Report - www.mydoramas.com/dramas-japoneses/

Report Overview

Submitted URL
www.mydoramas.com/dramas-japoneses/
IP
172.67.133.78
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-24 21:03:41
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
cdn.statically.io	10364	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	911 B	1.2 kB	151.101.85.91
friendshipmale.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	362 B	33 kB	104.21.234.93
cdn.creative-bars1.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	195 kB	172.64.109.13
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	393 B	31 kB	142.250.74.138
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	1.9 kB	104.18.21.226
apis.google.com	105	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	22 kB	142.250.74.174
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	127 kB	216.58.207.195
soldierreproduceadmiration.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.5 kB	7.6 kB	173.233.137.36
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700 B	14 kB	143.204.42.88
unseenreport.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	846 B	192.243.61.227
www.mydoramas.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	830 B	2.0 kB	104.21.13.222
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	6.1 kB	93.184.220.29
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	387 B	44 kB	142.250.74.168
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.148.70.121
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.5 kB	34.102.187.140
maxcdn.bootstrapcdn.com	724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	418 B	904 B	104.18.11.207
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.5 kB	45 kB	142.250.74.3
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	790 B	820 B	18.185.190.54
parkingridiculous.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	450 B	467 B	173.233.139.164
cdn.yourwebbars.com	62037	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	444 B	741 B	104.26.7.19
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	810 B	92 kB	157.240.200.14
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	20 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	10 kB	23.36.77.32
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	21 kB	142.250.74.174
forcefulpacehauled.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	808 B	36 kB	173.233.139.164
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	50 kB	34.120.237.76
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	850 B	1.5 kB	142.250.74.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-24	medium	forcefulpacehauled.com	Sinkholed
2022-11-24	medium	forcefulpacehauled.com	Sinkholed
2022-11-24	medium	parkingridiculous.com	Sinkholed
2022-11-24	medium	unseenreport.com	Sinkholed
2022-11-24	medium	unseenreport.com	Sinkholed
2022-11-24	medium	soldierreproduceadmiration.com	Sinkholed
2022-11-24	medium	soldierreproduceadmiration.com	Sinkholed
2022-11-24	medium	soldierreproduceadmiration.com	Sinkholed
2022-11-24	medium	soldierreproduceadmiration.com	Sinkholed
2022-11-24	medium	soldierreproduceadmiration.com	Sinkholed

JavaScript (19)

	URL	Size	First Seen	Last Seen
	connect.facebook.net/pt_BR/sdk.js?hash=d4d741dc068cf3fed12da7cfeb405786	313 kB	2023-03-11	2023-03-11
Pretty URL connect.facebook.net/pt_BR/sdk.js?hash=d4d741dc068cf3fed12da7cfeb405786 IP 157.240.200.14 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:20:54 Last Seen2023-03-11 19:20:54 Times Seen1 Hash c06254cd28f17e9636bbb956caff3492 a53095e6d76fa454eac491f66eb8621ebb201511 75ddc2087c5b28728e4be06c85e37781edc3153dca8ed5588e6d5dee4fbbc81a Loading...

	cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/jquery.min.js	84 kB	2023-03-07	2024-04-25
Pretty URL cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/jquery.min.js IP 172.64.109.13 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:11 Last Seen2024-04-25 01:55:06 Times Seen552 Hash 6326c600df01e3bfb9b40e1aa08176f8 6b4fb754d29b297b539bf62ba9b4eaf0f33f314a df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3 Loading...

	www.mydoramas.com/dramas-japoneses/	2.2 kB	2023-03-11	2023-03-11
Pretty URL www.mydoramas.com/dramas-japoneses/ IP 104.21.13.222 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:20:54 Last Seen2023-03-11 19:20:54 Times Seen1 Hash 757b61ec574c4a76645106431bc1e0c9 9b164978beb1efd445159ed5887fabdb9bbf46c8 cefcb26c083aef2bf49cab962f528a5a30d43a35b600908de1164e54e19f46c1 Loading...

	www.mydoramas.com/wp-content/themes/mydoramas/js/zepto.min.js?ver=6.0.3	25 kB	2023-03-11	2023-12-18
Pretty URL www.mydoramas.com/wp-content/themes/mydoramas/js/zepto.min.js?ver=6.0.3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:20:54 Last Seen2023-12-18 21:23:31 Times Seen6 Hash 85cc61a1e78b47dd54bb4024c0831b04 147b35a7a34524abfde0367a34d4b872742d3a1c 9e150fc157b3f1854eac67ec7f6087dc6fe18d866d6fb9c8b169b878e588275a Loading...

	www.mydoramas.com/wp-content/themes/mydoramas/js/cpScript.js?nocache&ver=6.0.3	8.9 kB	2023-03-11	2023-03-11
Pretty URL www.mydoramas.com/wp-content/themes/mydoramas/js/cpScript.js?nocache&ver=6.0.3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:20:54 Last Seen2023-03-11 19:20:54 Times Seen1 Hash f5ae8789b7fe6a469b8fab413bbf0912 f9fca8bab01de21f49826e10886a9934bb505fd0 c99456f323b2893a9d5d8d0fd6102d9d123143d267f6ea8b872e0eb3b0e05ad3 Loading...

	www.mydoramas.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3	19 kB	2023-03-07	2024-04-25
Pretty URL www.mydoramas.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 18:37:13 Times Seen38049 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-25
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-25 17:52:53 Times Seen1528 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	connect.facebook.net/pt_BR/sdk.js#xfbml=1&version=v2.8&appId=1152295634852533	3.1 kB	2023-03-11	2023-03-11
Pretty URL connect.facebook.net/pt_BR/sdk.js#xfbml=1&version=v2.8&appId=1152295634852533 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:20:54 Last Seen2023-03-11 19:20:54 Times Seen1 Hash ce342f1ff7cbe590aef67f52c682b721 e0992890c2f4f166e0904e6a070dfa0fab5ef476 9dc0df35fa13b6776cbbbbcd2f7e634435fbbfee139c0425ad47894e2422b58a Loading...

	http:blank	4.4 kB	2023-03-11	2023-03-11
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:20:54 Last Seen2023-03-11 19:20:54 Times Seen1 Hash 2f5e1a701b73f151e6b90ae68f88a0eb 3a9dca262860cae04b08389984596660ebf32d29 f7175b40c5cb414befafe3deccb44c48c2337e1f77e42fdac04568b79129d57f Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js	87 kB	2023-03-07	2024-04-25
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-25 22:27:14 Times Seen263798 Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Loading...

	www.mydoramas.com/wp-content/themes/mydoramas/js/jquery.js	93 kB	2023-03-07	2024-04-15
Pretty URL www.mydoramas.com/wp-content/themes/mydoramas/js/jquery.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:47 Last Seen2024-04-15 10:02:48 Times Seen270 Hash fa4322da6050ee28a998bb75f63fa628 d83e917ab2b10e00f9ff2f280cf705e083032338 c60d2815efaf613db70fffda59a2624cc37e6bec4d3846f9f19e0a5921ca260d Loading...

	forcefulpacehauled.com/3d/7a/2d/3d7a2d5bf2b64118e6cf972becedf265.js	60 kB	2023-03-11	2023-03-11
Pretty URL forcefulpacehauled.com/3d/7a/2d/3d7a2d5bf2b64118e6cf972becedf265.js IP 173.233.139.164 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:20:54 Last Seen2023-03-11 19:20:54 Times Seen1 Hash 793868791a445771c3baf8f236a203eb 3234e3312bb8e7ccc12ba67dd335121637b7ef72 e0144121573e9090ac8fc765071f5860f936e44e7cc5f308020d56f3acf55db0 Loading...

	www.mydoramas.com/dramas-japoneses/	390 B	2023-03-11	2023-03-11
Pretty URL www.mydoramas.com/dramas-japoneses/ IP 104.21.13.222 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:20:54 Last Seen2023-03-11 19:20:54 Times Seen1 Hash dcd5295c5d639a56ee89f4f9a6246614 3b74bd704ba35a853e2faeb5a87000cb053b0985 24721faf627f86a3879ca3df0611232bf5f2635004cee1b34677e39718f5851d Loading...

	www.mydoramas.com/wp-content/themes/mydoramas/js/functions.js	2.6 kB	2023-03-11	2023-03-11
Pretty URL www.mydoramas.com/wp-content/themes/mydoramas/js/functions.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:20:54 Last Seen2023-03-11 19:20:54 Times Seen1 Hash 838fa8e18d04513b121849a447d1a171 47157c896a5334ddfdfdff90e67d9c6e5b5f52bb 31193d15a56092c732be9ce13331807802a764caa2976e33e1bbfb7346446a0d Loading...

	www.mydoramas.com/dramas-japoneses/	155 B	2023-03-11	2023-03-11
Pretty URL www.mydoramas.com/dramas-japoneses/ IP 104.21.13.222 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:20:54 Last Seen2023-03-11 19:20:54 Times Seen1 Hash 57818b2bdc8fa19d80bad7a4b63086b6 b14fdc96eda5dcdc21cb68130a1b4db7461533ec 7aa492b4bbea4bb657f6c93b213826d007dcc55b4474c70c8408ca30883765e6 Loading...

	www.googletagmanager.com/gtag/js?id=UA-161725920-1	112 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-161725920-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:20:54 Last Seen2023-03-11 19:20:54 Times Seen1 Hash c8febb5593589694716d3a0b7fb5ff00 53f8a983e22cb7f09e2996c78ead43bc242a9bcd 917e54cb8a23f65823b85a41829f41162064263627fbe37b55ab19dec8ee16fd Loading...

	forcefulpacehauled.com/7a/11/27/7a112782e6a7c80a4da216d039a4e9a7.js	37 kB	2023-03-11	2023-03-11
Pretty URL forcefulpacehauled.com/7a/11/27/7a112782e6a7c80a4da216d039a4e9a7.js IP 173.233.139.164 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:20:54 Last Seen2023-03-11 19:20:54 Times Seen1 Hash bf7b73c15f9e704cb391cb9c165c3f32 e52627eb3807575c5f35c663291207e57cbd6e0e 7f4f185cf3f5861a7f56396c5529f84d9ed003a71ca686821197ecf4a06b339d Loading...

	www.mydoramas.com/dramas-japoneses/	318 B	2023-03-11	2023-03-11
Pretty URL www.mydoramas.com/dramas-japoneses/ IP 104.21.13.222 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:20:54 Last Seen2023-03-11 19:20:54 Times Seen1 Hash 8e5726517f5356d858cce7732f9b2030 c806e365e0f3629db4062868f1212537ecdfb4ac aa9574c561c6ff14d1fa8cf7b4d7746f1a1721e3bfb91a9fa5279d87d50055f8 Loading...

	apis.google.com/js/platform.js	55 kB	2023-03-08	2023-03-17
Pretty URL apis.google.com/js/platform.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:23 Last Seen2023-03-17 23:35:13 Times Seen1 Hash 82b37d5e95d1e985a554cf000e9bb15c 8973b2e12ea8de1b8a14c8b7ea3be6c1c25eae07 4c6520efed0ab3222ea84da3fb4d6cdc929353fdfa0ac12422253be3ffcf525a Loading...

HTTP Transactions (88)

URL IP Response Size

www.mydoramas.com/dramas-japoneses/

104.21.13.222

301 Moved Permanently

0 B

URL HTTP/1.1
www.mydoramas.com/dramas-japoneses/
IP
104.21.13.222:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dramas-japoneses/ HTTP/1.1
Host: www.mydoramas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 24 Nov 2022 21:03:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 24 Nov 2022 22:03:30 GMT
Location: https://www.mydoramas.com/dramas-japoneses/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YN7vk54%2BxL7QMDnU%2BSVq%2FOAquXvw4TJ9duzjJIMbnNdo2yLuB12HX1XsQcwwI89NG1cI6dVl7YVYqpuaIvaHwigTTNJF4BumXz1syKxkxHQXt28S1xgnel3RvuCqsSuniQlpNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f517753a17b512-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11076
Expires: Fri, 25 Nov 2022 00:08:06 GMT
Date: Thu, 24 Nov 2022 21:03:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8655
Expires: Thu, 24 Nov 2022 23:27:45 GMT
Date: Thu, 24 Nov 2022 21:03:30 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3127
Cache-Control: max-age=137988
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:30 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:23:18 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: nwxucuF2G3uucYn4oZj5OCNBYt1IeFOi/ZE/WgQezWvpxLQHsjVllkVp5fp3KDtu5LrIpgP3YjU=
x-amz-request-id: H9BBTWJRMTMRBX83
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 20:40:32 GMT
age: 1378
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 20:17:20 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2770
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 21:03:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
468056f4f7dff1439cc8255d5d9f48d3
cb9d89fb98be15ab059e2d219bc419bb9b0f78a3
1b070d1908749dde98a73ba00a6d0ad584d2520b3935e4262764ecfc7ee4d781

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=130189
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:30 GMT
Etag: "637f35af-117"
Expires: Sat, 26 Nov 2022 09:13:19 GMT
Last-Modified: Thu, 24 Nov 2022 09:13:19 GMT
Server: nginx
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
468056f4f7dff1439cc8255d5d9f48d3
cb9d89fb98be15ab059e2d219bc419bb9b0f78a3
1b070d1908749dde98a73ba00a6d0ad584d2520b3935e4262764ecfc7ee4d781

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=130189
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:30 GMT
Etag: "637f35af-117"
Expires: Sat, 26 Nov 2022 09:13:19 GMT
Last-Modified: Thu, 24 Nov 2022 09:13:19 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
fd6e45fec9010f48d052dc17826c75f0
218e01b9707f1e123eef81d70f24f0d95e526465
8ba8111e6058eb953ea4804e6fcbbba380a2087609b5bc49c7ccade7fef100a8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4377
Cache-Control: max-age=126654
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:30 GMT
Etag: "637f16c7-116"
Expires: Sat, 26 Nov 2022 08:14:24 GMT
Last-Modified: Thu, 24 Nov 2022 07:01:27 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

34 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
34 kB (34012 bytes)
Hash
93eabf9d221c4d96e840f057344878cb
518213531c53d7141e2fc488803e1c6cb0e64998
b82425239528de07daa1113356b343e431224041be3b1a27ae621790a96daff3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

2.4 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
2.4 kB (2421 bytes)
Hash
f19c3172f2004baacc1ea3edbb706845
f58331c9b4461c07414735c7a065c65c1e49a809
71cd0a578e920fa073e47bca831c3bddba857f5ac3e779b6327074ae498011a5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.statically.io/img/www.mydoramas.com/wp-content/themes/mydoramas/images/logo2.png

151.101.85.91

301 Moved Permanently

30 B

URL HTTP/2
cdn.statically.io/img/www.mydoramas.com/wp-content/themes/mydoramas/images/logo2.png
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571

HTTP Headers

GET /img/www.mydoramas.com/wp-content/themes/mydoramas/images/logo2.png HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Thu, 24 Nov 2022 21:03:31 GMT
location: https://www.mydoramas.com/wp-content/themes/mydoramas/images/logo2.png
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1634-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2

cdn.statically.io/img/www.mydoramas.com/wp-content/uploads/2022/05/Hiru-243x140.png

151.101.85.91

301 Moved Permanently

30 B

URL HTTP/2
cdn.statically.io/img/www.mydoramas.com/wp-content/uploads/2022/05/Hiru-243x140.png
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571

HTTP Headers

GET /img/www.mydoramas.com/wp-content/uploads/2022/05/Hiru-243x140.png HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Thu, 24 Nov 2022 21:03:31 GMT
location: https://www.mydoramas.com/wp-content/uploads/2022/05/Hiru-243x140.png
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1634-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
fd6e45fec9010f48d052dc17826c75f0
218e01b9707f1e123eef81d70f24f0d95e526465
8ba8111e6058eb953ea4804e6fcbbba380a2087609b5bc49c7ccade7fef100a8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4378
Cache-Control: max-age=126654
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:31 GMT
Etag: "637f16c7-116"
Expires: Sat, 26 Nov 2022 08:14:25 GMT
Last-Modified: Thu, 24 Nov 2022 07:01:27 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278

ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

142.250.74.138

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32030)
Size
30 kB (30244 bytes)
Hash
04ba0252a9f264db106d4eaab8df4ccb
cf52d9b3df7839c5c64fbf33aafeced74b3db750
397852429e768ffbd12a78ce4b94f14e3ab4afabf84acb07c0bb5b7798e6e0b2

HTTP Headers

GET /ajax/libs/jquery/3.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 09:07:49 GMT
expires: Thu, 23 Nov 2023 09:07:49 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 129342
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-161725920-1

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-161725920-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43681 bytes)
Hash
94bff6514dd62635edbb04c7270443de
6579605c6a8fc3b767b096932fe336adfb76179b
dcf575a527e03542989591a79c25c3d4ef62c2cdf8051cf7742e4922754f8ab3

HTTP Headers

GET /gtag/js?id=UA-161725920-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 21:03:31 GMT
expires: Thu, 24 Nov 2022 21:03:31 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43681
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
8b697e286964fb685c2c097b4e429174
584a2236f6067e060f364efbaadad98ce24ffb87
c71233b84ef6ff7f29f324da1b8cc97a980ce6d544e5d6037a0256cd45403a46

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 21:03:31 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "72E67C0B61D2072CD60681D3872E200E47C2E8D8"
Expires: Fri, 25 Nov 2022 08:00:00 GMT
Last-Modified: Thu, 24 Nov 2022 20:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1471
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f5177b7eab0b49-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5612
Cache-Control: max-age=135410
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:31 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:40:21 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

484 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
data
Size
484 B (484 bytes)
Hash
50914d2eec404b4a40daac4998942a96
90045a58b7da4e7cd8db638e5a5b392dc5a5fee8
f6a8ebd58b46ce1e2e21741ae4089c76ecda96fbb5ebcc39ea6a77f9e623e219

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 20:11:11 GMT
cache-control: public,max-age=3600
age: 3140
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

54.148.70.121

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.70.121:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0TmO4F5x6DVAqm9JXKKy3A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: I1T9IIjqPPEGP99sFqCqGkUI3y4=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
daacf94df2816d38601a25b4077fceef
26b5bca044775c3b8f4b6556cd9d62b73c42f098
5704038c31b23b06b29be2b2ab55db1ae013d1d20444887f9b13140091b897cd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5704038C31B23B06B29BE2B2AB55DB1AE013D1D20444887F9B13140091B897CD"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 25 Nov 2022 03:03:31 GMT
Date: Thu, 24 Nov 2022 21:03:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

1.3 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.3 kB (1301 bytes)
Hash
b86b713f2f4545ca4248e165c64eaa93
c18e2817ab46162106d4a3c1403beb37de97a04d
29b1cd671a3274eb773f36e782b3be9f8196f7df0bc4130892da7566374da33b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B47B524C4B4825D95FFB41B7EB923573FF677D4881DB64EA1AFE82D24C4E6F9F"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21568
Expires: Fri, 25 Nov 2022 03:02:59 GMT
Date: Thu, 24 Nov 2022 21:03:31 GMT
Connection: keep-alive

forcefulpacehauled.com/3d/7a/2d/3d7a2d5bf2b64118e6cf972becedf265.js

173.233.139.164

200 OK

21 kB

URL HTTP/1.1
forcefulpacehauled.com/3d/7a/2d/3d7a2d5bf2b64118e6cf972becedf265.js
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type
HTML document, ASCII text, with very long lines (60151), with no line terminators
Size
21 kB (20709 bytes)
Hash
ceffc1f01b1defa48c825c887a957a35
063b161f339b7ddd89189a3eefda8a4befa42beb
f29cfc0fa3babc574aea2cb27935bad5fd16acf4c8065ed976d888faadd54f53

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /3d/7a/2d/3d7a2d5bf2b64118e6cf972becedf265.js HTTP/1.1
Host: forcefulpacehauled.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 21:03:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 794d534d361361d014edeb245e02b80b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

forcefulpacehauled.com/7a/11/27/7a112782e6a7c80a4da216d039a4e9a7.js

173.233.139.164

200 OK

13 kB

URL HTTP/1.1
forcefulpacehauled.com/7a/11/27/7a112782e6a7c80a4da216d039a4e9a7.js
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (37163), with no line terminators
Size
13 kB (13438 bytes)
Hash
6df5d7d3845b737fa029e43e6c7658b6
cdb7b238fbf1c0fd0b53427efc7787051cd64bf6
b36f6981c400d150294ec7cb3756422e4e2725c2f9d4ce202c7f622e8ae57bcb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /7a/11/27/7a112782e6a7c80a4da216d039a4e9a7.js HTTP/1.1
Host: forcefulpacehauled.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 21:03:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 054597c2fe22aef7d6a97b79c39466f8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
daedbf6ef8bc447ac2d08a42d4c4bf9f
2864128c9304bd42925932eda5b14ab62f805081
3d745fbf6d7563deeac08ec38de8db388536ff113a89fd20e8e51d9fd6f200d1

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3D745FBF6D7563DEEAC08EC38DE8DB388536FF113A89FD20E8E51D9FD6F200D1"
Last-Modified: Tue, 22 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5645
Expires: Thu, 24 Nov 2022 22:37:36 GMT
Date: Thu, 24 Nov 2022 21:03:31 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

12 kB

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
12 kB (12359 bytes)
Hash
dad39dd78edb11c9c68885028da7f7fb
a7678090dd1409fcf5df0c0377558ed3c0dd0333
8abc1d5b082b25240c5c80a30e7242917e47a0505cff8a105587845dae1c51ad

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=151781
Date: Thu, 24 Nov 2022 21:03:31 GMT
Etag: "637f7219-1d7"
Expires: Sat, 26 Nov 2022 15:13:12 GMT
Last-Modified: Thu, 24 Nov 2022 13:31:05 GMT
Server: ECS (dcb/7F17)
X-Cache: Miss from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2CazuUjHhqZSe-r8qp1bf4KZrQ1V-Y2rkTMzJQZcr2Q3eGQ-5VthhQ==
Age: 6127

fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2

216.58.207.195

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 22504, version 1.0\012- data
Size
22 kB (22504 bytes)
Hash
1c6c65523675abc6fcd78e804325bd77
898d9808304dc157f5dcb18ca169ec6e2b96b3d7
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

HTTP Headers

GET /s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mydoramas.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 17:15:33 GMT
expires: Wed, 22 Nov 2023 17:15:33 GMT
cache-control: public, max-age=31536000
age: 186478
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2

216.58.207.195

200 OK

23 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23236, version 1.0\012- data
Size
23 kB (23236 bytes)
Hash
716309aab2bca045f9627f63ad79d0bf
38804233a29aaf975d557fe14e762c627bef76e0
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

HTTP Headers

GET /s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mydoramas.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 94182
last-modified: Tue, 26 Apr 2022 16:04:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.195

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mydoramas.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:42:51 GMT
expires: Fri, 24 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 55240
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

18.185.190.54

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
18.185.190.54:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
10085d13d86fa6f4d85fcf85f0cca327
f1043529136456ec2dcfe6cc34da03cc0866e49f
f5d7ea133ed6a1ec7bde0cdcd5496459692e87f79c16f035fd4955daeca86940

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mydoramas.com
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 24 Nov 2022 21:03:31 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.mydoramas.com
access-control-allow-credentials: true
set-cookie: uid_id2=f2232483-3323-4d00-b41a-b83ccb812ac4:2:1; expires=Sun, 21 Nov 2032 21:03:31 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
5348b4ee74a9c894db836c2b61cc7086
9a65195ea94f2f7326007ad86ca1675010f4c00e
d2c786795613bca9a9bee9143dc278307b828a07b40880cfa20e087895aa359a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=150697
Date: Thu, 24 Nov 2022 21:03:31 GMT
Etag: "637f7219-1d7"
Expires: Sat, 26 Nov 2022 14:55:08 GMT
Last-Modified: Thu, 24 Nov 2022 13:31:05 GMT
Server: ECS (dcb/7F3A)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5rTvbrb99nJLVgbuLsekxgnh64r6bFuIbQj3pTClVEM83WbdtqS2KQ==
Age: 5043

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

simplewebanalysis.com/stats

18.185.190.54

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
18.185.190.54:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
1cc2ed998fec31f218f141cd038771a0
23a7d58600f79af892ada68b47dec1485fcec3c7
6e9fade7d37263b253b179777560ecd47028d1c79727c060f88da51b6a417bc1

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mydoramas.com
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 24 Nov 2022 21:03:32 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.mydoramas.com
access-control-allow-credentials: true
set-cookie: uid_id2=289f4127-d290-4330-a0e0-c2c8a0af932f:1:1; expires=Sun, 21 Nov 2032 21:03:32 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

7.7 kB

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
7.7 kB (7715 bytes)
Hash
cfda7ce449e52a4edcd55a9fcfd303c3
561ac24c0821bff5a691e01a5c7bbef58feff06a
7e45441031d40969e164e79b7b313406a0082e15c88f83d3b26e5349e814af76

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3D745FBF6D7563DEEAC08EC38DE8DB388536FF113A89FD20E8E51D9FD6F200D1"
Last-Modified: Tue, 22 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5644
Expires: Thu, 24 Nov 2022 22:37:36 GMT
Date: Thu, 24 Nov 2022 21:03:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4ef75fcea13092be20b3fdea1a1d0797
d509e59d1d06577d84491687167bba4884404a18
98c6ffd282eae8de84bb66b55c3c4c5077aae2f5bcfec1e31ec81320fad627db

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98C6FFD282EAE8DE84BB66B55C3C4C5077AAE2F5BCFEC1E31EC81320FAD627DB"
Last-Modified: Tue, 22 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4480
Expires: Thu, 24 Nov 2022 22:18:12 GMT
Date: Thu, 24 Nov 2022 21:03:32 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
186f5295f578dc81663537fd23a898a8
212cd5caaa9d44817996854d067e7a4eae843a56
01a37259454aef3bf6436eeac239313c9bb17f58337ad0070c7784f154069e8f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 24 Nov 2022 20:41:08 GMT
expires: Thu, 24 Nov 2022 22:41:08 GMT
cache-control: public, max-age=7200
age: 1344
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
670dda5fda45a89db08867e9109f65b7
2a64bc381f8e795fe7a46a98c3e8add2f1ade404
7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4390
Cache-Control: max-age=119769
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:32 GMT
Etag: "637efbd7-1d7"
Expires: Sat, 26 Nov 2022 06:19:41 GMT
Last-Modified: Thu, 24 Nov 2022 05:06:31 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

apis.google.com/js/platform.js

142.250.74.174

200 OK

21 kB

URL HTTP/2
apis.google.com/js/platform.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1279)
Size
21 kB (20984 bytes)
Hash
7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61

HTTP Headers

GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Thu, 24 Nov 2022 21:03:32 GMT
expires: Thu, 24 Nov 2022 21:03:32 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

connect.facebook.net/pt_BR/sdk.js

157.240.200.14

200 OK

1.7 kB

URL HTTP/2
connect.facebook.net/pt_BR/sdk.js
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (1957)
Size
1.7 kB (1686 bytes)
Hash
2c39b4fec83757ecd0e8777f00a77fc1
c73e3df3124b63ab0613486226b4c83b0908fc8b
66ae4f223be7230cd8641583c649ebd4dd9939648acbe6083e18bc7d7c24cb0a

HTTP Headers

GET /pt_BR/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: ce342f1ff7cbe590aef67f52c682b721
etag: "ecf02fce1a3110a7aaec7d395e156201"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 24 Nov 2022 21:19:06 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: LDm0/sg3V+zQ6Hd/AKd/wQ==
x-fb-debug: VxfwlfhweYSxrDqPagsC3nGFjPERLa4pOXXQb3oYj81z8pMic9cWHpufkrT5j68ooW+LXil0C1//1iLgtHdl9g==
priority: u=3,i
content-length: 1686
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 21:03:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
670dda5fda45a89db08867e9109f65b7
2a64bc381f8e795fe7a46a98c3e8add2f1ade404
7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4390
Cache-Control: max-age=119769
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:32 GMT
Etag: "637efbd7-1d7"
Expires: Sat, 26 Nov 2022 06:19:41 GMT
Last-Modified: Thu, 24 Nov 2022 05:06:31 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

parkingridiculous.com/pixel/purst?dl=0&th=0&sc=0&rs=1662&rd=1662&fd=902&bv=22.10.v.9&tmpl=70

173.233.139.164

200 OK

0 B

URL HTTP/1.1
parkingridiculous.com/pixel/purst?dl=0&th=0&sc=0&rs=1662&rd=1662&fd=902&bv=22.10.v.9&tmpl=70
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1662&rd=1662&fd=902&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 21:03:32 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

connect.facebook.net/pt_BR/sdk.js?hash=d4d741dc068cf3fed12da7cfeb405786

157.240.200.14

200 OK

88 kB

URL HTTP/2
connect.facebook.net/pt_BR/sdk.js?hash=d4d741dc068cf3fed12da7cfeb405786
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (18530)
Size
88 kB (88408 bytes)
Hash
c77c9d2f2d3909dccbf5bd4bdbac77f8
c885298ffd039d86ce694c771f20ce614668a7e7
d719f88a5b83224a8d17668022925a15589bb2135874084a537a088e22209440

HTTP Headers

GET /pt_BR/sdk.js?hash=d4d741dc068cf3fed12da7cfeb405786 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mydoramas.com
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: c06254cd28f17e9636bbb956caff3492
etag: "7bc12af3889cb9fb90febc83fea91717"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 24 Nov 2023 20:32:02 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: x3ydLy05CdzL9b1L26x3+A==
x-fb-debug: cIuSE4D6hfL68BrhvhGxDqHJbBqDva7sQVBRo/ZflCEdNUNTScLQyqgmyZAEb3G/YOrUy/sBOgsEuXe1bq0Mnw==
content-length: 88408
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 21:03:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10667
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 21:03:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

630 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
630 B (630 bytes)
Hash
2f5662fb22b114a3dd96c443ec5beaaa
02a043abb0b4aad46cbbecb47f91394a4eed05c0
562cf33ba44d1aee1e993c7a56e70c5d23c47a8a0a06f101e5ea20336144b89d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10667
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 21:03:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

10 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
10 kB (9967 bytes)
Hash
0c5fb173f406bfe260767d89e3d97c41
1347191efc79207ae7d9353c5601c322bce9cb61
44a6f3c256ae0f44ab390013ea5651f783bc8c9ec0b8d06ee6a4954757949db3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10667
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 21:03:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10667
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 21:03:32 GMT
Connection: keep-alive

friendshipmale.com/sfp.js

104.21.234.93

200 OK

32 kB

URL HTTP/2
friendshipmale.com/sfp.js
IP
104.21.234.93:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
32 kB (32189 bytes)
Hash
f0bda620a23c0fa57452a292756e5d00
ea35e20d72a1beb1208e3925c91910fe0671a87d
8848cb179afffad8184bfe148665bf8e807bc5dda6fd8e94a6e0d4061abc62ab

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 24 Nov 2022 21:03:32 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 7c5b252453dea77d5e9c2e43b170ae35
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 24 Nov 2022 21:03:31 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUzAcVxk2QqVMQHxF9A%2F8OeGhHGOLwKkdL3nkkfnPb336ruYg5eQx4KogYTq3egRxiwbAtbmZCAI4zTXxP%2FcJPh8LJQ7xA5VpZ83B8OBv8Xatg5WOb0DLhKecB0NyHJaqKsPZ6Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f517806ccc887d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp

34.120.237.76

200 OK

19 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
19 kB (18757 bytes)
Hash
c7ebaa240046625571d07865ba4da816
4e966970f61679bb03370b1797e69724391eea6d
6891f9b561d275902f680a284d57abeb66201bd2fc0dad22d1d0fbd23f887a78

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ve4q5FDkwMGhPK6ZVVVCZtoBTaGaz43r_PwINzwS5Nx5tcZeQkVIfw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:47 GMT
age: 83625
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7993 bytes)
Hash
92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:06 GMT
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
age: 83786
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6789 bytes)
Hash
d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:15:22 GMT
age: 49690
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4309 bytes)
Hash
841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 49765
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bda37a1-533d-48a6-bc76-7ecc9fe2dfc8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6426 bytes)
Hash
eeac5ead5ce62f0d9e2d4bcefa946208
c2430d901f2b4e4a463e90c540294f334553a246
850a89160f840d7509806c5becd6b074a92613920474195f63d7e7a9cf18d908

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bda37a1-533d-48a6-bc76-7ecc9fe2dfc8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6426
x-amzn-requestid: 6f27f360-dd76-4aee-a9bc-cbd52cd80def
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvx8GtpIAMFvQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e933f-69fa8ba571cc62036406e6bf;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ow9srZWasko5f0TMk632PH2_NgfxBEwGPCXoRTp7gVxfDrP9st2opw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:03:45 GMT
age: 82787
etag: "c2430d901f2b4e4a463e90c540294f334553a246"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6558a70780dc0cdfaefa2728c371d414
fb73032b8b168adfe13daa925eb3d2728db1a142
898b551893c7b6498bae30276b0c5b105596be0982ff810583192ec0b632192d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "898B551893C7B6498BAE30276B0C5B105596BE0982FF810583192EC0B632192D"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11410
Expires: Fri, 25 Nov 2022 00:13:43 GMT
Date: Thu, 24 Nov 2022 21:03:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
114fcbbbf1c185d571af73ae9ccf0730
b5e6644662439e6e80cbe9206b7047c22942afe7
742f3855fe106545e8f28ecdf5649649b5fe76099866379276defd773647ba70

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "742F3855FE106545E8F28ECDF5649649B5FE76099866379276DEFD773647BA70"
Last-Modified: Tue, 22 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8714
Expires: Thu, 24 Nov 2022 23:28:47 GMT
Date: Thu, 24 Nov 2022 21:03:33 GMT
Connection: keep-alive

unseenreport.com/pxf.gif?uuid=289f4127-d290-4330-a0e0-c2c8a0af932f&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=7a112782e6a7c80a4da216d039a4e9a7&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21

192.243.61.227

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=289f4127-d290-4330-a0e0-c2c8a0af932f&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=7a112782e6a7c80a4da216d039a4e9a7&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=289f4127-d290-4330-a0e0-c2c8a0af932f&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=7a112782e6a7c80a4da216d039a4e9a7&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 21:03:33 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8757e287c052f6044aee96283f7fdb3d
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=289f4127-d290-4330-a0e0-c2c8a0af932f&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=3d7a2d5bf2b64118e6cf972becedf265&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21

192.243.61.227

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=289f4127-d290-4330-a0e0-c2c8a0af932f&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=3d7a2d5bf2b64118e6cf972becedf265&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=289f4127-d290-4330-a0e0-c2c8a0af932f&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=3d7a2d5bf2b64118e6cf972becedf265&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 21:03:33 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b05cf806248c526f608e864eca909860
Strict-Transport-Security: max-age=0; includeSubdomains

soldierreproduceadmiration.com/sbar.json?key=7a112782e6a7c80a4da216d039a4e9a7&uuid=289f4127-d290-4330-a0e0-c2c8a0af932f%3A1%3A1

173.233.137.36

200 OK

4.2 kB

URL HTTP/1.1
soldierreproduceadmiration.com/sbar.json?key=7a112782e6a7c80a4da216d039a4e9a7&uuid=289f4127-d290-4330-a0e0-c2c8a0af932f%3A1%3A1
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
JSON data\012- , ASCII text, with very long lines (5763), with no line terminators
Size
4.2 kB (4190 bytes)
Hash
82288ed95afbc4e3f4631b1d1802b119
130149048f40f2d711d604a41434bd29752ddfeb
44130e95c17c3595b006e6c5e0741faa1c094033b3875cd39da38576900aeb5a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sbar.json?key=7a112782e6a7c80a4da216d039a4e9a7&uuid=289f4127-d290-4330-a0e0-c2c8a0af932f%3A1%3A1 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mydoramas.com
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 21:03:33 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.mydoramas.com
Access-Control-Allow-Origin: https://www.mydoramas.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15548788; expires=Fri, 25 Nov 2022 21:03:33 GMT; secure; SameSite=None
uid_id2=289f4127-d290-4330-a0e0-c2c8a0af932f:1:1; expires=Thu, 01 Dec 2022 21:03:33 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 25 Nov 2022 21:03:33 GMT; secure; SameSite=None
uncs=1; expires=Fri, 25 Nov 2022 21:03:33 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 25 Nov 2022 21:03:33 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 25 Nov 2022 21:03:33 GMT; secure; SameSite=None
slec7a112782e6a7c80a4da216d039a4e9a7=[3760951]; expires=Thu, 24 Nov 2022 21:03:38 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4cbf674c1a5c875025b1855c97d9af6e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
4ef155e76f73eaba1358ac3eb09b1cfd
f16305cf346a1977c050fbec1e5e72c3b31660ad
d334a371d644e3f0850d06dab872698dfcbb1fde34cbe0fa7c27e913cf4984e2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5737
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:03:33 GMT
Last-Modified: Thu, 24 Nov 2022 19:27:56 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279

soldierreproduceadmiration.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRSuTtaLngy5eDDOQSGCO1vdM7MzbQ4hMa4Ek2xMIgveqquqZ8ut7mqquqdn9%2BJiUHNQmOBBj73f7GZRo5ibF1FmvYQFYceDLOj6A0QQhIA3mdmBxQdV77363uH7vnofbhVHhKJghzevmw2lNVto1Wnt%2FIpKhSld7cadmk%2Fr9EJtRaWLzQu1%2FuSyvVd92qrTl2tvSL5mFgLqU%2BpTv7akrIxNf2GKQmUPQ78e0nozqPutJvr2%2F70rPDjmQfSOyBkoMX5q9fEjKD5Cmnx7Rbq13GSvvJ4UmuXGoid2307XUlOmSE7K2HqI093ZNIwbE%2FL5KZh0d6YAprc9UYBIjYn3q48o3Z3RRNTbOWYaacgUkXgGZW8EqUdQbARu7kKJAwJwgRvLSJMHN4wt2foxyibomMw9%2BQeqHJO5388iTb65rFW%2FdtvoIlcmdejHFVR%2FBNUdISv2kG94UOUeeP4%2BlPiZLDy5hjTZXnbaQInDF4NOGDf9oD0vgpDONxsNOs%2BopPM84B1GWRw2gnhqkVIjqHgELQdgzkMxOcpDEXsoMg%2BJOKyxVhhT2o6juNHoNDnnjQbnrc6iaIlGsxNTFHyiYYA8G4DrAbjdRGY3sabuH7TOwBY%2Fwq1WcMKDywl6okIpCUpHUDKCUhGUOUHZq3aEdoGrHgjtisif5WCWG9XQ5N0ttmPyrkzJVnZEnp1699elHGvysNZmvh%2B0O4FcZG3eoawpWOAvCtoIWVOGrA2nKih3aqp0Q43J2Y%2FOI1NjcmqJIWJ7cHoPXJ0GK54HK4ftgIKtDpsdio3062TdGcsS5urcJBCmQpbPIV%2F3tvQReW5KJORtSL5%2F8d9z37315wcvgNsKma3wrvqJoKvvDW%2BZkmzfMqUjj5azXCVqg00%2B%2BHbOcjn35ZtyvTRWXL3iBl9c4hNgUj68I11%2BjaVCpV1HvrqshJB2yVguyfdX3YqMbhZu9XJh0yK7dvO1patJZqVzyqQjMHXQ%2FhRcjcnT1zenq3vu48dQdgRbVEiKfTILKLMHnm3CZfsXP%2Ftk%2BY8L4h04Q2D1yUyUeSiLamiD6ORRKwItT3oWVXDyxIJI7v%2Fw9zG25e6haz2w%2FC7SpELPVujpCkwP4IrTwzyz%2Bxd%2FaUwDkfaGkbbedqStvn9srVOHNdmKaSxpIKM4jOI2oyKMm2HEQl%2B2oxbzkbsxf%2B%2B3l%2F4DAAD%2F%2FwEAAP%2F%2FD%2BewEpIEAAA%3D

173.233.137.36

200 OK

7 B

URL HTTP/1.1
soldierreproduceadmiration.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRSuTtaLngy5eDDOQSGCO1vdM7MzbQ4hMa4Ek2xMIgveqquqZ8ut7mqquqdn9%2BJiUHNQmOBBj73f7GZRo5ibF1FmvYQFYceDLOj6A0QQhIA3mdmBxQdV77363uH7vnofbhVHhKJghzevmw2lNVto1Wnt%2FIpKhSld7cadmk%2Fr9EJtRaWLzQu1%2FuSyvVd92qrTl2tvSL5mFgLqU%2BpTv7akrIxNf2GKQmUPQ78e0nozqPutJvr2%2F70rPDjmQfSOyBkoMX5q9fEjKD5Cmnx7Rbq13GSvvJ4UmuXGoid2307XUlOmSE7K2HqI093ZNIwbE%2FL5KZh0d6YAprc9UYBIjYn3q48o3Z3RRNTbOWYaacgUkXgGZW8EqUdQbARu7kKJAwJwgRvLSJMHN4wt2foxyibomMw9%2BQeqHJO5388iTb65rFW%2FdtvoIlcmdejHFVR%2FBNUdISv2kG94UOUeeP4%2BlPiZLDy5hjTZXnbaQInDF4NOGDf9oD0vgpDONxsNOs%2BopPM84B1GWRw2gnhqkVIjqHgELQdgzkMxOcpDEXsoMg%2BJOKyxVhhT2o6juNHoNDnnjQbnrc6iaIlGsxNTFHyiYYA8G4DrAbjdRGY3sabuH7TOwBY%2Fwq1WcMKDywl6okIpCUpHUDKCUhGUOUHZq3aEdoGrHgjtisif5WCWG9XQ5N0ttmPyrkzJVnZEnp1699elHGvysNZmvh%2B0O4FcZG3eoawpWOAvCtoIWVOGrA2nKih3aqp0Q43J2Y%2FOI1NjcmqJIWJ7cHoPXJ0GK54HK4ftgIKtDpsdio3062TdGcsS5urcJBCmQpbPIV%2F3tvQReW5KJORtSL5%2F8d9z37315wcvgNsKma3wrvqJoKvvDW%2BZkmzfMqUjj5azXCVqg00%2B%2BHbOcjn35ZtyvTRWXL3iBl9c4hNgUj68I11%2BjaVCpV1HvrqshJB2yVguyfdX3YqMbhZu9XJh0yK7dvO1patJZqVzyqQjMHXQ%2FhRcjcnT1zenq3vu48dQdgRbVEiKfTILKLMHnm3CZfsXP%2Ftk%2BY8L4h04Q2D1yUyUeSiLamiD6ORRKwItT3oWVXDyxIJI7v%2Fw9zG25e6haz2w%2FC7SpELPVujpCkwP4IrTwzyz%2Bxd%2FaUwDkfaGkbbedqStvn9srVOHNdmKaSxpIKM4jOI2oyKMm2HEQl%2B2oxbzkbsxf%2B%2B3l%2F4DAAD%2F%2FwEAAP%2F%2FD%2BewEpIEAAA%3D
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRSuTtaLngy5eDDOQSGCO1vdM7MzbQ4hMa4Ek2xMIgveqquqZ8ut7mqquqdn9%2BJiUHNQmOBBj73f7GZRo5ibF1FmvYQFYceDLOj6A0QQhIA3mdmBxQdV77363uH7vnofbhVHhKJghzevmw2lNVto1Wnt%2FIpKhSld7cadmk%2Fr9EJtRaWLzQu1%2FuSyvVd92qrTl2tvSL5mFgLqU%2BpTv7akrIxNf2GKQmUPQ78e0nozqPutJvr2%2F70rPDjmQfSOyBkoMX5q9fEjKD5Cmnx7Rbq13GSvvJ4UmuXGoid2307XUlOmSE7K2HqI093ZNIwbE%2FL5KZh0d6YAprc9UYBIjYn3q48o3Z3RRNTbOWYaacgUkXgGZW8EqUdQbARu7kKJAwJwgRvLSJMHN4wt2foxyibomMw9%2BQeqHJO5388iTb65rFW%2FdtvoIlcmdejHFVR%2FBNUdISv2kG94UOUeeP4%2BlPiZLDy5hjTZXnbaQInDF4NOGDf9oD0vgpDONxsNOs%2BopPM84B1GWRw2gnhqkVIjqHgELQdgzkMxOcpDEXsoMg%2BJOKyxVhhT2o6juNHoNDnnjQbnrc6iaIlGsxNTFHyiYYA8G4DrAbjdRGY3sabuH7TOwBY%2Fwq1WcMKDywl6okIpCUpHUDKCUhGUOUHZq3aEdoGrHgjtisif5WCWG9XQ5N0ttmPyrkzJVnZEnp1699elHGvysNZmvh%2B0O4FcZG3eoawpWOAvCtoIWVOGrA2nKih3aqp0Q43J2Y%2FOI1NjcmqJIWJ7cHoPXJ0GK54HK4ftgIKtDpsdio3062TdGcsS5urcJBCmQpbPIV%2F3tvQReW5KJORtSL5%2F8d9z37315wcvgNsKma3wrvqJoKvvDW%2BZkmzfMqUjj5azXCVqg00%2B%2BHbOcjn35ZtyvTRWXL3iBl9c4hNgUj68I11%2BjaVCpV1HvrqshJB2yVguyfdX3YqMbhZu9XJh0yK7dvO1patJZqVzyqQjMHXQ%2FhRcjcnT1zenq3vu48dQdgRbVEiKfTILKLMHnm3CZfsXP%2Ftk%2BY8L4h04Q2D1yUyUeSiLamiD6ORRKwItT3oWVXDyxIJI7v%2Fw9zG25e6haz2w%2FC7SpELPVujpCkwP4IrTwzyz%2Bxd%2FaUwDkfaGkbbedqStvn9srVOHNdmKaSxpIKM4jOI2oyKMm2HEQl%2B2oxbzkbsxf%2B%2B3l%2F4DAAD%2F%2FwEAAP%2F%2FD%2BewEpIEAAA%3D HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Cookie: u_pl=15548788; uid_id2=289f4127-d290-4330-a0e0-c2c8a0af932f:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec7a112782e6a7c80a4da216d039a4e9a7=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 21:03:33 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2c8bcf02ffdd10825ed42860b6b5bdb3
Strict-Transport-Security: max-age=0; includeSubdomains

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
0eae74238d1c9828cd086271241b5e66
4cdd2c9e819b5c71d1d3e4836063a7a9f89ccf15
4884107002b9840725b58cd3ff13215471bdcd8c2a1029c3eeadd16abe4d91d2

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4884107002B9840725B58CD3FF13215471BDCD8C2A1029C3EEADD16ABE4D91D2"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9051
Expires: Thu, 24 Nov 2022 23:34:25 GMT
Date: Thu, 24 Nov 2022 21:03:34 GMT
Connection: keep-alive

soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Findex.html&l=1525&fd=677

173.233.137.36

200 OK

0 B

URL HTTP/1.1
soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Findex.html&l=1525&fd=677
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Findex.html&l=1525&fd=677 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Cookie: u_pl=15548788; uid_id2=289f4127-d290-4330-a0e0-c2c8a0af932f:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec7a112782e6a7c80a4da216d039a4e9a7=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 21:03:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/img/close.png

172.64.109.13

200 OK

6.0 kB

URL HTTP/2
cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/img/close.png
IP
172.64.109.13:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Size
6.0 kB (5982 bytes)
Hash
c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd

HTTP Headers

GET /sb/notifications/software/multi/browsers/ff/3/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 24 Nov 2022 21:03:34 GMT
content-type: image/png
content-length: 5982
last-modified: Thu, 08 Sep 2022 07:49:57 GMT
etag: "63199ea5-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 490695
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ig06Q1x%2FhNs9RhPfyJo2V8Xrf2ByY3vtPfQYD18ojre5Uw8rQxm5bo29iv%2FIo9m9u%2FrJg0eC3B3%2FW1ay4KFuFkq4SUdF9Q6b3wBzZlPI25MzrNnd0vXxW6gyZoHIXcTebS8ZWX7CxzXc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f517902d9672c7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/img/update-icon.png

172.64.109.13

200 OK

175 kB

URL HTTP/2
cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/img/update-icon.png
IP
172.64.109.13:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 452 x 453, 8-bit/color RGBA, non-interlaced\012- data
Size
175 kB (174730 bytes)
Hash
85bc2f8a287afa33ac84c90178055d00
c98e7ebd06397a77a20607f55fe4ebf1b57ca334
85d20d101efc753f9b0619a33901e1689d1e0c11a46bf6d6d657c1393542cc30

HTTP Headers

GET /sb/notifications/software/multi/browsers/ff/3/img/update-icon.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 24 Nov 2022 21:03:34 GMT
content-type: image/png
content-length: 174730
last-modified: Thu, 08 Sep 2022 07:49:58 GMT
etag: "63199ea6-2aa8a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 490695
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7pmSsuqHopv2E%2BdyT78exzknbd%2F4ivMYzG4Q2NdsqbG1TtBPlURsmVQyyr1PaRJM%2F1na%2BvG07rY0Sc1jrU%2FzfH84wJhPC9fNFkxMvwtaJPp%2Fq5mSCOwKlFWzOH7THUcrt6ZRhAwNTR4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f517902d9b72c7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
0eae74238d1c9828cd086271241b5e66
4cdd2c9e819b5c71d1d3e4836063a7a9f89ccf15
4884107002b9840725b58cd3ff13215471bdcd8c2a1029c3eeadd16abe4d91d2

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4884107002B9840725B58CD3FF13215471BDCD8C2A1029C3EEADD16ABE4D91D2"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9051
Expires: Thu, 24 Nov 2022 23:34:25 GMT
Date: Thu, 24 Nov 2022 21:03:34 GMT
Connection: keep-alive

soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fmagic.css&l=45250&fd=353

173.233.137.36

200 OK

0 B

URL HTTP/1.1
soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fmagic.css&l=45250&fd=353
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fmagic.css&l=45250&fd=353 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Cookie: u_pl=15548788; uid_id2=289f4127-d290-4330-a0e0-c2c8a0af932f:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec7a112782e6a7c80a4da216d039a4e9a7=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 21:03:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mydoramas.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 91766
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mydoramas.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 94185
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fjs%2Fscript.js&l=8814&fd=145

173.233.137.36

200 OK

0 B

URL HTTP/1.1
soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fjs%2Fscript.js&l=8814&fd=145
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fjs%2Fscript.js&l=8814&fd=145 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Cookie: u_pl=15548788; uid_id2=289f4127-d290-4330-a0e0-c2c8a0af932f:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec7a112782e6a7c80a4da216d039a4e9a7=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 21:03:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/css/magic.css

172.64.109.13

200 OK

2.9 kB

URL HTTP/2
cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/css/magic.css
IP
172.64.109.13:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
2.9 kB (2894 bytes)
Hash
6201ab7da81015a578bd1b89472730cc
534db0d7492dc08db2e6230d27102373a533ec80
66402a571a1e9607aa0ebf03c0a1a9470660e900a219dad9bdb0a81bc73c3eef

HTTP Headers

GET /sb/notifications/software/multi/browsers/ff/3/css/magic.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mydoramas.com
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 24 Nov 2022 21:03:34 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 07:49:55 GMT
etag: W/"63199ea3-b0c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sO8%2FUNX3f7PBqavUJei5wJKvar7COTll0A1wK7RItX%2BERFKL6eW3aof3GExL7MkjlR4iGTReKt7fQiRISUSag8z1OSShupBCb88nDOud%2BsIlhSu6Hi7kQ6QASIuNSutzQg3e18uo3T%2BD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f517900d4f72c7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/script.js

172.64.109.13

200 OK

5.6 kB

URL HTTP/2
cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/script.js
IP
172.64.109.13:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
5.6 kB (5608 bytes)
Hash
52e2fb5dcc6a1ab82032b7f1789cc99b
d933bebf96e76247426e3a00cde8e91afe9ce266
2025e7a23e0e756964ed42b9f20a0e074a4b2342650147f38218da6c02f48b3e

HTTP Headers

GET /sb/notifications/software/multi/browsers/ff/3/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mydoramas.com
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 24 Nov 2022 21:03:34 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:49:59 GMT
etag: W/"63199ea7-2ae2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOKWYMzplXM70YdOjFN9YfwOckmEPA7yIEv74g0o5ZwxPFjWW%2FD9%2BqVhoVikJOvHHvcYKAcFvwyZXpA4isjAA7Hft7cHCMricWywzQbrbXgSPzcJBlljJvEmO538C%2B50REns4hylyLLH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f51790de9c72c7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/css/style.css

172.64.109.13

200 OK

1.1 kB

URL HTTP/2
cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/css/style.css
IP
172.64.109.13:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.1 kB (1106 bytes)
Hash
7d924b546cf98fcbbe1f1a66415efde9
8e0a8461aeb82f933769ab0e9fa69499aa974b35
634a2180f3499f5a77e19fd106d0521148296f7fb5baa3c57701d284d9279df7

HTTP Headers

GET /sb/notifications/software/multi/browsers/ff/3/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mydoramas.com
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 24 Nov 2022 21:03:34 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 07:49:56 GMT
etag: W/"63199ea4-e97"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hCVO23qCj6cL%2BA3bZW7FLGNN%2FXDpHpy%2F4lTzYWYadlFkWWt6gjbF2EoMtWGFg%2BXlRrd1r7rK%2F6TVG6IQJr%2B%2Bhl8swG6lXmZC80OdZpUKgAGw1gJnCgxbrU%2FOdk6BUjdksBHkw6DjNGN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f517901d7f72c7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/jquery.min.js

172.64.109.13

200 OK

0 B

URL HTTP/2
cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/jquery.min.js
IP
172.64.109.13:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/notifications/software/multi/browsers/ff/3/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 24 Nov 2022 21:03:34 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:49:59 GMT
etag: W/"63199ea7-149a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 490695
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uXkf5YwrD0c4VaDEtO2vXuEjvJmUTwwzkx5ORDfHfqX1%2Fhjzq0i7ABMGBGnlCFTHn6JTDXfw1HGPug8COw9cvQWw33%2FvZxm%2FYN9VjVjBvi9UE4LFar%2FZB%2FebLlI0YNY55mlsj%2FAdfisg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f517902d9c72c7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

104.18.11.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /font-awesome/4.4.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 24 Nov 2022 21:03:30 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 12/13/2021 21:25:06
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 632
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 8ac87b10825a6871d9cd076fc3a23e4f
cdn-cache: HIT
cf-cache-status: HIT
age: 14770562
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76f5177a8e7ab4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i,800,800i%7CLato:300,400,700,900

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i,800,800i%7CLato:300,400,700,900
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:400,400i,600,600i,700,700i,800,800i%7CLato:300,400,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 21:03:31 GMT
date: Thu, 24 Nov 2022 21:03:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.yourwebbars.com/sb/notifications/software/multi/browsers/ff/3/index.html

104.26.7.19

200 OK

0 B

URL HTTP/2
cdn.yourwebbars.com/sb/notifications/software/multi/browsers/ff/3/index.html
IP
104.26.7.19:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/notifications/software/multi/browsers/ff/3/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mydoramas.com
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 24 Nov 2022 21:03:34 GMT
content-type: text/html
last-modified: Thu, 08 Sep 2022 07:49:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJfbvcB5a1Dkp5CsTXVFIL8%2BtSAeQbn%2Bvamw9BQZBYju7qO3BWNOtXV5jfSijGTOhwQ9uC24MHEWU%2FDvTOqV6wekimLbPIOCgGnYSfClrTPVnOShJPbMuIWizbOBuxFVvXzNCxE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f5178b5dc10b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.mydoramas.com/dramas-japoneses/

104.21.13.222

200 OK

0 B

URL HTTP/2
www.mydoramas.com/dramas-japoneses/
IP
104.21.13.222:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dramas-japoneses/ HTTP/1.1
Host: www.mydoramas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Thu, 24 Nov 2022 21:03:30 GMT
content-type: text/html; charset=UTF-8
x-powered-by: Private Web Hosting
accept-ch: sec-ch-dpr, sec-ch-width, sec-ch-viewport-width
link: <https://cdn.statically.io>; rel=preconnect, <https://www.mydoramas.com/wp-json/>; rel="https://api.w.org/", <https://www.mydoramas.com/wp-json/wp/v2/categories/8216>; rel="alternate"; type="application/json"
permissions-policy: ch-dpr=("https://cdn.statically.io"), ch-width=("https://cdn.statically.io"), ch-viewport-width=("https://cdn.statically.io")
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 79c_HTTP.200,79c_category,79c_URL.48a71edf94a582eda5ffee1dae9e8c11,79c_T.8216,79c_
x-litespeed-cache: miss
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GIHOIX5Zo7BFQoqMZGdWZT02J2NXwo3nOm3G46P5Rt1EPjhHgaJbHtRr33s65xdovjAsfHWncmMF7mixxgZgdBXICyHrqwgC%2BKWqKLlDVKMEksqsqW7M4moznRJ7vOx3M1J5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f517789c1fb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato:300,400,900

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Lato:300,400,900
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Lato:300,400,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mydoramas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 21:03:31 GMT
date: Thu, 24 Nov 2022 21:03:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations