| cdn.jsdelivr.net/npm/hls.js@0.12.4/dist/hls.min.js |  151.101.193.229 | 200 OK | 74 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/hls.js@0.12.4/dist/hls.min.js IP151.101.193.229:443
Requested byhttps://kwik.cx/f/tHcIY2A5JxLK CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeUnicode text, UTF-8 text, with very long lines (65533), with no line terminators Hash4a3e249823c65d6c3cf865cf9d30188d 512d1f25ead08d0d74bb19242079c948bbc295a7 0290f0d61a6b94aca37bd874640ee172d86ec3743f3c0a611063036261074f92
GET /npm/hls.js@0.12.4/dist/hls.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kwik.cx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.12.4
x-jsd-version-type: version
etag: W/"3dcd4-US0fJerQjQ10uxkkIHnJSLvClac"
content-encoding: br
accept-ranges: bytes
date: Thu, 23 Nov 2023 19:16:47 GMT
age: 6283638
x-served-by: cache-fra-eddf8230091-FRA, cache-bma1635-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 73906
X-Firefox-Spdy: h2
|
|
| mendslaughter.com/e1/01/0e/e1010ee4b61613b1b253d71d1c531c2e.js | 192.243.61.227 | 403 Forbidden | 0 B |
URL GET HTTP/1.1mendslaughter.com/e1/01/0e/e1010ee4b61613b1b253d71d1c531c2e.js IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://kwik.cx/f/tHcIY2A5JxLK CertificateIssuerLet's Encrypt Subjectmendslaughter.com FingerprintE9:CA:76:BC:F9:47:28:93:D9:93:79:E4:25:FC:9F:47:2D:58:46:FD ValidityWed, 01 Nov 2023 07:12:02 GMT - Tue, 30 Jan 2024 07:12:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /e1/01/0e/e1010ee4b61613b1b253d71d1c531c2e.js HTTP/1.1
Host: mendslaughter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kwik.cx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Thu, 23 Nov 2023 19:16:48 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
|
|
| kwik.cx/app/img/kwik-white2.png |  104.21.235.5 | 200 OK | 1.8 kB |
URL GET HTTP/3kwik.cx/app/img/kwik-white2.png IP104.21.235.5:443
Requested byhttps://kwik.cx/f/tHcIY2A5JxLK CertificateIssuerGoogle Trust Services LLC Subjectkwik.cx FingerprintDB:82:23:F7:9F:16:59:48:AB:81:05:C8:45:FF:6F:DD:34:89:51:DD ValidityMon, 30 Oct 2023 08:31:52 GMT - Sun, 28 Jan 2024 08:31:51 GMT
File typePNG image data, 158 x 53, 8-bit colormap, non-interlaced\012- data Hash5853835a3ccd83a8883993d9ff34adf4 5fe49ebe5105e8ec3e3e7cb9d9ddfe04de941a75 860a8140bc3590a37456db83e1983cb992ca5f9b386760aaeae77e7fc1f28ae6
GET /app/img/kwik-white2.png HTTP/1.1
Host: kwik.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kwik.cx/app/css/downstream.css
DNT: 1
Connection: keep-alive
Cookie: kwik_session=eyJpdiI6IjBPZ2JpMzdVbUpMTDFzbmtmMytpbWc9PSIsInZhbHVlIjoiR1hHSlIrMFhTa0FyTFN4TjBnRDBCOERkQ0VKbHNlVDVrTUpwSTFyeGdXL0xmZTFqcUxmMndXZTYrNnh2SXpxb2k3Q3FRR1N5TmFyTDZuMmZFNEZHZ2RHZHcxV2xxYXI1c2lMaG5WbzNNR3YwbkV0N3VKSXZxdmY3TGhUdERKRm8iLCJtYWMiOiJlZmNlODgyY2MxYWU5ZmE2ZDZkZGNmMDlmNDBhYWJkYjQ3YzIzODY4MmFkNTYxZWY1N2FkZjI0NDU1YWM0YTM0IiwidGFnIjoiIn0%3D; srv=s0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 23 Nov 2023 19:16:48 GMT
content-type: image/png
content-length: 1784
last-modified: Thu, 06 May 2021 07:01:15 GMT
expires: Fri, 01 Nov 2024 04:57:47 GMT
cache-control: max-age=31536000
content-security-policy: frame-ancestors 'self' animepahe.com *.animepahe.com animepahe.org *.animepahe.org animepahe.ru *.animepahe.ru
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1153405
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3I5N52ka%2BIwrtw6A3BitTW8iOPVDDxUp51%2BPa1q2IUFVEIZtCNBvA3LlNdssYTvgCkRSXrHNq98KwZ1fk8mLOb1Hd2zoT9WPZGyeTS0u2aKuWdlhJCnJRjRc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82abbfab2b265efd-ARN
alt-svc: h3=":443"; ma=86400
|
|
| kwik.cx/app/img/kwik-black2.png | 104.21.235.5 | 200 OK | 1.8 kB |
URL GET HTTP/3kwik.cx/app/img/kwik-black2.png IP104.21.235.5:443
Requested byhttps://kwik.cx/f/tHcIY2A5JxLK CertificateIssuerGoogle Trust Services LLC Subjectkwik.cx FingerprintDB:82:23:F7:9F:16:59:48:AB:81:05:C8:45:FF:6F:DD:34:89:51:DD ValidityMon, 30 Oct 2023 08:31:52 GMT - Sun, 28 Jan 2024 08:31:51 GMT
File typePNG image data, 158 x 53, 8-bit colormap, non-interlaced\012- data Hash3048a4f59b3901fa5dc102dda7eeeea4 1574fe9a81380b54a1dad296a7fcce5161f8ef81 2c1b200c2cca429c6efad858d154bd545dc25170ec2096881c182ca311c31de8
GET /app/img/kwik-black2.png HTTP/1.1
Host: kwik.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kwik.cx/app/css/downstream.css
DNT: 1
Connection: keep-alive
Cookie: kwik_session=eyJpdiI6IjBPZ2JpMzdVbUpMTDFzbmtmMytpbWc9PSIsInZhbHVlIjoiR1hHSlIrMFhTa0FyTFN4TjBnRDBCOERkQ0VKbHNlVDVrTUpwSTFyeGdXL0xmZTFqcUxmMndXZTYrNnh2SXpxb2k3Q3FRR1N5TmFyTDZuMmZFNEZHZ2RHZHcxV2xxYXI1c2lMaG5WbzNNR3YwbkV0N3VKSXZxdmY3TGhUdERKRm8iLCJtYWMiOiJlZmNlODgyY2MxYWU5ZmE2ZDZkZGNmMDlmNDBhYWJkYjQ3YzIzODY4MmFkNTYxZWY1N2FkZjI0NDU1YWM0YTM0IiwidGFnIjoiIn0%3D; srv=s0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 23 Nov 2023 19:16:48 GMT
content-type: image/png
content-length: 1808
last-modified: Thu, 06 May 2021 07:01:15 GMT
expires: Thu, 07 Nov 2024 01:53:56 GMT
cache-control: max-age=31536000
content-security-policy: frame-ancestors 'self' animepahe.com *.animepahe.com animepahe.org *.animepahe.org animepahe.ru *.animepahe.ru
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 37864
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yx37WjrBHD3eN9RuwosO3er9wm92CW7aQRyswbY3kc%2BddBnQSJLKAjaqDns0grQuHG8lBaDKywjR3poW18cvdtXMdDT9P6cI2ReHil5svNWrqWeb0s7jsBMz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82abbfab2b365efd-ARN
alt-svc: h3=":443"; ma=86400
|
|
| kwik.cx/app/fonts/fa-solid-900.woff | 104.21.235.5 | 200 OK | 80 kB |
URL GET HTTP/3kwik.cx/app/fonts/fa-solid-900.woff IP104.21.235.5:443
Requested byhttps://kwik.cx/f/tHcIY2A5JxLK CertificateIssuerGoogle Trust Services LLC Subjectkwik.cx FingerprintDB:82:23:F7:9F:16:59:48:AB:81:05:C8:45:FF:6F:DD:34:89:51:DD ValidityMon, 30 Oct 2023 08:31:52 GMT - Sun, 28 Jan 2024 08:31:51 GMT
File typeWeb Open Font Format, TrueType, length 80484, version 1.0\012- data Hash2d0415fa29ea596b7a02c78eddeede20 80d33a73cbb60e206ef6f5c898988641576c7dda 48745629a252fb4e8d2750527c0d49341c2c17d5fe5bc6a37ec82b062ae84c9c
GET /app/fonts/fa-solid-900.woff HTTP/1.1
Host: kwik.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://kwik.cx/app/css/downstream.css
DNT: 1
Connection: keep-alive
Cookie: kwik_session=eyJpdiI6IjBPZ2JpMzdVbUpMTDFzbmtmMytpbWc9PSIsInZhbHVlIjoiR1hHSlIrMFhTa0FyTFN4TjBnRDBCOERkQ0VKbHNlVDVrTUpwSTFyeGdXL0xmZTFqcUxmMndXZTYrNnh2SXpxb2k3Q3FRR1N5TmFyTDZuMmZFNEZHZ2RHZHcxV2xxYXI1c2lMaG5WbzNNR3YwbkV0N3VKSXZxdmY3TGhUdERKRm8iLCJtYWMiOiJlZmNlODgyY2MxYWU5ZmE2ZDZkZGNmMDlmNDBhYWJkYjQ3YzIzODY4MmFkNTYxZWY1N2FkZjI0NDU1YWM0YTM0IiwidGFnIjoiIn0%3D; srv=s0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 23 Nov 2023 19:16:48 GMT
content-type: font/woff
content-length: 80484
last-modified: Thu, 06 May 2021 07:01:15 GMT
expires: Wed, 13 Nov 2024 00:42:11 GMT
cache-control: max-age=31536000
content-security-policy: frame-ancestors 'self' animepahe.com *.animepahe.com animepahe.org *.animepahe.org animepahe.ru *.animepahe.ru
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27813
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNOiktsZMfpCuzcgxhHesTfgYfEAsOODP%2FoHJnUylv%2FA9KL8Fuqjrizd6mCShKsBOmnRCzq8%2FNYMa1ds%2FpAd%2FTnUAqe5LumxadnhR2%2Fkn%2BXg4QB6GcCylkDc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82abbfab5b8e5efd-ARN
alt-svc: h3=":443"; ma=86400
|
|
| crumbtypewriterhome.com/pixel/pure | 173.233.139.164 | 200 OK | 0 B |
URL POST HTTP/1.1crumbtypewriterhome.com/pixel/pure IP173.233.139.164:443
Requested byhttps://kwik.cx/f/tHcIY2A5JxLK CertificateIssuerLet's Encrypt Subjectcrumbtypewriterhome.com Fingerprint78:1C:9F:D8:70:6E:A2:C5:D9:4C:B7:92:E5:DB:87:83:F0:17:C8:39 ValidityTue, 17 Oct 2023 06:45:40 GMT - Mon, 15 Jan 2024 06:45:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
OPTIONS /pixel/pure HTTP/1.1
Host: crumbtypewriterhome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://kwik.cx/
Origin: https://kwik.cx
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.21.6
Date: Thu, 23 Nov 2023 19:16:48 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0
|
|
| announceproposition.com/4e/5e/04/4e5e04716f26fd21bf611637f4fb8a46.json | 192.243.59.13 | 403 Forbidden | 0 B |
URL GET HTTP/1.1announceproposition.com/4e/5e/04/4e5e04716f26fd21bf611637f4fb8a46.json IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://kwik.cx/f/tHcIY2A5JxLK CertificateIssuerLet's Encrypt Subjectannounceproposition.com Fingerprint6E:F1:06:B2:7E:FB:E5:6A:79:5D:D6:AE:96:D2:0C:50:02:46:32:18 ValidityThu, 26 Oct 2023 06:06:19 GMT - Wed, 24 Jan 2024 06:06:18 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /4e/5e/04/4e5e04716f26fd21bf611637f4fb8a46.json HTTP/1.1
Host: announceproposition.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kwik.cx
DNT: 1
Connection: keep-alive
Referer: https://kwik.cx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Thu, 23 Nov 2023 19:16:48 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
|
|
| kwik.cx/cdn-cgi/rum? | 104.21.235.5 | 204 No Content | 0 B |
IP104.21.235.5:443
Requested byhttps://kwik.cx/f/tHcIY2A5JxLK CertificateIssuerGoogle Trust Services LLC Subjectkwik.cx FingerprintDB:82:23:F7:9F:16:59:48:AB:81:05:C8:45:FF:6F:DD:34:89:51:DD ValidityMon, 30 Oct 2023 08:31:52 GMT - Sun, 28 Jan 2024 08:31:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: kwik.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kwik.cx/f/tHcIY2A5JxLK
content-type: application/json
Content-Length: 1034
Origin: https://kwik.cx
DNT: 1
Connection: keep-alive
Cookie: kwik_session=eyJpdiI6IjBPZ2JpMzdVbUpMTDFzbmtmMytpbWc9PSIsInZhbHVlIjoiR1hHSlIrMFhTa0FyTFN4TjBnRDBCOERkQ0VKbHNlVDVrTUpwSTFyeGdXL0xmZTFqcUxmMndXZTYrNnh2SXpxb2k3Q3FRR1N5TmFyTDZuMmZFNEZHZ2RHZHcxV2xxYXI1c2lMaG5WbzNNR3YwbkV0N3VKSXZxdmY3TGhUdERKRm8iLCJtYWMiOiJlZmNlODgyY2MxYWU5ZmE2ZDZkZGNmMDlmNDBhYWJkYjQ3YzIzODY4MmFkNTYxZWY1N2FkZjI0NDU1YWM0YTM0IiwidGFnIjoiIn0%3D; srv=s0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Thu, 23 Nov 2023 19:16:48 GMT
access-control-allow-origin: https://kwik.cx
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 82abbfac8da05efd-ARN
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| crumbtypewriterhome.com/pixel/pure | 173.233.139.164 | 200 OK | 0 B |
URL POST HTTP/1.1crumbtypewriterhome.com/pixel/pure IP173.233.139.164:443
Requested byhttps://kwik.cx/f/tHcIY2A5JxLK CertificateIssuerLet's Encrypt Subjectcrumbtypewriterhome.com Fingerprint78:1C:9F:D8:70:6E:A2:C5:D9:4C:B7:92:E5:DB:87:83:F0:17:C8:39 ValidityTue, 17 Oct 2023 06:45:40 GMT - Mon, 15 Jan 2024 06:45:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /pixel/pure HTTP/1.1
Host: crumbtypewriterhome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 72
Origin: https://kwik.cx
DNT: 1
Connection: keep-alive
Referer: https://kwik.cx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 23 Nov 2023 19:16:48 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| kwik.cx/apple-touch-icon-xlarge.png | 104.21.235.5 | 200 OK | 986 B |
URL GET HTTP/3kwik.cx/apple-touch-icon-xlarge.png IP104.21.235.5:443
Requested byhttps://kwik.cx/f/tHcIY2A5JxLK CertificateIssuerGoogle Trust Services LLC Subjectkwik.cx FingerprintDB:82:23:F7:9F:16:59:48:AB:81:05:C8:45:FF:6F:DD:34:89:51:DD ValidityMon, 30 Oct 2023 08:31:52 GMT - Sun, 28 Jan 2024 08:31:51 GMT
File typePNG image data, 144 x 144, 8-bit colormap, non-interlaced\012- data Hashc4ad85c66872b7a9fe42430b0af76a57 e88a793210bc189f2f3219614694fb7986da0ce9 ec871b7a49449661bcfa6517f23168f776cbcdb966208b02422280b939c191c4
GET /apple-touch-icon-xlarge.png HTTP/1.1
Host: kwik.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kwik.cx/f/tHcIY2A5JxLK
DNT: 1
Connection: keep-alive
Cookie: kwik_session=eyJpdiI6IjBPZ2JpMzdVbUpMTDFzbmtmMytpbWc9PSIsInZhbHVlIjoiR1hHSlIrMFhTa0FyTFN4TjBnRDBCOERkQ0VKbHNlVDVrTUpwSTFyeGdXL0xmZTFqcUxmMndXZTYrNnh2SXpxb2k3Q3FRR1N5TmFyTDZuMmZFNEZHZ2RHZHcxV2xxYXI1c2lMaG5WbzNNR3YwbkV0N3VKSXZxdmY3TGhUdERKRm8iLCJtYWMiOiJlZmNlODgyY2MxYWU5ZmE2ZDZkZGNmMDlmNDBhYWJkYjQ3YzIzODY4MmFkNTYxZWY1N2FkZjI0NDU1YWM0YTM0IiwidGFnIjoiIn0%3D; srv=s0; ppu_show_on_4e5e04716f26fd21bf611637f4fb8a46=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 23 Nov 2023 19:16:48 GMT
content-type: image/png
content-length: 986
last-modified: Thu, 06 May 2021 07:01:15 GMT
expires: Fri, 08 Nov 2024 22:22:24 GMT
cache-control: max-age=31536000
content-security-policy: frame-ancestors 'self' animepahe.com *.animepahe.com animepahe.org *.animepahe.org animepahe.ru *.animepahe.ru
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 467
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bE%2FHTDlOln87Ow7JwxlcrVmEx36gkK8BfmLb0huyj2fvkkSa%2BjKNoBiNFiEmuOUas3je9kQhBaW8lp5Acp36bpvPlSghtMeK6MNNw1pWfL9CtRwVQo8AyM4i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82abbfad4ec85efd-ARN
alt-svc: h3=":443"; ma=86400
|
|
| unseenreport.com/pxf.gif?uuid=&eb=9bf68ed9d01aeb653fdee9b270073f61&te=5df14af813199869c48be8416ae741f5&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=12.2079&b_frame=0&pk=4e5e04716f26fd21bf611637f4fb8a46&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19 | 192.243.61.225 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=&eb=9bf68ed9d01aeb653fdee9b270073f61&te=5df14af813199869c48be8416ae741f5&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=12.2079&b_frame=0&pk=4e5e04716f26fd21bf611637f4fb8a46&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://kwik.cx/f/tHcIY2A5JxLK CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint79:45:7F:58:D5:82:45:0A:7D:1E:FF:7A:98:05:26:E9:D6:FE:91:14 ValidityWed, 22 Nov 2023 07:56:28 GMT - Tue, 20 Feb 2024 07:56:27 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=&eb=9bf68ed9d01aeb653fdee9b270073f61&te=5df14af813199869c48be8416ae741f5&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=12.2079&b_frame=0&pk=4e5e04716f26fd21bf611637f4fb8a46&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kwik.cx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 23 Nov 2023 19:16:49 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 984f61253f62a02624fdf56155268a62
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| poshhateful.com/advertisers.js | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1poshhateful.com/advertisers.js IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://kwik.cx/f/tHcIY2A5JxLK CertificateIssuerLet's Encrypt Subjectposhhateful.com Fingerprint09:1B:D4:CD:8D:F4:21:A5:6D:69:6B:94:44:22:68:E2:5C:64:29:B7 ValidityFri, 13 Oct 2023 07:18:19 GMT - Thu, 11 Jan 2024 07:18:18 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /advertisers.js HTTP/1.1
Host: poshhateful.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kwik.cx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 23 Nov 2023 19:16:49 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 32d964ff43f1108431fe6c910929496f
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=&eb=9bf68ed9d01aeb653fdee9b270073f61&te=5df14af813199869c48be8416ae741f5&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=12.2079&b_frame=0&pk=4e5e04716f26fd21bf611637f4fb8a46&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19 | 192.243.61.225 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=&eb=9bf68ed9d01aeb653fdee9b270073f61&te=5df14af813199869c48be8416ae741f5&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=12.2079&b_frame=0&pk=4e5e04716f26fd21bf611637f4fb8a46&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://kwik.cx/f/tHcIY2A5JxLK CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint79:45:7F:58:D5:82:45:0A:7D:1E:FF:7A:98:05:26:E9:D6:FE:91:14 ValidityWed, 22 Nov 2023 07:56:28 GMT - Tue, 20 Feb 2024 07:56:27 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=&eb=9bf68ed9d01aeb653fdee9b270073f61&te=5df14af813199869c48be8416ae741f5&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=12.2079&b_frame=0&pk=4e5e04716f26fd21bf611637f4fb8a46&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kwik.cx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 23 Nov 2023 19:16:52 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 51ccee9d62fc6760d87e2b0a83e09f9c
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| kwik.cx/app/js/vendor/plyr.min.js | 104.21.235.5 | 200 OK | 109 kB |
URL GET HTTP/3kwik.cx/app/js/vendor/plyr.min.js IP104.21.235.5:443
Requested byhttps://kwik.cx/f/tHcIY2A5JxLK CertificateIssuerGoogle Trust Services LLC Subjectkwik.cx FingerprintDB:82:23:F7:9F:16:59:48:AB:81:05:C8:45:FF:6F:DD:34:89:51:DD ValidityMon, 30 Oct 2023 08:31:52 GMT - Sun, 28 Jan 2024 08:31:51 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size109 kB (109224 bytes) Hash2d6755e90499a54c0c220e09d2f48ee0 373a95bdbd55850bc16ff348e27cdb0d73612f7d eb93a72cd5a9dc226bad1816d0a4c13beb2e47ed18228d0ca291811548e92e4d
GET /app/js/vendor/plyr.min.js HTTP/1.1
Host: kwik.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kwik.cx/f/tHcIY2A5JxLK
DNT: 1
Connection: keep-alive
Cookie: kwik_session=eyJpdiI6IjBPZ2JpMzdVbUpMTDFzbmtmMytpbWc9PSIsInZhbHVlIjoiR1hHSlIrMFhTa0FyTFN4TjBnRDBCOERkQ0VKbHNlVDVrTUpwSTFyeGdXL0xmZTFqcUxmMndXZTYrNnh2SXpxb2k3Q3FRR1N5TmFyTDZuMmZFNEZHZ2RHZHcxV2xxYXI1c2lMaG5WbzNNR3YwbkV0N3VKSXZxdmY3TGhUdERKRm8iLCJtYWMiOiJlZmNlODgyY2MxYWU5ZmE2ZDZkZGNmMDlmNDBhYWJkYjQ3YzIzODY4MmFkNTYxZWY1N2FkZjI0NDU1YWM0YTM0IiwidGFnIjoiIn0%3D; srv=s0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 23 Nov 2023 19:16:47 GMT
content-type: application/javascript
last-modified: Sat, 21 Jan 2023 19:27:00 GMT
vary: Accept-Encoding
expires: Thu, 14 Nov 2024 01:39:06 GMT
cache-control: max-age=31536000
content-security-policy: frame-ancestors 'self' animepahe.com *.animepahe.com animepahe.org *.animepahe.org animepahe.ru *.animepahe.ru
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 213395
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2FWfH9T6ITkQtibK%2FXfSO%2BKhlcZcB3LLMuvsOtbF4qY4dsoIZsVIGUoDVqLCHxcLzttdhBfJBrBaQKf59wonpH6kRjnqXmyyjIIhcUMuP0JdHgTq9So33A6h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82abbfa60ab25efd-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 104.21.235.5 | 200 OK | 86 kB |
URL User Request GET HTTP/2IP104.21.235.5:443
CertificateIssuerGoogle Trust Services LLC Subjectkwik.cx FingerprintDB:82:23:F7:9F:16:59:48:AB:81:05:C8:45:FF:6F:DD:34:89:51:DD ValidityMon, 30 Oct 2023 08:31:52 GMT - Sun, 28 Jan 2024 08:31:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f/tHcIY2A5JxLK HTTP/1.1
Host: kwik.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 23 Nov 2023 19:16:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache
set-cookie: kwik_session=eyJpdiI6IjBPZ2JpMzdVbUpMTDFzbmtmMytpbWc9PSIsInZhbHVlIjoiR1hHSlIrMFhTa0FyTFN4TjBnRDBCOERkQ0VKbHNlVDVrTUpwSTFyeGdXL0xmZTFqcUxmMndXZTYrNnh2SXpxb2k3Q3FRR1N5TmFyTDZuMmZFNEZHZ2RHZHcxV2xxYXI1c2lMaG5WbzNNR3YwbkV0N3VKSXZxdmY3TGhUdERKRm8iLCJtYWMiOiJlZmNlODgyY2MxYWU5ZmE2ZDZkZGNmMDlmNDBhYWJkYjQ3YzIzODY4MmFkNTYxZWY1N2FkZjI0NDU1YWM0YTM0IiwidGFnIjoiIn0%3D; expires=Thu, 23 Nov 2023 21:16:47 GMT; Max-Age=7200; path=/; httponly
srv=s0; path=/; HttpOnly; Secure
expires: Thu, 01 Jan 1970 00:00:01 GMT
content-security-policy: frame-ancestors 'self' animepahe.com *.animepahe.com animepahe.org *.animepahe.org animepahe.ru *.animepahe.ru
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1cuYzkC6QvU6vgA15%2B9DvBal67TP7xFgTO%2F5dKt7MAxn%2F%2BpJ2HR%2Bmz0cvJdDJW64Axs5nUpphC32EKOZ%2BQ8yRLZbNqKyGvtzCauBj5Hng51137AQ%2BasOkLXj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82abbfa2da010a28-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 | 104.16.56.101 | 200 OK | 20 kB |
URL GET HTTP/2static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 IP104.16.56.101:443
Requested byhttps://kwik.cx/f/tHcIY2A5JxLK CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint89:79:35:ED:04:A2:CA:50:F7:9A:B8:FE:DF:A5:0C:B1:F2:E6:DD:E8 ValidityMon, 10 Apr 2023 00:00:00 GMT - Tue, 09 Apr 2024 23:59:59 GMT
File typeASCII text, with very long lines (19986), with no line terminators Hashdd1d068fdb5fe90b6c05a5b3940e088c 0d96f9df8772633a9df4c81cf323a4ef8998ba59 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
GET /beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kwik.cx
DNT: 1
Connection: keep-alive
Referer: https://kwik.cx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 23 Nov 2023 19:16:47 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2023.10.0"
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 82abbfa61a35b51e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| simplewebanalysis.com/stats | 0.0.0.0 | | 0 B |
URL GET simplewebanalysis.com/stats IP0.0.0.0:0
Requested byhttps://kwik.cx/f/tHcIY2A5JxLK
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kwik.cx
DNT: 1
Connection: keep-alive
Referer: https://kwik.cx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| addresseepaper.com/sfp.js | 0.0.0.0 | | 0 B |
URL GET addresseepaper.com/sfp.js IP0.0.0.0:0
Requested byhttps://kwik.cx/f/tHcIY2A5JxLK
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kwik.cx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| addresseepaper.com/sfp.js | 0.0.0.0 | | 0 B |
URL GET addresseepaper.com/sfp.js IP0.0.0.0:0
Requested byhttps://kwik.cx/f/tHcIY2A5JxLK
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kwik.cx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| simplewebanalysis.com/stats | 0.0.0.0 | | 0 B |
URL GET simplewebanalysis.com/stats IP0.0.0.0:0
Requested byhttps://kwik.cx/f/tHcIY2A5JxLK
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kwik.cx
DNT: 1
Connection: keep-alive
Referer: https://kwik.cx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| kwik.cx/app/css/bulma.min.css | 104.21.235.5 | 200 OK | 207 kB |
URL GET HTTP/3kwik.cx/app/css/bulma.min.css IP104.21.235.5:443
Requested byhttps://kwik.cx/f/tHcIY2A5JxLK CertificateIssuerGoogle Trust Services LLC Subjectkwik.cx FingerprintDB:82:23:F7:9F:16:59:48:AB:81:05:C8:45:FF:6F:DD:34:89:51:DD ValidityMon, 30 Oct 2023 08:31:52 GMT - Sun, 28 Jan 2024 08:31:51 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size207 kB (206620 bytes) Hash04ba689c01d96e600ef0cc16bb0bb72a 06411de8efc0aa3ca9629073023011b2f9fcde22 503b5b507aa95557d799d25c41553f6df0c4afdc6575fdc36ddd12843d147ff6
GET /app/css/bulma.min.css HTTP/1.1
Host: kwik.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kwik.cx/f/tHcIY2A5JxLK
DNT: 1
Connection: keep-alive
Cookie: kwik_session=eyJpdiI6IjBPZ2JpMzdVbUpMTDFzbmtmMytpbWc9PSIsInZhbHVlIjoiR1hHSlIrMFhTa0FyTFN4TjBnRDBCOERkQ0VKbHNlVDVrTUpwSTFyeGdXL0xmZTFqcUxmMndXZTYrNnh2SXpxb2k3Q3FRR1N5TmFyTDZuMmZFNEZHZ2RHZHcxV2xxYXI1c2lMaG5WbzNNR3YwbkV0N3VKSXZxdmY3TGhUdERKRm8iLCJtYWMiOiJlZmNlODgyY2MxYWU5ZmE2ZDZkZGNmMDlmNDBhYWJkYjQ3YzIzODY4MmFkNTYxZWY1N2FkZjI0NDU1YWM0YTM0IiwidGFnIjoiIn0%3D; srv=s0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 23 Nov 2023 19:16:47 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 08 Aug 2021 13:11:30 GMT
vary: Accept-Encoding
expires: Fri, 15 Nov 2024 02:48:43 GMT
cache-control: max-age=31536000
content-security-policy: frame-ancestors 'self' animepahe.com *.animepahe.com animepahe.org *.animepahe.org animepahe.ru *.animepahe.ru
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 37865
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ykMxWDQTI8AsMJIAtYurCkZ89ZbP5B5VhRk5d6eRoeH6T3WgQ%2B6wn4UDBMOCYvnGZn9dHAJ9A8SW466%2Bxcq6Lpqi1uymxrEkMln9cDLQrOxp7kwWFRokEW6x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82abbfa5faa45efd-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kwik.cx/app/js/vendor/jquery.min.js | 104.21.235.5 | 200 OK | 90 kB |
URL GET HTTP/3kwik.cx/app/js/vendor/jquery.min.js IP104.21.235.5:443
Requested byhttps://kwik.cx/f/tHcIY2A5JxLK CertificateIssuerGoogle Trust Services LLC Subjectkwik.cx FingerprintDB:82:23:F7:9F:16:59:48:AB:81:05:C8:45:FF:6F:DD:34:89:51:DD ValidityMon, 30 Oct 2023 08:31:52 GMT - Sun, 28 Jan 2024 08:31:51 GMT
File typeASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /app/js/vendor/jquery.min.js HTTP/1.1
Host: kwik.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kwik.cx/f/tHcIY2A5JxLK
DNT: 1
Connection: keep-alive
Cookie: kwik_session=eyJpdiI6IjBPZ2JpMzdVbUpMTDFzbmtmMytpbWc9PSIsInZhbHVlIjoiR1hHSlIrMFhTa0FyTFN4TjBnRDBCOERkQ0VKbHNlVDVrTUpwSTFyeGdXL0xmZTFqcUxmMndXZTYrNnh2SXpxb2k3Q3FRR1N5TmFyTDZuMmZFNEZHZ2RHZHcxV2xxYXI1c2lMaG5WbzNNR3YwbkV0N3VKSXZxdmY3TGhUdERKRm8iLCJtYWMiOiJlZmNlODgyY2MxYWU5ZmE2ZDZkZGNmMDlmNDBhYWJkYjQ3YzIzODY4MmFkNTYxZWY1N2FkZjI0NDU1YWM0YTM0IiwidGFnIjoiIn0%3D; srv=s0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 23 Nov 2023 19:16:47 GMT
content-type: application/javascript
last-modified: Sun, 08 Aug 2021 13:12:26 GMT
vary: Accept-Encoding
expires: Sun, 10 Nov 2024 01:32:46 GMT
cache-control: max-age=31536000
content-security-policy: frame-ancestors 'self' animepahe.com *.animepahe.com animepahe.org *.animepahe.org animepahe.ru *.animepahe.ru
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 37865
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nc2uAQBpmUQCL0T8EiuYPCSAU5sNjltPC3vhc3oqklp%2BBcJrhLWnOUjiVF2qrtx6CURvVc04Izkban1POOPcI7dpPjyFtSv0flWO3uvdpbyD%2FJc7FNcnfav8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82abbfa60ab15efd-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| simplewebanalysis.com/stats | 0.0.0.0 | | 0 B |
URL GET simplewebanalysis.com/stats IP0.0.0.0:0
Requested byhttps://kwik.cx/f/tHcIY2A5JxLK
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kwik.cx
DNT: 1
Connection: keep-alive
Referer: https://kwik.cx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| kwik.cx/favicon.ico | 104.21.235.5 | 200 OK | 1.2 kB |
IP104.21.235.5:443
Requested byhttps://kwik.cx/f/tHcIY2A5JxLK CertificateIssuerGoogle Trust Services LLC Subjectkwik.cx FingerprintDB:82:23:F7:9F:16:59:48:AB:81:05:C8:45:FF:6F:DD:34:89:51:DD ValidityMon, 30 Oct 2023 08:31:52 GMT - Sun, 28 Jan 2024 08:31:51 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data Hash27c1d4ab20011d3559c9a3caeb440a87 b373641aa8642e7abeaa07591c7ff098e2d189a6 d1631af86d36e32fe39bc585f02886841c2c4e7f43b46051dc61f0c29d956be0
GET /favicon.ico HTTP/1.1
Host: kwik.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kwik.cx/f/tHcIY2A5JxLK
DNT: 1
Connection: keep-alive
Cookie: kwik_session=eyJpdiI6IjBPZ2JpMzdVbUpMTDFzbmtmMytpbWc9PSIsInZhbHVlIjoiR1hHSlIrMFhTa0FyTFN4TjBnRDBCOERkQ0VKbHNlVDVrTUpwSTFyeGdXL0xmZTFqcUxmMndXZTYrNnh2SXpxb2k3Q3FRR1N5TmFyTDZuMmZFNEZHZ2RHZHcxV2xxYXI1c2lMaG5WbzNNR3YwbkV0N3VKSXZxdmY3TGhUdERKRm8iLCJtYWMiOiJlZmNlODgyY2MxYWU5ZmE2ZDZkZGNmMDlmNDBhYWJkYjQ3YzIzODY4MmFkNTYxZWY1N2FkZjI0NDU1YWM0YTM0IiwidGFnIjoiIn0%3D; srv=s0; ppu_show_on_4e5e04716f26fd21bf611637f4fb8a46=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 23 Nov 2023 19:16:48 GMT
content-type: image/x-icon
last-modified: Thu, 06 May 2021 07:01:15 GMT
vary: Accept-Encoding
expires: Mon, 20 Nov 2023 01:53:16 GMT
cache-control: max-age=31536000
content-security-policy: frame-ancestors 'self' animepahe.com *.animepahe.com animepahe.org *.animepahe.org animepahe.ru *.animepahe.ru
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 95237
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IPxp6YbZgK5bo53RiJ3mgYpPOhVLJdtALCMAv5Anp3MJjVN8tDlePDwzxtiXjWj7syTuH1tpCY9kR3kXRGUBLlyJtDIveRAMtkDpvwyv9DjTiBhrE7pJltwF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82abbfad4ecb5efd-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kwik.cx/app/css/plyr.min.css | 104.21.235.5 | 200 OK | 35 kB |
URL GET HTTP/3kwik.cx/app/css/plyr.min.css IP104.21.235.5:443
Requested byhttps://kwik.cx/f/tHcIY2A5JxLK CertificateIssuerGoogle Trust Services LLC Subjectkwik.cx FingerprintDB:82:23:F7:9F:16:59:48:AB:81:05:C8:45:FF:6F:DD:34:89:51:DD ValidityMon, 30 Oct 2023 08:31:52 GMT - Sun, 28 Jan 2024 08:31:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /app/css/plyr.min.css HTTP/1.1
Host: kwik.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kwik.cx/f/tHcIY2A5JxLK
DNT: 1
Connection: keep-alive
Cookie: kwik_session=eyJpdiI6IjBPZ2JpMzdVbUpMTDFzbmtmMytpbWc9PSIsInZhbHVlIjoiR1hHSlIrMFhTa0FyTFN4TjBnRDBCOERkQ0VKbHNlVDVrTUpwSTFyeGdXL0xmZTFqcUxmMndXZTYrNnh2SXpxb2k3Q3FRR1N5TmFyTDZuMmZFNEZHZ2RHZHcxV2xxYXI1c2lMaG5WbzNNR3YwbkV0N3VKSXZxdmY3TGhUdERKRm8iLCJtYWMiOiJlZmNlODgyY2MxYWU5ZmE2ZDZkZGNmMDlmNDBhYWJkYjQ3YzIzODY4MmFkNTYxZWY1N2FkZjI0NDU1YWM0YTM0IiwidGFnIjoiIn0%3D; srv=s0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 23 Nov 2023 19:16:47 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 17 Oct 2021 07:43:37 GMT
vary: Accept-Encoding
expires: Sun, 10 Nov 2024 03:40:18 GMT
cache-control: max-age=31536000
content-security-policy: frame-ancestors 'self' animepahe.com *.animepahe.com animepahe.org *.animepahe.org animepahe.ru *.animepahe.ru
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 825926
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9m85uESD9mI9X75wMhLYlrm%2Bk0wJw9uc%2F7vLpWXQb4M20PDYTR%2B0DTU44cOc0YXCUnjZ%2B9NWLc%2BTBmTjwcMxTo0UaPK7hgZl4j9AVgoNs4GdKqEvu5eb4fFI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82abbfa5faa65efd-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kwik.cx/app/css/downstream.css | 104.21.235.5 | 200 OK | 53 kB |
URL GET HTTP/3kwik.cx/app/css/downstream.css IP104.21.235.5:443
Requested byhttps://kwik.cx/f/tHcIY2A5JxLK CertificateIssuerGoogle Trust Services LLC Subjectkwik.cx FingerprintDB:82:23:F7:9F:16:59:48:AB:81:05:C8:45:FF:6F:DD:34:89:51:DD ValidityMon, 30 Oct 2023 08:31:52 GMT - Sun, 28 Jan 2024 08:31:51 GMT
File typeASCII text, with very long lines (45945) Hash67d76e56283023cf299584a40c5fac9c bd6420c9fccf73578784f0b1c672d87c40f141c3 6e0605a5d02e1995e3a2d09063b63c73d0900e2cb23e7cd6c4794c7b84722ca0
GET /app/css/downstream.css HTTP/1.1
Host: kwik.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kwik.cx/f/tHcIY2A5JxLK
DNT: 1
Connection: keep-alive
Cookie: kwik_session=eyJpdiI6IjBPZ2JpMzdVbUpMTDFzbmtmMytpbWc9PSIsInZhbHVlIjoiR1hHSlIrMFhTa0FyTFN4TjBnRDBCOERkQ0VKbHNlVDVrTUpwSTFyeGdXL0xmZTFqcUxmMndXZTYrNnh2SXpxb2k3Q3FRR1N5TmFyTDZuMmZFNEZHZ2RHZHcxV2xxYXI1c2lMaG5WbzNNR3YwbkV0N3VKSXZxdmY3TGhUdERKRm8iLCJtYWMiOiJlZmNlODgyY2MxYWU5ZmE2ZDZkZGNmMDlmNDBhYWJkYjQ3YzIzODY4MmFkNTYxZWY1N2FkZjI0NDU1YWM0YTM0IiwidGFnIjoiIn0%3D; srv=s0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 23 Nov 2023 19:16:47 GMT
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=65103
content-security-policy: frame-ancestors 'self' animepahe.com *.animepahe.com animepahe.org *.animepahe.org animepahe.ru *.animepahe.ru
expires: Fri, 01 Nov 2024 06:21:56 GMT
last-modified: Thu, 28 Jul 2022 14:17:18 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000;includeSubDomains;preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 37865
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6Cn3sV4JlL%2FiYPlIGK4LFlNv26Zfke75xfcL3FJsxuSeevqt0AVjYwIJ8UihNd4ZwB3prbbUyI51j7D8GMWa%2BLeW1hWhAxswZ3od%2BzGLns54ZZV5E4spzkA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82abbfa60aaf5efd-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kwik.cx/app/js/downstream.js | 104.21.235.5 | 200 OK | 4.5 kB |
URL GET HTTP/3kwik.cx/app/js/downstream.js IP104.21.235.5:443
Requested byhttps://kwik.cx/f/tHcIY2A5JxLK CertificateIssuerGoogle Trust Services LLC Subjectkwik.cx FingerprintDB:82:23:F7:9F:16:59:48:AB:81:05:C8:45:FF:6F:DD:34:89:51:DD ValidityMon, 30 Oct 2023 08:31:52 GMT - Sun, 28 Jan 2024 08:31:51 GMT
File typeASCII text, with very long lines (4578), with no line terminators Hash282d95e540835c22299a649f145872fa 3c99ebab6bc1150ef9cbedcc05e2fb7784083de0 8735071202b01d161eb26c50fd6e020e9b2d839c91c94a0acf0cb52e19341576
GET /app/js/downstream.js HTTP/1.1
Host: kwik.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kwik.cx/f/tHcIY2A5JxLK
DNT: 1
Connection: keep-alive
Cookie: kwik_session=eyJpdiI6IjBPZ2JpMzdVbUpMTDFzbmtmMytpbWc9PSIsInZhbHVlIjoiR1hHSlIrMFhTa0FyTFN4TjBnRDBCOERkQ0VKbHNlVDVrTUpwSTFyeGdXL0xmZTFqcUxmMndXZTYrNnh2SXpxb2k3Q3FRR1N5TmFyTDZuMmZFNEZHZ2RHZHcxV2xxYXI1c2lMaG5WbzNNR3YwbkV0N3VKSXZxdmY3TGhUdERKRm8iLCJtYWMiOiJlZmNlODgyY2MxYWU5ZmE2ZDZkZGNmMDlmNDBhYWJkYjQ3YzIzODY4MmFkNTYxZWY1N2FkZjI0NDU1YWM0YTM0IiwidGFnIjoiIn0%3D; srv=s0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 23 Nov 2023 19:16:47 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=5990
content-security-policy: frame-ancestors 'self' animepahe.com *.animepahe.com animepahe.org *.animepahe.org animepahe.ru *.animepahe.ru
expires: Tue, 12 Nov 2024 04:39:42 GMT
last-modified: Thu, 14 Apr 2022 05:59:28 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000;includeSubDomains;preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 690198
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNDkUGZGDqTN5wcw54COc1%2FiaMsO1GKajPu3U7Vd%2BeAp8aN9wJscbzDRMaQ2jhnfWGjtGbTVlFD5llUoe4VF%2BYfC%2F6dsTUxerXeuuLYroosSxZYkBSlbc9bV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82abbfa60ab35efd-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|