEXsoMg%2BJOKyxVhhT2o6juNHoNDnnjQbnrc6iaIlGsxNTFHyiYYA8G4DrAbjdRGY3sabuH7TOwBY%2Fwq1WcMKDywl6okIpCUpHUDKCUhGUOUHZq3aEdoGrHgjtisif5WCWG9XQ5N0ttmPyrkzJVnZEnp1699elHGvysNZmvh%2B0O4FcZG3eoawpWOAvCtoIWVOGrA2nKih3aqp0Q43J2Y%2FOI1NjcmqJIWJ7cHoPXJ0GK54HK4ftgIKtDpsdio3062TdGcsS5urcJBCmQpbPIV%2F3tvQReW5KJORtSL5%2F8d9z37315wcvgNsKma3wrvqJoKvvDW%2BZkmzfMqUjj5azXCVqg00%2B%2BHbOcjn35ZtyvTRWXL3iBl9c4hNgUj68I11%2BjaVCpV1HvrqshJB2yVguyfdX3YqMbhZu9XJh0yK7dvO1patJZqVzyqQjMHXQ%2FhRcjcnT1zenq3vu48dQdgRbVEiKfTILKLMHnm3CZfsXP%2Ftk%2BY8L4h04Q2D1yUyUeSiLamiD6ORRKwItT3oWVXDyxIJI7v%2Fw9zG25e6haz2w%2FC7SpELPVujpCkwP4IrTwzyz%2Bxd%2FaUwDkfaGkbbedqStvn9srVOHNdmKaSxpIKM4jOI2oyKMm2HEQl%2B2oxbzkbsxf%2B%2B3l%2F4DAAD%2F%2FwEAAP%2F%2FD%2BewEpIEAAA%3D | 173.233.137.36 | 200 OK | 7 B |
URL HTTP/1.1soldierreproduceadmiration.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRSuTtaLngy5eDDOQSGCO1vdM7MzbQ4hMa4Ek2xMIgveqquqZ8ut7mqquqdn9%2BJiUHNQmOBBj73f7GZRo5ibF1FmvYQFYceDLOj6A0QQhIA3mdmBxQdV77363uH7vnofbhVHhKJghzevmw2lNVto1Wnt%2FIpKhSld7cadmk%2Fr9EJtRaWLzQu1%2FuSyvVd92qrTl2tvSL5mFgLqU%2BpTv7akrIxNf2GKQmUPQ78e0nozqPutJvr2%2F70rPDjmQfSOyBkoMX5q9fEjKD5Cmnx7Rbq13GSvvJ4UmuXGoid2307XUlOmSE7K2HqI093ZNIwbE%2FL5KZh0d6YAprc9UYBIjYn3q48o3Z3RRNTbOWYaacgUkXgGZW8EqUdQbARu7kKJAwJwgRvLSJMHN4wt2foxyibomMw9%2BQeqHJO5388iTb65rFW%2FdtvoIlcmdejHFVR%2FBNUdISv2kG94UOUeeP4%2BlPiZLDy5hjTZXnbaQInDF4NOGDf9oD0vgpDONxsNOs%2BopPM84B1GWRw2gnhqkVIjqHgELQdgzkMxOcpDEXsoMg%2BJOKyxVhhT2o6juNHoNDnnjQbnrc6iaIlGsxNTFHyiYYA8G4DrAbjdRGY3sabuH7TOwBY%2Fwq1WcMKDywl6okIpCUpHUDKCUhGUOUHZq3aEdoGrHgjtisif5WCWG9XQ5N0ttmPyrkzJVnZEnp1699elHGvysNZmvh%2B0O4FcZG3eoawpWOAvCtoIWVOGrA2nKih3aqp0Q43J2Y%2FOI1NjcmqJIWJ7cHoPXJ0GK54HK4ftgIKtDpsdio3062TdGcsS5urcJBCmQpbPIV%2F3tvQReW5KJORtSL5%2F8d9z37315wcvgNsKma3wrvqJoKvvDW%2BZkmzfMqUjj5azXCVqg00%2B%2BHbOcjn35ZtyvTRWXL3iBl9c4hNgUj68I11%2BjaVCpV1HvrqshJB2yVguyfdX3YqMbhZu9XJh0yK7dvO1patJZqVzyqQjMHXQ%2FhRcjcnT1zenq3vu48dQdgRbVEiKfTILKLMHnm3CZfsXP%2Ftk%2BY8L4h04Q2D1yUyUeSiLamiD6ORRKwItT3oWVXDyxIJI7v%2Fw9zG25e6haz2w%2FC7SpELPVujpCkwP4IrTwzyz%2Bxd%2FaUwDkfaGkbbedqStvn9srVOHNdmKaSxpIKM4jOI2oyKMm2HEQl%2B2oxbzkbsxf%2B%2B3l%2F4DAAD%2F%2FwEAAP%2F%2FD%2BewEpIEAAA%3D IP173.233.137.36:0
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRSuTtaLngy5eDDOQSGCO1vdM7MzbQ4hMa4Ek2xMIgveqquqZ8ut7mqquqdn9%2BJiUHNQmOBBj73f7GZRo5ibF1FmvYQFYceDLOj6A0QQhIA3mdmBxQdV77363uH7vnofbhVHhKJghzevmw2lNVto1Wnt%2FIpKhSld7cadmk%2Fr9EJtRaWLzQu1%2FuSyvVd92qrTl2tvSL5mFgLqU%2BpTv7akrIxNf2GKQmUPQ78e0nozqPutJvr2%2F70rPDjmQfSOyBkoMX5q9fEjKD5Cmnx7Rbq13GSvvJ4UmuXGoid2307XUlOmSE7K2HqI093ZNIwbE%2FL5KZh0d6YAprc9UYBIjYn3q48o3Z3RRNTbOWYaacgUkXgGZW8EqUdQbARu7kKJAwJwgRvLSJMHN4wt2foxyibomMw9%2BQeqHJO5388iTb65rFW%2FdtvoIlcmdejHFVR%2FBNUdISv2kG94UOUeeP4%2BlPiZLDy5hjTZXnbaQInDF4NOGDf9oD0vgpDONxsNOs%2BopPM84B1GWRw2gnhqkVIjqHgELQdgzkMxOcpDEXsoMg%2BJOKyxVhhT2o6juNHoNDnnjQbnrc6iaIlGsxNTFHyiYYA8G4DrAbjdRGY3sabuH7TOwBY%2Fwq1WcMKDywl6okIpCUpHUDKCUhGUOUHZq3aEdoGrHgjtisif5WCWG9XQ5N0ttmPyrkzJVnZEnp1699elHGvysNZmvh%2B0O4FcZG3eoawpWOAvCtoIWVOGrA2nKih3aqp0Q43J2Y%2FOI1NjcmqJIWJ7cHoPXJ0GK54HK4ftgIKtDpsdio3062TdGcsS5urcJBCmQpbPIV%2F3tvQReW5KJORtSL5%2F8d9z37315wcvgNsKma3wrvqJoKvvDW%2BZkmzfMqUjj5azXCVqg00%2B%2BHbOcjn35ZtyvTRWXL3iBl9c4hNgUj68I11%2BjaVCpV1HvrqshJB2yVguyfdX3YqMbhZu9XJh0yK7dvO1patJZqVzyqQjMHXQ%2FhRcjcnT1zenq3vu48dQdgRbVEiKfTILKLMHnm3CZfsXP%2Ftk%2BY8L4h04Q2D1yUyUeSiLamiD6ORRKwItT3oWVXDyxIJI7v%2Fw9zG25e6haz2w%2FC7SpELPVujpCkwP4IrTwzyz%2Bxd%2FaUwDkfaGkbbedqStvn9srVOHNdmKaSxpIKM4jOI2oyKMm2HEQl%2B2oxbzkbsxf%2B%2B3l%2F4DAAD%2F%2FwEAAP%2F%2FD%2BewEpIEAAA%3D HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Cookie: u_pl=15548788; uid_id2=289f4127-d290-4330-a0e0-c2c8a0af932f:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec7a112782e6a7c80a4da216d039a4e9a7=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 21:03:33 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2c8bcf02ffdd10825ed42860b6b5bdb3
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 344 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash0eae74238d1c9828cd086271241b5e66 4cdd2c9e819b5c71d1d3e4836063a7a9f89ccf15 4884107002b9840725b58cd3ff13215471bdcd8c2a1029c3eeadd16abe4d91d2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4884107002B9840725B58CD3FF13215471BDCD8C2A1029C3EEADD16ABE4D91D2"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9051
Expires: Thu, 24 Nov 2022 23:34:25 GMT
Date: Thu, 24 Nov 2022 21:03:34 GMT
Connection: keep-alive
|
|
| soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Findex.html&l=1525&fd=677 | 173.233.137.36 | 200 OK | 0 B |
URL HTTP/1.1soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Findex.html&l=1525&fd=677 IP173.233.137.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Findex.html&l=1525&fd=677 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Cookie: u_pl=15548788; uid_id2=289f4127-d290-4330-a0e0-c2c8a0af932f:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec7a112782e6a7c80a4da216d039a4e9a7=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 21:03:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/img/close.png | 172.64.109.13 | 200 OK | 6.0 kB |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/img/close.png IP172.64.109.13:0
File typePNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data Hashc489ce2c491a22ee37a55e26a92dfd73 2fa588ab09e94dd902e5bd24b48f98ad1949c9d6 1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/notifications/software/multi/browsers/ff/3/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 21:03:34 GMT
content-type: image/png
content-length: 5982
last-modified: Thu, 08 Sep 2022 07:49:57 GMT
etag: "63199ea5-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 490695
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ig06Q1x%2FhNs9RhPfyJo2V8Xrf2ByY3vtPfQYD18ojre5Uw8rQxm5bo29iv%2FIo9m9u%2FrJg0eC3B3%2FW1ay4KFuFkq4SUdF9Q6b3wBzZlPI25MzrNnd0vXxW6gyZoHIXcTebS8ZWX7CxzXc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f517902d9672c7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/img/update-icon.png | 172.64.109.13 | 200 OK | 175 kB |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/img/update-icon.png IP172.64.109.13:0
File typePNG image data, 452 x 453, 8-bit/color RGBA, non-interlaced\012- data Size175 kB (174730 bytes) Hash85bc2f8a287afa33ac84c90178055d00 c98e7ebd06397a77a20607f55fe4ebf1b57ca334 85d20d101efc753f9b0619a33901e1689d1e0c11a46bf6d6d657c1393542cc30
GET /sb/notifications/software/multi/browsers/ff/3/img/update-icon.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 21:03:34 GMT
content-type: image/png
content-length: 174730
last-modified: Thu, 08 Sep 2022 07:49:58 GMT
etag: "63199ea6-2aa8a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 490695
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7pmSsuqHopv2E%2BdyT78exzknbd%2F4ivMYzG4Q2NdsqbG1TtBPlURsmVQyyr1PaRJM%2F1na%2BvG07rY0Sc1jrU%2FzfH84wJhPC9fNFkxMvwtaJPp%2Fq5mSCOwKlFWzOH7THUcrt6ZRhAwNTR4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f517902d9b72c7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 344 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash0eae74238d1c9828cd086271241b5e66 4cdd2c9e819b5c71d1d3e4836063a7a9f89ccf15 4884107002b9840725b58cd3ff13215471bdcd8c2a1029c3eeadd16abe4d91d2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4884107002B9840725B58CD3FF13215471BDCD8C2A1029C3EEADD16ABE4D91D2"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9051
Expires: Thu, 24 Nov 2022 23:34:25 GMT
Date: Thu, 24 Nov 2022 21:03:34 GMT
Connection: keep-alive
|
|
| soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fmagic.css&l=45250&fd=353 | 173.233.137.36 | 200 OK | 0 B |
URL HTTP/1.1soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fmagic.css&l=45250&fd=353 IP173.233.137.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fmagic.css&l=45250&fd=353 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Cookie: u_pl=15548788; uid_id2=289f4127-d290-4330-a0e0-c2c8a0af932f:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec7a112782e6a7c80a4da216d039a4e9a7=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 21:03:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.195 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mydoramas.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 91766
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.195 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mydoramas.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 94185
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fjs%2Fscript.js&l=8814&fd=145 | 173.233.137.36 | 200 OK | 0 B |
URL HTTP/1.1soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fjs%2Fscript.js&l=8814&fd=145 IP173.233.137.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fjs%2Fscript.js&l=8814&fd=145 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Cookie: u_pl=15548788; uid_id2=289f4127-d290-4330-a0e0-c2c8a0af932f:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec7a112782e6a7c80a4da216d039a4e9a7=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 21:03:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/css/magic.css | 172.64.109.13 | 200 OK | 2.9 kB |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/css/magic.css IP172.64.109.13:0
Hash6201ab7da81015a578bd1b89472730cc 534db0d7492dc08db2e6230d27102373a533ec80 66402a571a1e9607aa0ebf03c0a1a9470660e900a219dad9bdb0a81bc73c3eef
GET /sb/notifications/software/multi/browsers/ff/3/css/magic.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mydoramas.com
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 21:03:34 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 07:49:55 GMT
etag: W/"63199ea3-b0c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sO8%2FUNX3f7PBqavUJei5wJKvar7COTll0A1wK7RItX%2BERFKL6eW3aof3GExL7MkjlR4iGTReKt7fQiRISUSag8z1OSShupBCb88nDOud%2BsIlhSu6Hi7kQ6QASIuNSutzQg3e18uo3T%2BD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f517900d4f72c7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/script.js | 172.64.109.13 | 200 OK | 5.6 kB |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/script.js IP172.64.109.13:0
Hash52e2fb5dcc6a1ab82032b7f1789cc99b d933bebf96e76247426e3a00cde8e91afe9ce266 2025e7a23e0e756964ed42b9f20a0e074a4b2342650147f38218da6c02f48b3e
GET /sb/notifications/software/multi/browsers/ff/3/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mydoramas.com
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 21:03:34 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:49:59 GMT
etag: W/"63199ea7-2ae2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOKWYMzplXM70YdOjFN9YfwOckmEPA7yIEv74g0o5ZwxPFjWW%2FD9%2BqVhoVikJOvHHvcYKAcFvwyZXpA4isjAA7Hft7cHCMricWywzQbrbXgSPzcJBlljJvEmO538C%2B50REns4hylyLLH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f51790de9c72c7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/css/style.css | 172.64.109.13 | 200 OK | 1.1 kB |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/css/style.css IP172.64.109.13:0
Hash7d924b546cf98fcbbe1f1a66415efde9 8e0a8461aeb82f933769ab0e9fa69499aa974b35 634a2180f3499f5a77e19fd106d0521148296f7fb5baa3c57701d284d9279df7
GET /sb/notifications/software/multi/browsers/ff/3/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mydoramas.com
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 21:03:34 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 07:49:56 GMT
etag: W/"63199ea4-e97"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hCVO23qCj6cL%2BA3bZW7FLGNN%2FXDpHpy%2F4lTzYWYadlFkWWt6gjbF2EoMtWGFg%2BXlRrd1r7rK%2F6TVG6IQJr%2B%2Bhl8swG6lXmZC80OdZpUKgAGw1gJnCgxbrU%2FOdk6BUjdksBHkw6DjNGN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f517901d7f72c7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/jquery.min.js | 172.64.109.13 | 200 OK | 0 B |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/jquery.min.js IP172.64.109.13:0
GET /sb/notifications/software/multi/browsers/ff/3/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 21:03:34 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:49:59 GMT
etag: W/"63199ea7-149a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 490695
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uXkf5YwrD0c4VaDEtO2vXuEjvJmUTwwzkx5ORDfHfqX1%2Fhjzq0i7ABMGBGnlCFTHn6JTDXfw1HGPug8COw9cvQWw33%2FvZxm%2FYN9VjVjBvi9UE4LFar%2FZB%2FebLlI0YNY55mlsj%2FAdfisg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f517902d9c72c7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css | 104.18.11.207 | 200 OK | 0 B |
URL HTTP/2maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css IP104.18.11.207:0
GET /font-awesome/4.4.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 21:03:30 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 12/13/2021 21:25:06
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 632
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 8ac87b10825a6871d9cd076fc3a23e4f
cdn-cache: HIT
cf-cache-status: HIT
age: 14770562
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76f5177a8e7ab4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i,800,800i%7CLato:300,400,700,900 | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i,800,800i%7CLato:300,400,700,900 IP142.250.74.10:0
GET /css?family=Open+Sans:400,400i,600,600i,700,700i,800,800i%7CLato:300,400,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 21:03:31 GMT
date: Thu, 24 Nov 2022 21:03:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| cdn.yourwebbars.com/sb/notifications/software/multi/browsers/ff/3/index.html | 104.26.7.19 | 200 OK | 0 B |
URL HTTP/2cdn.yourwebbars.com/sb/notifications/software/multi/browsers/ff/3/index.html IP104.26.7.19:0
GET /sb/notifications/software/multi/browsers/ff/3/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mydoramas.com
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 21:03:34 GMT
content-type: text/html
last-modified: Thu, 08 Sep 2022 07:49:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJfbvcB5a1Dkp5CsTXVFIL8%2BtSAeQbn%2Bvamw9BQZBYju7qO3BWNOtXV5jfSijGTOhwQ9uC24MHEWU%2FDvTOqV6wekimLbPIOCgGnYSfClrTPVnOShJPbMuIWizbOBuxFVvXzNCxE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f5178b5dc10b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.mydoramas.com/dramas-japoneses/ | 104.21.13.222 | 200 OK | 0 B |
URL HTTP/2www.mydoramas.com/dramas-japoneses/ IP104.21.13.222:0
GET /dramas-japoneses/ HTTP/1.1
Host: www.mydoramas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 24 Nov 2022 21:03:30 GMT
content-type: text/html; charset=UTF-8
x-powered-by: Private Web Hosting
accept-ch: sec-ch-dpr, sec-ch-width, sec-ch-viewport-width
link: <https://cdn.statically.io>; rel=preconnect, <https://www.mydoramas.com/wp-json/>; rel="https://api.w.org/", <https://www.mydoramas.com/wp-json/wp/v2/categories/8216>; rel="alternate"; type="application/json"
permissions-policy: ch-dpr=("https://cdn.statically.io"), ch-width=("https://cdn.statically.io"), ch-viewport-width=("https://cdn.statically.io")
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 79c_HTTP.200,79c_category,79c_URL.48a71edf94a582eda5ffee1dae9e8c11,79c_T.8216,79c_
x-litespeed-cache: miss
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GIHOIX5Zo7BFQoqMZGdWZT02J2NXwo3nOm3G46P5Rt1EPjhHgaJbHtRr33s65xdovjAsfHWncmMF7mixxgZgdBXICyHrqwgC%2BKWqKLlDVKMEksqsqW7M4moznRJ7vOx3M1J5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f517789c1fb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Lato:300,400,900 | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Lato:300,400,900 IP142.250.74.10:0
GET /css?family=Lato:300,400,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 21:03:31 GMT
date: Thu, 24 Nov 2022 21:03:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|