{"report_id":"54980066-471c-4db5-a3c4-cd7fda819802","version":6,"status":"done","tags":[],"date":"2025-08-22T12:59:01Z","url":{"schema":"http","addr":"hianime.to","fqdn":"hianime.to","domain":"hianime.to","tld":"to"},"ip":{"addr":"104.21.112.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"hianime.to/","fqdn":"hianime.to","domain":"hianime.to","tld":"to"},"title":"Watch Anime Online, Free Anime Streaming Online on HiAnime.to Anime Website"},"submit":{"url":{"schema":"http","addr":"hianime.to","fqdn":"hianime.to","domain":"hianime.to","tld":"to"},"ip":{"addr":"104.21.112.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-09-26T12:59:01Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-22","alert":"Sinkholed","trigger":"vandalismloungenylon.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-22","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"creative-sb1.com","ip":{"addr":"104.21.80.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-01","domain_rank":22211,"first_seen":"2025-08-08T09:32:32.509707Z","last_seen":"2025-08-22T09:38:58.27174Z","alert_count":0,"request_count":5,"received_data":183741,"sent_data":2192,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"skinnycrawlinglax.com","ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2024-09-01","domain_rank":38609,"first_seen":"2025-07-09T22:28:05.771371Z","last_seen":"2025-08-21T00:42:16.068895Z","alert_count":5,"request_count":5,"received_data":7884,"sent_data":2646,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.250.74.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2025-08-20T15:44:05.006021Z","alert_count":0,"request_count":1,"received_data":87913,"sent_data":439,"comment":"","tags":null,"fingerprints":null},{"fqdn":"challenges.cloudflare.com","ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":11393,"first_seen":"2021-10-20T05:02:03Z","last_seen":"2025-08-20T16:16:44.009335Z","alert_count":0,"request_count":2,"received_data":98868,"sent_data":887,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"stackpath.bootstrapcdn.com","ip":{"addr":"104.18.11.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-25","domain_rank":21970,"first_seen":"2018-04-05T04:41:29Z","last_seen":"2025-08-20T23:09:22.866953Z","alert_count":0,"request_count":1,"received_data":160458,"sent_data":461,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"maxcdn.bootstrapcdn.com","ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-25","domain_rank":6807,"first_seen":"2014-06-18T00:37:31Z","last_seen":"2025-08-20T17:57:43.117157Z","alert_count":0,"request_count":1,"received_data":51997,"sent_data":442,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"professionaltrafficmonitor.com","ip":{"addr":"18.184.205.211","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2025-01-23","domain_rank":16376,"first_seen":"2025-01-25T08:56:07.448138Z","last_seen":"2025-08-15T14:27:45.733953Z","alert_count":0,"request_count":2,"received_data":838,"sent_data":886,"comment":"","tags":null,"fingerprints":null},{"fqdn":"vandalismloungenylon.com","ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-07-28","domain_rank":507909,"first_seen":"2025-07-30T08:46:36.131644Z","last_seen":"2025-08-16T04:30:56.486195Z","alert_count":6,"request_count":6,"received_data":190915,"sent_data":5792,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"torchfriendlypay.com","ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2024-09-01","domain_rank":191479,"first_seen":"2025-07-30T13:31:49.539518Z","last_seen":"2025-08-20T16:09:43.322745Z","alert_count":2,"request_count":2,"received_data":6388,"sent_data":941,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.show-sb.com","ip":{"addr":"172.67.170.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-08-20","domain_rank":187612,"first_seen":"2024-08-31T03:46:04Z","last_seen":"2025-08-16T06:17:17.841362Z","alert_count":0,"request_count":1,"received_data":3723,"sent_data":486,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"hianime.to","ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":1674,"first_seen":"2024-03-01T05:20:54Z","last_seen":"2025-08-10T03:58:16.563801Z","alert_count":0,"request_count":8,"received_data":294054,"sent_data":3923,"comment":"","tags":null,"fingerprints":[{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"BootstrapCDN:4.1.3","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bootstrap:4.4.1","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"ShareThis","description":"ShareThis provides free engagement and growth tools (e.g., share buttons, follow buttons, and reaction buttons) for site owners.","website":"https://sharethis.com","common_platform_enumeration":"","icon":"ShareThis.png","categories":["Widgets"]}]},{"fqdn":"cdn.storageimagedisplay.com","ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2024-09-13","domain_rank":170153,"first_seen":"2024-09-13T12:56:32Z","last_seen":"2025-08-22T06:18:22.747826Z","alert_count":0,"request_count":1,"received_data":6771,"sent_data":482,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-08-20T15:14:21.137874Z","alert_count":0,"request_count":2,"received_data":22899,"sent_data":901,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"use.fontawesome.com","ip":{"addr":"172.67.142.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-10-18","domain_rank":6983,"first_seen":"2017-01-30T04:43:25Z","last_seen":"2025-08-20T16:59:08.991462Z","alert_count":0,"request_count":2,"received_data":117432,"sent_data":976,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-08-20T15:12:53.478307Z","alert_count":0,"request_count":2,"received_data":685105,"sent_data":880,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.noitatnemucod.net","ip":{"addr":"172.67.166.106","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-02-26","domain_rank":376048,"first_seen":"2024-03-01T20:07:01Z","last_seen":"2025-08-17T17:35:44.89127Z","alert_count":0,"request_count":6,"received_data":81165,"sent_data":2784,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":20606,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2025-08-19T21:48:17.555582Z","alert_count":0,"request_count":2,"received_data":171926,"sent_data":816,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-08-20T15:10:53.071671Z","alert_count":0,"request_count":6,"received_data":114533,"sent_data":3220,"comment":"","tags":null,"fingerprints":null},{"fqdn":"weirdopt.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":37519,"first_seen":"2025-07-08T12:55:47.272157Z","last_seen":"2025-08-20T04:32:20.993418Z","alert_count":0,"request_count":1,"received_data":377,"sent_data":413,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"flushpersist.com","ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2025-07-01","domain_rank":23810,"first_seen":"2025-07-08T10:43:12.76905Z","last_seen":"2025-08-19T21:48:17.550909Z","alert_count":0,"request_count":2,"received_data":992,"sent_data":1524,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=UA-304498478-1\u0026cx=c\u0026gtm=4e58k1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a168f0cf476da966c6ad83d5ace6f70c","sha1":"8df6d9198617eb33b3e50371d4c5f3ac3fe96bd1","sha256":"b3a94bf6039f397fa5fce4a8217bd9f191daf7591c3aa9e57a6cc8f3106b1cc7","sha512":"10bbf15b9b408c9036fcd6fcd714135ad3ede3bbff7a22542c1c327950bf4a6b4439bde3edbd16795b66323dd9c83e481b6eb3d0005c50f6de17fed4d8e1b79b","ssdeep":"6144:DYqVja60UJo4uPhrNyyAtTQ2HG//wWasd8CGPgAX:8qV26Fo4uPhrNyn2oi8zos","tlshash":"7c4409cc73d6b42683a36478503f114bb23b7992f84cd894e182d8d52e74aaa4277f7d","size":273111,"data":"","first_seen":"2025-08-22T12:59:04.729544Z","last_seen":"2025-08-22T12:59:04.729544Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"a524ecfbd97124fd2e9c3f6ad371ca23","sha1":"a281b89a51cfe367f92816be50eba55ccc0eaee6","sha256":"5549a01f3d1c788c8e44dc8a54e5c9103880b5608d3b44e0a0ea4ebd124dc18f","sha512":"dbfa06ea3faf0b6451668b8634e61e52c71ac098f26b08551cac54344128a205b2378e56953102dda758aa63fab8ed1e22c3a74eda39a154caff8f2b6b3bdee5","ssdeep":"96:WhmlSzNzYF4RWz3qVeBYJ2gzAKAYaR/tCP/KZhWAEGo:SmAz+60BSF81RM3KZoGo","tlshash":"b1a1618e3f81b4ac069270372f3f6e0ef13a5c55195ad4d8d202a0a47f28a39d4b6b55","size":5080,"data":"","first_seen":"2025-08-06T23:31:31.906679Z","last_seen":"2025-09-26T10:32:45.122277Z","times_seen":4581,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"a524ecfbd97124fd2e9c3f6ad371ca23","sha1":"a281b89a51cfe367f92816be50eba55ccc0eaee6","sha256":"5549a01f3d1c788c8e44dc8a54e5c9103880b5608d3b44e0a0ea4ebd124dc18f","sha512":"dbfa06ea3faf0b6451668b8634e61e52c71ac098f26b08551cac54344128a205b2378e56953102dda758aa63fab8ed1e22c3a74eda39a154caff8f2b6b3bdee5","ssdeep":"96:WhmlSzNzYF4RWz3qVeBYJ2gzAKAYaR/tCP/KZhWAEGo:SmAz+60BSF81RM3KZoGo","tlshash":"b1a1618e3f81b4ac069270372f3f6e0ef13a5c55195ad4d8d202a0a47f28a39d4b6b55","size":5080,"data":"","first_seen":"2025-08-06T23:31:31.906679Z","last_seen":"2025-09-26T10:32:45.122277Z","times_seen":4581,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/chat/mob/ssp/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.80.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"561acb3e541133bbdd2c0c19f8ee35a1","sha1":"ffd1353cf3f77d25f801c84d8208613eb0d3d548","sha256":"9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc","sha512":"8a647ed6f56b4da93c7a034609060991cc8080350f057f4f2af2c369f18af066db3b4e77701fc017027fd774264a6d0f84927239d7d2f693edc6f7d6a0917be3","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakV:YYh8eip3hXuf6IidlrvakdtQ47GKl","tlshash":"f993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89492,"data":"","first_seen":"2023-03-07T01:04:00Z","last_seen":"2026-04-03T18:56:22.048855Z","times_seen":6515,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-R34F2GCSBW","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fe576b1072a837c459b5f3f265acdfb","sha1":"43a1f621b11ea652103920ed8190893726c0dc68","sha256":"cd61bae23f202346ba0e5a754dbc5652e71eab23ce49285ed014d1f5d07ea8c2","sha512":"20dedb46973335e30102ea06a77905a0669af46994d5b5fc0471b76e961befff49ad6e630bf4e3ccf0865f9cae180909aa2a3254e23ef90d0fe183089ec7c0d8","ssdeep":"6144:OYqVj58wySUJo4uPhrNCyAtTQsyZw//wWasza/r44ua77:XqV98wyro4uPhrNCn2R2a/9P","tlshash":"239418ce73d674269396f478503f018ba57b29a2b44cc899f189cce42e74a9a4137f7c","size":409967,"data":"","first_seen":"2025-08-22T12:59:04.71717Z","last_seen":"2025-08-22T12:59:04.71717Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-03T21:01:33.789905Z","times_seen":118051,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vandalismloungenylon.com/67/84/54/67845425021f776b630c899590731bf0.js","fqdn":"vandalismloungenylon.com","domain":"vandalismloungenylon.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0031e956e03617f5f15477e8efea3072","sha1":"c0eb9ef60da08b38441f25221925f04b480cb226","sha256":"5893f1398673a311466ba73f0c2b6ca3bb8a2e0db1754b0b72c67e46f495f8cc","sha512":"b56d96eb0726fb5bcc2225fe78b3af61c06520a482ebb97398e9d14f31bf251ba49255c827ad9435ae2d3f7a3296673334c268b6e21ecbcebd507f452f7143ee","ssdeep":"1536:dKIOanNmVJiUsbaeBvat/xp1P2PNrdMCC2cevmiwB/BDMCIu+5Y:3oVJiUs7ahxp521rcuZwH2un","tlshash":"fca3b8487f90fcbe02566033663f951bf1aa0e415958c988d11afdb42a3c31bfa3da75","size":105883,"data":"","first_seen":"2025-08-22T12:59:04.738121Z","last_seen":"2025-08-22T12:59:04.738121Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"9a7c64cd9e2f93a5e933b9046195cd8b","sha1":"504061aa1124da8ddc037136f57a06fa5a0d6f21","sha256":"837a214c5b2a6efe1220ccc779d278c6e1a5f7631cd2ba471e0c52feee298b71","sha512":"f707e957a8b6387c288d98a4afec66d07472d628b84784a3069296b427d316ee5dc1b775549e254ac0497056e895a6a530d8f57b2631c3bdf8e211220b7c19c1","ssdeep":"","tlshash":"d0f0813056c107b2876bd264e867f746753d0457f00c0119f81d374e1a797eb05c69da","size":564,"data":"","first_seen":"2025-05-19T22:35:18.545457Z","last_seen":"2025-08-27T04:23:44.194857Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vandalismloungenylon.com/54/b5/36/54b536712684480f5bddc4d3fd1ac8a1.js","fqdn":"vandalismloungenylon.com","domain":"vandalismloungenylon.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"64f3e0e2e46623d794f6026ddfe07c2c","sha1":"069c4291975ba5be90a425fc85e46330fcccfbd1","sha256":"ce356cae4921a82bfe8fb0262a2125b1c8e5da20e495d57fb6a4effc76d8b4f3","sha512":"d560093a04d18af6009475720464392c44c6987999a2c1b492ea3e2c852237ea2e1329b339345ffd28f23ea95c56ca061afba07a212b98b5a558ebfd23e58c11","ssdeep":"768:Y2DcxIm9xZqw648+QhS8u+Jcj/XcdNjNmmOdY08kUbTehzbcepw6f:Y2Dc1I4x5O+jvcEdY0U3fE","tlshash":"3e63c7483f51b27802e6b8fa712fa61af0261c1195d8e4d8f503f4deae66719f036f25","size":72607,"data":"","first_seen":"2025-08-22T12:59:04.739205Z","last_seen":"2025-08-22T12:59:04.739205Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google-analytics.com/analytics.js","fqdn":"www.google-analytics.com","domain":"google-analytics.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f24128d0c9cba7be2916c693427a3483","sha1":"1b6397d496ea896ebc2018b01b995cee4f166029","sha256":"58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8","sha512":"c4950733b44e258bbc817ce6396f002caec1e11a6413fd0038c9baef2d5f1d992b1fd0ec52515aba52faedb52c28b996a7fc063f28a0f45f3aab5e2f91bf5be5","ssdeep":"96:A1VdZYqhPnjpWx4/eTe8qSMbqaQd6VL2Jyt9LdJoyayCVPVD5wdBfQPfCHiUr3:AXdZYqNjpU4yPqSMbqaQGL2QfdDayCZC","tlshash":"a6a1dc9939fb50210233b1bd1bafa918b23895236208dd61b98c9364bf94437d7f1fc9","size":4691,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-04-03T21:30:45.138169Z","times_seen":768892,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hianime.to/","fqdn":"hianime.to","domain":"hianime.to","tld":"to"},"ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6219fa645887d409054252fc882bf785","sha1":"64cb0a2c100a9c6199dd186763da0730ae0fcd0c","sha256":"b1bd626e1cf765a96050fe25f7edfa69c2ad25c04132f0e40a15534600d6298e","sha512":"a51e664cd8c373a10865f8e9043a7c6667b7f9c437c31db1acb7b39804404a46a7d3569210e39846a1046df8a43db2091a6b2b03eb611179f421396ee334dd13","ssdeep":"","tlshash":"12c08c8c250b4cb141ab2a0d0bafa200b016321394d099213a0f63088f20e13eb54814","size":173,"data":"","first_seen":"2025-02-22T18:51:42.356957Z","last_seen":"2026-03-11T18:54:36.998008Z","times_seen":121,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js?render=explicit","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"49d515b98ccae9634aff66a4ca77af98","sha1":"bfa5462a4f47c2350dcd0b3000e9cb54bec63c21","sha256":"4ca696d2fb66b44648a8fd55bc9eeaa6958dd9e523c4a740365823c30d4fc087","sha512":"856b855e0662da94dc3d314080976df11b5cb203d5ac498bacd9d201013e82258ee66ba1c3bb948e0ea71dd319345d9988be765daa3a276f8571e1787a38cc39","ssdeep":"768:XC6BRV2fM4lLa+rnhPLy6PuR8u5jUjRFPlBMqfspV6q11AY13kep+ORWqxIrm3LW:J2E4lLa+rnhT/oj2P6V6GNI","tlshash":"8f231b583256793227e980e1617ba74373257939e94ccc50d423c86536bcecad233fba","size":48995,"data":"","first_seen":"2025-08-15T11:12:03.097811Z","last_seen":"2025-09-08T12:15:40.897517Z","times_seen":20901,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maxcdn.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js","fqdn":"maxcdn.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"67176c242e1bdc20603c878dee836df3","sha1":"27a71b00383d61ef3c489326b3564d698fc1227c","sha256":"56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4","sha512":"9fa75814e1b9f7db38fe61a503a13e60b82d83db8f4ce30351bd08a6b48c0d854baf472d891af23c443c8293380c2325c7b3361b708af9971aa0ea09a25cdd0a","ssdeep":"768:E9Yw7GuJM+HV0cen/7Kh5rM7V4RxCKg8FW/xsXQUd+FiID65r48Hgp5HRl+:E9X7PMIM7V4R5LFAxTWyuHHgp5HRl+","tlshash":"3533b649725078b201df9176913f460bb736788ea907816cb95d98ed2e7cd89322bf3c","size":51039,"data":"","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-04-03T20:51:13.496457Z","times_seen":120580,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hianime.to/","fqdn":"hianime.to","domain":"hianime.to","tld":"to"},"ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"bbf0e97f77f7dd3baaf9e9f78e12adc7","sha1":"cd42ab9f1687e7cc57da46e4bfc7ec2fb223c6ab","sha256":"b87c0111f1ce927cbc013706071b24be691e95900e36f00d3fdea50ce5c468ac","sha512":"3027f83492d2943f271c7bc077d09fd935a67c73a81b275faeea081622b289c0d35f46731e3817e59f1ba259195ee6c033f98db88019e97b2a0dc4f8cbce5f38","ssdeep":"","tlshash":"fcf0270bb9e9a121143731798d6fb601362e510b61c48e003fed86d09f958389267a0d","size":463,"data":"","first_seen":"2025-02-20T03:28:38.602287Z","last_seen":"2026-03-11T18:54:36.999264Z","times_seen":45,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hianime.to/sandbox%20eval%20code","fqdn":"hianime.to","domain":"hianime.to","tld":"to"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"92b651082ce234f66bb544e678befda3","sha1":"14c21c55ddce43b6f677caadf51d4ab98c6a3df8","sha256":"25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded","sha512":"b4fcbc037e0a3d91db2a624921e96b878e9e18dd998ad5649d77d7d053faf28b09c8725a0542aef702310bf85f3037b70985c274db8acabd021efb171d41f361","ssdeep":"","tlshash":"34c08ca3e74026ae2a1166b2b810e003a2866b015aa78402b00a003b1441fe21aaa1a8","size":147,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-04-03T21:30:45.105594Z","times_seen":770432,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"18.184.205.211","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hianime.to\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 22 Aug 2025 12:58:40 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://hianime.to\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=5c1a4625-c7b5-4c2f-8fca-697edc317d1a:3:1; expires=Mon, 20 Aug 2035 12:58:40 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"d6ecc43cb5c6135234bb69f6e3fca32e","sha1":"c26d9599a15b5a3ba4c47b09ada5e8c4941aa6fa","sha256":"58058f145228e62708966e30c6258e0389d018ec0f053ab3dea6d875498e52c2","sha512":"6ab5edcbe39029033cff6f082648fa111a610099fb67011c58228d0488177f28cb7341ab5ba245ef4f3c39a35656142473dda87d7edb46f8bc043a400bdeacea","ssdeep":"","tlshash":"ab9000c032830ea3c2b2022c08082a00c23ec8308ab8aa0200b0c8203082accf3be222","first_seen":"2025-08-22T12:59:04.712464Z","last_seen":"2025-08-22T12:59:04.712464Z","times_seen":1,"resource_available":false,"data":null}},"time_used":411,"timings":{"blocked":192,"dns":8,"connect":25,"send":0,"wait":21,"receive":0,"ssl":162},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:300,400,700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:40.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"DF:A1:DB:1F:BC:5E:31:D7:F8:FE:26:E3:B9:B3:02:98:B1:C8:50:EC","sha256":"A2:57:20:B6:AE:46:89:B9:39:C7:57:9B:1E:43:96:E3:5A:BC:7E:3F:1D:18:10:34:CC:53:3D:DB:78:4E:5C:21"}}},"request":{"raw":"GET /css?family=Roboto:300,400,700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 22 Aug 2025 12:58:40 GMT\r\ndate: Fri, 22 Aug 2025 12:58:40 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16755,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"e9d2e14beb088f37fae98294940a9dcd","sha1":"1dafc3c55550249c8c2d782d5616c7b445c8e005","sha256":"f2e491cc46d3fcba81f729065d622bd722751d4a2e7f80b479aa64a92c17b5c7","sha512":"64025ea9b660d5e1d45a593a27345e152ba6b5ef95daceee5e43201319a555eb5457cfe1ecdcc725202063a22c5f406f3ba4607863d5b714c378f144bcdea5f7","ssdeep":"384:pjf5jgjPjrjyUj/qY4+j4jYjpjfMj1jWj6jyhj/qY4XjNjtj4jfdjkjDj3jyQj/E:p90DXOU/R08toBy+Oh/EBpcZwPLOQ/VK","tlshash":"e5722291041740009b835ce223cebf35fe1f92117152d0b5abfd9b6badcbc66526939d","first_seen":"2025-06-02T17:27:24.212334Z","last_seen":"2026-01-19T16:22:17.33804Z","times_seen":5482,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vandalismloungenylon.com/impr.gif?sid=H4sIAAAAAAAC_1RSTYscRRiu3uQWQfwggiDMIYiCM9s93fOVHIIxbgjmiySyBwlaXz1bbndXW9U9PTunxUXZizCCB731PrObjWsQ8wMEnfW2IGSEwArZS8AfoJCzzOzA6gv9vk_XU1U87_PWl1v5EfGR08Nb1_VARRFdbNTcylvLKhG6sJUbdyueW3MvVJZV0gwuVPrTZHrnPT-ouW9Xrki-qhfrrue6nutVlpSRoe4vzlio9GHHq3XcWlCveY0AffP_f5s7sNSB6B2Rl6HE5MVn4UdQfIwk_umytKuZTt95P84jmmmDntj9MFlNdJEgPoGhcRAmu_Pd0HZCyLcL0MnuvAPo3va0AzA1IQtnn4Ilu3OZYL2dY6UsgkzAxBkUvTFkNIaiY3C9ASUeE4AL3LiJJL5_Q5uCrh2zdMpOyOnn_0AVE3L66atI4h8vRapfuaOjPFM6seiHJVR_DNUdI833kQ0WoIp98OxzKPE7WXx-DUm8fdNGGkocnmOMBp2wJaqu2wiqQatDq6zF_Go7DD1PUtpgbT6zSIVjUOsgn37KQR46yFMHsTisBG474B71m2FH8JYb0CAQkrmddt11aYe3kPOp9iGydAgeDcHNOlKzjlU1hMl_gV0pYYUDmxH0RIlCEhSWoKAEhSIoMoKiV-6IyNZteV9ENmfevNbn1S9HOutu0R2ddWVCQM0QRpTbKv3MboBnp0aD0IqRnibKsr2lar3ZalXbH7sjykS5lR6Rl6YGO5vnnmBVHlYaAWv4zZZXb7aDoO2GDSYED4QfCo_yNvVgVQllF2a2DNSEXDnzK1I1IW_e-xOM7sNGY3B1FjR_A7QoQVdKDJK9FUUTFctapiF0iTQ7jWzN2YqOyOuzAd-7-xiSH1z8K5wFuCmRmhKfqt8IutHm6LYuyPZtXVjy6GaaqVgN6HT4dzKayVN7H8i1Qhtx9bIdfv8unxJT-PCutNk1mgiVdC354ZISQpolbbgkP1-1y5Ldyu3KpdwkeXrt1ntLV-PUSGuVTsagakKcvw24mpBXvntt9rCDJ8-gzBgmLxHnB2Qe4Ok6bHqi3WoCE53wLHVQ5OXI1NnJYqQm5Po3DxDJg4vlF4--Ov_JC6CshJX_OXiCR4ZOb6Cq3LKb6BoHNNtAEpfomRK9qASNhrD5qVGWmoOLf_izAIucEYuMs80iE319bLNVh5XQl3Xuuu1W0_PbofT8QPCw0Q46okld35fI7GTlgVr_NwAA__-oYDFOugQAAA==","fqdn":"vandalismloungenylon.com","domain":"vandalismloungenylon.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:41.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"vandalismloungenylon.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Mon, 28 Jul 2025 18:59:15 GMT","end":"Sun, 26 Oct 2025 18:59:14 GMT"},"fingerprint":{"sha1":"59:A0:73:EC:67:E0:43:E4:69:AC:F7:4E:B9:74:23:F3:83:C6:92:68","sha256":"15:65:55:BB:83:D4:9F:D7:04:F4:99:4F:69:65:67:25:64:0B:18:B5:42:BB:38:48:62:98:4E:7C:AB:02:C2:23"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RSTYscRRiu3uQWQfwggiDMIYiCM9s93fOVHIIxbgjmiySyBwlaXz1bbndXW9U9PTunxUXZizCCB731PrObjWsQ8wMEnfW2IGSEwArZS8AfoJCzzOzA6gv9vk_XU1U87_PWl1v5EfGR08Nb1_VARRFdbNTcylvLKhG6sJUbdyueW3MvVJZV0gwuVPrTZHrnPT-ouW9Xrki-qhfrrue6nutVlpSRoe4vzlio9GHHq3XcWlCveY0AffP_f5s7sNSB6B2Rl6HE5MVn4UdQfIwk_umytKuZTt95P84jmmmDntj9MFlNdJEgPoGhcRAmu_Pd0HZCyLcL0MnuvAPo3va0AzA1IQtnn4Ilu3OZYL2dY6UsgkzAxBkUvTFkNIaiY3C9ASUeE4AL3LiJJL5_Q5uCrh2zdMpOyOnn_0AVE3L66atI4h8vRapfuaOjPFM6seiHJVR_DNUdI833kQ0WoIp98OxzKPE7WXx-DUm8fdNGGkocnmOMBp2wJaqu2wiqQatDq6zF_Go7DD1PUtpgbT6zSIVjUOsgn37KQR46yFMHsTisBG474B71m2FH8JYb0CAQkrmddt11aYe3kPOp9iGydAgeDcHNOlKzjlU1hMl_gV0pYYUDmxH0RIlCEhSWoKAEhSIoMoKiV-6IyNZteV9ENmfevNbn1S9HOutu0R2ddWVCQM0QRpTbKv3MboBnp0aD0IqRnibKsr2lar3ZalXbH7sjykS5lR6Rl6YGO5vnnmBVHlYaAWv4zZZXb7aDoO2GDSYED4QfCo_yNvVgVQllF2a2DNSEXDnzK1I1IW_e-xOM7sNGY3B1FjR_A7QoQVdKDJK9FUUTFctapiF0iTQ7jWzN2YqOyOuzAd-7-xiSH1z8K5wFuCmRmhKfqt8IutHm6LYuyPZtXVjy6GaaqVgN6HT4dzKayVN7H8i1Qhtx9bIdfv8unxJT-PCutNk1mgiVdC354ZISQpolbbgkP1-1y5Ldyu3KpdwkeXrt1ntLV-PUSGuVTsagakKcvw24mpBXvntt9rCDJ8-gzBgmLxHnB2Qe4Ok6bHqi3WoCE53wLHVQ5OXI1NnJYqQm5Po3DxDJg4vlF4--Ov_JC6CshJX_OXiCR4ZOb6Cq3LKb6BoHNNtAEpfomRK9qASNhrD5qVGWmoOLf_izAIucEYuMs80iE319bLNVh5XQl3Xuuu1W0_PbofT8QPCw0Q46okld35fI7GTlgVr_NwAA__-oYDFOugQAAA== HTTP/1.1\r\nHost: vandalismloungenylon.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nCookie: uid_id2=bba49f7d-0054-479a-b7b3-8ff11eaa5b8c:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl25699542=1; slec54b536712684480f5bddc4d3fd1ac8a1=[6116561]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Fri, 22 Aug 2025 12:58:41 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nset-cookie: iprc_l+5e48c659340142647f5a694d4c8e86f6=6116561; expires=Sat, 23 Aug 2025 12:58:41 GMT; path=/; secure; SameSite=None\niprc_l:6116561=3; expires=Sat, 23 Aug 2025 12:58:41 GMT; path=/; secure; SameSite=None\niprc_a+cfb2fe31b1ad0f87abe5b025133bbffd=127602; expires=Sat, 23 Aug 2025 12:58:41 GMT; path=/; secure; SameSite=None\niprc_a:127602=1; expires=Sat, 23 Aug 2025 12:58:41 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 4\r\nHost: vandalismloungenylon.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 9efb26e661089eec931ad0ecf614f146\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T21:31:01.969645Z","times_seen":13304312,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-22","alert":"Sinkholed","trigger":"vandalismloungenylon.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:41.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"43:A0:95:35:FB:C7:02:15:92:9E:20:20:0D:0A:E7:8F:93:61:52:CD","sha256":"F1:59:AE:4E:F0:84:C7:D9:0F:67:4F:CB:FE:A6:ED:7D:47:17:4F:83:AA:B4:ED:FE:F5:F2:69:A8:AB:43:0E:0B"}}},"request":{"raw":"GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hianime.to\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 21 Aug 2025 10:09:08 GMT\r\nexpires: Fri, 21 Aug 2026 10:09:08 GMT\r\ncache-control: public, max-age=31536000\r\nage: 96573\r\nlast-modified: Thu, 29 May 2025 23:30:55 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-03T21:31:02.085282Z","times_seen":713106,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=878\u0026rd=878\u0026fd=555\u0026bv=25.8.5278\u0026tmpl=70","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.810Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Jun 2025 22:31:57 GMT","end":"Fri, 26 Sep 2025 22:31:56 GMT"},"fingerprint":{"sha1":"C1:1A:8F:9D:C9:3D:22:4D:0E:AA:D9:B9:1C:98:E3:DC:41:83:82:4F","sha256":"B2:2E:9D:A4:0D:D7:A4:C2:A4:C1:7F:A9:E3:2A:AF:DE:7B:7F:BF:6A:1D:DC:6A:9C:AB:BF:98:D7:C2:A6:40:2E"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=878\u0026rd=878\u0026fd=555\u0026bv=25.8.5278\u0026tmpl=70 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Fri, 22 Aug 2025 12:58:40 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T21:31:01.969645Z","times_seen":13304312,"resource_available":true,"data":null}},"time_used":687,"timings":{"blocked":293,"dns":1,"connect":102,"send":0,"wait":94,"receive":0,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-22","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2","fqdn":"use.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"172.67.142.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.579Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"use.fontawesome.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 02 Jul 2025 01:25:22 GMT","end":"Tue, 30 Sep 2025 02:25:16 GMT"},"fingerprint":{"sha1":"DA:FB:BC:1A:2B:40:16:07:27:DC:AC:27:1C:83:0A:53:D4:C7:76:89","sha256":"9D:29:3F:F4:AE:5F:81:A2:AC:DA:2A:E5:E7:B6:28:70:ED:CA:69:A2:02:75:E1:B5:87:B8:5B:08:2B:9B:62:7E"}}},"request":{"raw":"GET /releases/v5.3.1/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: use.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hianime.to\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://use.fontawesome.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 22 Aug 2025 12:58:39 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 67400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MA38qlpjAsypJVBa7IrOWHXaGc4TgrNe%2Bkzn1dprZ7uxS2bTmdvd4sUo66qY0BialsuBHS%2BIwQ%2FBLa34ugB%2FHMstWKjROa3KFV4J%2Fu%2B5ZjA8yDI%3D\"}]}\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31556926\r\netag: \"14a08198ec7d1eb96d515362293fed36\"\r\nlast-modified: Fri, 22 Sep 2023 01:45:31 GMT\r\nvary: Origin, Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\naccept-ranges: bytes\r\nage: 1474134\r\ncf-ray: 97328afd9a3780fa-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":67400,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 67400, version 1.0","md5":"14a08198ec7d1eb96d515362293fed36","sha1":"965d78c34637d1bdab6277805faecb6caa959669","sha256":"ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d","sha512":"34acab25b3b994d3bdcdcd0fd64d0dabab4fad67cbf8367bf1dac0463014c2ed539249131cb180a2fb889697c210513747592a7bd76b56d2f75ad208ffc4a5a5","ssdeep":"1536:2O/rKdbROVPcdQuj+SO+T9/FTlyIdXuSQLbNDD4KKr9:B/rkRwD6+SpR/VcWXu/V8r9","tlshash":"dc6301027bc646a1d1ff95b113bffd30668a2dd6a002dcd3910b51016e99b8edee642b","first_seen":"2023-04-09T21:30:22Z","last_seen":"2026-04-03T19:44:39.778182Z","times_seen":4174,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":29,"dns":1,"connect":8,"send":0,"wait":21,"receive":12,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.575Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"43:A0:95:35:FB:C7:02:15:92:9E:20:20:0D:0A:E7:8F:93:61:52:CD","sha256":"F1:59:AE:4E:F0:84:C7:D9:0F:67:4F:CB:FE:A6:ED:7D:47:17:4F:83:AA:B4:ED:FE:F5:F2:69:A8:AB:43:0E:0B"}}},"request":{"raw":"GET /s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hianime.to\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7884\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 21 Aug 2025 10:32:29 GMT\r\nexpires: Fri, 21 Aug 2026 10:32:29 GMT\r\ncache-control: public, max-age=31536000\r\nage: 95170\r\nlast-modified: Wed, 23 Apr 2025 16:05:59 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7884,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7884, version 1.0","md5":"9212f6f9860f9fc6c69b02fedf6db8c3","sha1":"ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b","sha256":"7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f","sha512":"67317495f4b53e20a9f31c034e456e6c37f387dffb2c092caa5159bc441cfcadd02749ffe5bbed1d580d5300a59e48a767ef2c6d9978b474f84c1a2cd095c126","ssdeep":"192:xLFDbKO9E3rS3JWBRO/J601FSS5ZUbik3Zy2f0:pd9J5W501otlI","tlshash":"c3f1ae4eb3f2cd1be40982e53a0fc90b1c578272681fd772d067a22517893bc8db2c81","first_seen":"2023-04-05T15:35:34Z","last_seen":"2026-04-03T21:31:38.565831Z","times_seen":294975,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":119,"dns":0,"connect":22,"send":0,"wait":9,"receive":0,"ssl":101},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-R34F2GCSBW","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:34:03 GMT","end":"Mon, 29 Sep 2025 08:34:02 GMT"},"fingerprint":{"sha1":"A2:8A:24:AD:51:7D:A4:62:BB:34:6F:C9:21:A1:B9:E1:2D:A6:0E:C1","sha256":"9F:B9:94:8F:84:D3:44:71:A7:81:72:C8:80:4D:14:02:E3:E0:30:0C:F1:17:27:83:00:82:D9:C3:68:D3:B3:AF"}}},"request":{"raw":"GET /gtag/js?id=G-R34F2GCSBW HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 22 Aug 2025 12:58:39 GMT\r\nexpires: Fri, 22 Aug 2025 12:58:39 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1106:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1106:0\r\nreport-to: {\"group\":\"ascgcycc:1106:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1106:0\"}],}\r\nserver: Google Tag Manager\r\ncontent-length: 136437\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":409967,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6006)","md5":"8fe576b1072a837c459b5f3f265acdfb","sha1":"43a1f621b11ea652103920ed8190893726c0dc68","sha256":"cd61bae23f202346ba0e5a754dbc5652e71eab23ce49285ed014d1f5d07ea8c2","sha512":"20dedb46973335e30102ea06a77905a0669af46994d5b5fc0471b76e961befff49ad6e630bf4e3ccf0865f9cae180909aa2a3254e23ef90d0fe183089ec7c0d8","ssdeep":"6144:OYqVj58wySUJo4uPhrNCyAtTQsyZw//wWasza/r44ua77:XqV98wyro4uPhrNCn2R2a/9P","tlshash":"239418ce73d674269396f478503f018ba57b29a2b44cc899f189cce42e74a9a4137f7c","first_seen":"2025-08-22T12:59:04.71717Z","last_seen":"2025-08-22T12:59:04.71717Z","times_seen":1,"resource_available":true,"data":null}},"time_used":775,"timings":{"blocked":319,"dns":1,"connect":23,"send":0,"wait":60,"receive":59,"ssl":310},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.noitatnemucod.net/avatar/100x100/berserk/berserk_04.png","fqdn":"cdn.noitatnemucod.net","domain":"noitatnemucod.net","tld":"net"},"ip":{"addr":"172.67.166.106","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.040Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noitatnemucod.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 12:07:41 GMT","end":"Sat, 08 Nov 2025 13:06:14 GMT"},"fingerprint":{"sha1":"2C:99:64:84:FE:61:C5:30:BA:C0:F8:97:C8:3A:B2:06:69:04:A4:57","sha256":"C7:AA:17:DB:CD:4D:9E:83:2C:5B:9A:2A:59:65:9D:AC:24:53:E0:01:26:10:1D:95:A3:0A:CA:22:8C:8F:FC:D1"}}},"request":{"raw":"GET /avatar/100x100/berserk/berserk_04.png HTTP/1.1\r\nHost: cdn.noitatnemucod.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 22 Aug 2025 12:58:39 GMT\r\ncontent-type: image/png\r\ncontent-length: 13812\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 21 Apr 2025 13:43:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68064b8c-18799\"\r\nx-cache: HIT\r\naccept-ranges: bytes\r\nage: 2437\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SVo6FV271Mhd1pkWyvH5fuGmE7JW3KNQxXB%2Bmf3Jv8TrhBSDKdJA3t2%2BNLCr2BlF7ttmQr8u5YH4MLoXq8v6ZCktLb1zgDcc79PfyZ2%2BW%2Bbo22S9zw%3D%3D\"}]}\r\ncf-ray: 97328afa5c1cb000-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13812,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, interlaced","md5":"c08db0ee136222638983331b0d6b0ba4","sha1":"2d7243b55d063ac7b80edb10e808d4a4af82782a","sha256":"2341d8ddedb27a1f577634632951af786c485eeadc6ffc0666d57a200af1ce7e","sha512":"e5026b960259dd387830c24671a3b010f6facae26430968ba48cf093815ba893647ab2c40f8835fc5387e249127f99da80bbf2a6baf286eac50d82ff9d7eb37d","ssdeep":"384:oOQtudrGCO2t179Md+NDOofXPQ7I/T/oh/S:o90QCO2t179bDOoJbr","tlshash":"5852d04728fc7340847d359db8efb9c8d11fb9f9de781208ab86ee8e1801750e858ca4","first_seen":"2025-06-06T17:34:06.815179Z","last_seen":"2025-08-22T12:59:04.718355Z","times_seen":3,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":54,"dns":0,"connect":0,"send":0,"wait":14,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.811Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Jun 2025 22:31:57 GMT","end":"Fri, 26 Sep 2025 22:31:56 GMT"},"fingerprint":{"sha1":"C1:1A:8F:9D:C9:3D:22:4D:0E:AA:D9:B9:1C:98:E3:DC:41:83:82:4F","sha256":"B2:2E:9D:A4:0D:D7:A4:C2:A4:C1:7F:A9:E3:2A:AF:DE:7B:7F:BF:6A:1D:DC:6A:9C:AB:BF:98:D7:C2:A6:40:2E"}}},"request":{"raw":"GET /9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Fri, 22 Aug 2025 12:58:40 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 2336\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 07a781ed58a1eb51d5f8bb1b8dbce9d4\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5080,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5080), with no line terminators","md5":"a524ecfbd97124fd2e9c3f6ad371ca23","sha1":"a281b89a51cfe367f92816be50eba55ccc0eaee6","sha256":"5549a01f3d1c788c8e44dc8a54e5c9103880b5608d3b44e0a0ea4ebd124dc18f","sha512":"dbfa06ea3faf0b6451668b8634e61e52c71ac098f26b08551cac54344128a205b2378e56953102dda758aa63fab8ed1e22c3a74eda39a154caff8f2b6b3bdee5","ssdeep":"96:WhmlSzNzYF4RWz3qVeBYJ2gzAKAYaR/tCP/KZhWAEGo:SmAz+60BSF81RM3KZoGo","tlshash":"b1a1618e3f81b4ac069270372f3f6e0ef13a5c55195ad4d8d202a0a47f28a39d4b6b55","first_seen":"2025-08-06T23:31:31.906679Z","last_seen":"2025-09-26T10:32:45.122277Z","times_seen":4581,"resource_available":true,"data":null}},"time_used":699,"timings":{"blocked":292,"dns":1,"connect":103,"send":0,"wait":106,"receive":0,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-22","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.816Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 01 Jul 2025 15:11:38 GMT","end":"Mon, 29 Sep 2025 15:11:37 GMT"},"fingerprint":{"sha1":"F9:52:70:4B:81:A8:F8:39:E6:E7:96:8F:EA:FE:17:FD:96:C5:32:E3","sha256":"D8:C9:87:B5:89:5E:D4:F4:8D:FD:98:3C:31:39:42:67:D3:20:27:14:A9:AD:F2:AB:97:A4:48:0F:94:F0:FF:A2"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Fri, 22 Aug 2025 12:58:39 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 28254\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 6b7927873c73058a2036202b6d3c5d39\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":177,"timings":{"blocked":57,"dns":0,"connect":17,"send":0,"wait":34,"receive":18,"ssl":48},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"172.67.170.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:40.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 11:11:15 GMT","end":"Sat, 08 Nov 2025 12:08:40 GMT"},"fingerprint":{"sha1":"46:26:78:BD:18:7A:95:15:D4:B3:89:73:FE:7E:99:33:18:7F:21:3E","sha256":"AD:6B:6A:10:54:38:33:B9:BB:A6:FD:B7:B0:1B:2E:9D:62:B8:47:35:C4:E6:7B:F6:4A:92:AA:75:B0:29:F7:F3"}}},"request":{"raw":"GET /sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hianime.to\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 22 Aug 2025 12:58:40 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Tue, 29 Mar 2022 08:27:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FFLmITGxeMXrUEYB3ofPhzuiU%2FFUbd269mkjBkkPBT8RDvtMZKOvL7TUH%2BHslpzZB5pUFOXBKyuJYBlOHA4PTh2GNtGEoTRwVajq5TVPIQ%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 97328b041b4823a0-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2977,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"027fddd0d322239ada2f2b8b93934fda","sha1":"6f99560bca5c6d8d747c802f26058344eb179cec","sha256":"a5b2073d8f57ef0469b777f73d6c3f4a85cc17b4c2ed2a53aa3f1acb2273dbd5","sha512":"2c2eff668f38734b17c8847dfe11b5b40027948a1ebf24d6a763c44ab0b0fc63d260f69f9b3e0eefd8d82646223d88df36a256155ab3b7c21078a697e052afc8","ssdeep":"","tlshash":"26517d101fa8cc3670b08128a7233e2a7b9f6083931a6764317d5c255f949ea777f6f1","first_seen":"2023-05-18T23:46:38Z","last_seen":"2026-01-17T18:50:06.211937Z","times_seen":1108,"resource_available":false,"data":null}},"time_used":188,"timings":{"blocked":36,"dns":0,"connect":8,"send":0,"wait":114,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/chat/mob/ssp/1/img/close.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.80.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:40.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 01 Jul 2025 14:01:22 GMT","end":"Mon, 29 Sep 2025 14:59:36 GMT"},"fingerprint":{"sha1":"CD:76:E0:2A:28:09:08:24:2D:4C:A1:14:B2:AE:6C:39:A4:CC:2F:6B","sha256":"8B:98:84:C0:8D:47:7C:1B:A7:26:4B:E4:9E:6E:FD:8E:E1:6D:6E:41:1D:E7:91:B7:70:A3:C1:D0:C0:85:6B:31"}}},"request":{"raw":"GET /sb/chat/mob/ssp/1/img/close.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 22 Aug 2025 12:58:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 5982\r\nserver: cloudflare\r\nlast-modified: Sat, 07 May 2022 04:02:16 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"6275ef48-175e\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 1224113\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o3vWDD74S2ou%2F2%2BMkMk5FRO0Tw3zk4DZHB2cpdu2NnzpqFysDBeSs5qJZyZXU2DNgy3TpGY69ihhb2dK7iWF2tKXs9HrsxdrCVQxTgDps40%3D\"}]}\r\ncf-ray: 97328b05b94796bf-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5982,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced","md5":"c489ce2c491a22ee37a55e26a92dfd73","sha1":"2fa588ab09e94dd902e5bd24b48f98ad1949c9d6","sha256":"1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd","sha512":"fe6a53296238283eac984b1912bfe7fbbdf5f0692f59f86e7e1ca989555a81be786ff29b9f8644443b2ace8137d412b6d9a92b0edf7f595ddf36058702a2d0d0","ssdeep":"96:FSDZ/I09Da01l+gmkyTt6Hk8nTbo5GZNKEBX97O+co2RF9JNssCgSSiiFr4uolec:FSDS0tKg9E05TAYwEBPwF9JNsTgSSL3C","tlshash":"80c1afeff8a058cf4566b7021c8e4080fbaa713d835536b4d4a092dc958be4a0fd7475","first_seen":"2023-04-05T23:50:36Z","last_seen":"2026-04-03T18:56:21.987759Z","times_seen":4059,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hianime.to/","fqdn":"hianime.to","domain":"hianime.to","tld":"to"},"ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-22T12:58:38.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hianime.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 09 Aug 2025 15:14:50 GMT","end":"Fri, 07 Nov 2025 16:13:26 GMT"},"fingerprint":{"sha1":"DC:A8:7E:36:7D:7E:50:EA:F4:A7:BF:44:C8:B0:0E:66:93:41:62:EA","sha256":"00:F0:AD:9A:D1:77:78:80:8B:E2:66:30:F9:CF:C4:AB:13:35:72:19:FC:C4:78:BE:82:E2:BE:20:0F:FA:59:3F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: hianime.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 22 Aug 2025 12:58:38 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-dns-prefetch-control: on\r\nexpect-ct: max-age=0\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff, nosniff\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0, 1; mode=block\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BUGX6VFUtfRNwT8JeDt2R8guVH7xXX9w3IqMm51bS5NVbqqC%2BfoYPZVt3erzskEeWJ8z9qQQE9xdU9XoHixMAeJHPzb4g3AsqF8%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 97328af7ed31dabb-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"BootstrapCDN:4.1.3","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bootstrap:4.4.1","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"ShareThis","description":"ShareThis provides free engagement and growth tools (e.g., share buttons, follow buttons, and reaction buttons) for site owners.","website":"https://sharethis.com","common_platform_enumeration":"","icon":"ShareThis.png","categories":["Widgets"]}],"data":{"size":30959,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (479), with CRLF, LF line terminators","md5":"da2c26991183596b77b5e769e6f53282","sha1":"70edc9e875c15a55d516bb9394e1e62bf13a93ee","sha256":"75f917e9b5a9be10bdee0370a901f6b6e81de9d7e544c30fe12b09c512abed55","sha512":"ddccc714ae2f0f54daf62fa19334babe7dbaf5d298359c3edaac9ae4f1d439601e10831275faf9d7a4ee80036743696791149b0a1e4192eb6802f83a5f61c6f6","ssdeep":"384:VZU5eBfx3yGC737TZ4Qjfa+rtibwaSTYQar6ga:VZkeBojHZ4qfVE0aSYQar6ga","tlshash":"0ad2b312a5f6003b066291a17b363b5bef86e55bd60a56047afc47c86fc3e86cc3319c","first_seen":"2025-08-22T12:59:04.72218Z","last_seen":"2025-08-22T12:59:04.72218Z","times_seen":1,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":36,"dns":1,"connect":8,"send":0,"wait":93,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.826Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Jun 2025 22:21:33 GMT","end":"Fri, 26 Sep 2025 22:21:32 GMT"},"fingerprint":{"sha1":"4A:6A:48:C8:5B:C5:2B:2E:9C:03:AF:BF:4C:E6:10:23:E2:7B:EA:97","sha256":"A8:42:B5:4A:20:C8:13:EF:B5:90:0F:54:37:F7:05:60:8D:91:07:E3:A4:0F:7A:22:C9:AF:F1:F5:22:E8:68:C9"}}},"request":{"raw":"GET /1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Fri, 22 Aug 2025 12:58:40 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 2336\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: f3e9cb78dc6e6826050fffedddff7c6e\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5080,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5080), with no line terminators","md5":"a524ecfbd97124fd2e9c3f6ad371ca23","sha1":"a281b89a51cfe367f92816be50eba55ccc0eaee6","sha256":"5549a01f3d1c788c8e44dc8a54e5c9103880b5608d3b44e0a0ea4ebd124dc18f","sha512":"dbfa06ea3faf0b6451668b8634e61e52c71ac098f26b08551cac54344128a205b2378e56953102dda758aa63fab8ed1e22c3a74eda39a154caff8f2b6b3bdee5","ssdeep":"96:WhmlSzNzYF4RWz3qVeBYJ2gzAKAYaR/tCP/KZhWAEGo:SmAz+60BSF81RM3KZoGo","tlshash":"b1a1618e3f81b4ac069270372f3f6e0ef13a5c55195ad4d8d202a0a47f28a39d4b6b55","first_seen":"2025-08-06T23:31:31.906679Z","last_seen":"2025-09-26T10:32:45.122277Z","times_seen":4581,"resource_available":true,"data":null}},"time_used":439,"timings":{"blocked":-1,"dns":26,"connect":102,"send":0,"wait":104,"receive":0,"ssl":207},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.040Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"DF:A1:DB:1F:BC:5E:31:D7:F8:FE:26:E3:B9:B3:02:98:B1:C8:50:EC","sha256":"A2:57:20:B6:AE:46:89:B9:39:C7:57:9B:1E:43:96:E3:5A:BC:7E:3F:1D:18:10:34:CC:53:3D:DB:78:4E:5C:21"}}},"request":{"raw":"GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30399\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 20 Aug 2025 11:30:47 GMT\r\nexpires: Thu, 20 Aug 2026 11:30:47 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 178072\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":86927,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-03T21:01:33.789905Z","times_seen":118051,"resource_available":true,"data":null}},"time_used":336,"timings":{"blocked":-1,"dns":1,"connect":10,"send":0,"wait":8,"receive":8,"ssl":306},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hianime.to/favicon-16x16.png","fqdn":"hianime.to","domain":"hianime.to","tld":"to"},"ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:40.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hianime.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 09 Aug 2025 15:14:50 GMT","end":"Fri, 07 Nov 2025 16:13:26 GMT"},"fingerprint":{"sha1":"DC:A8:7E:36:7D:7E:50:EA:F4:A7:BF:44:C8:B0:0E:66:93:41:62:EA","sha256":"00:F0:AD:9A:D1:77:78:80:8B:E2:66:30:F9:CF:C4:AB:13:35:72:19:FC:C4:78:BE:82:E2:BE:20:0F:FA:59:3F"}}},"request":{"raw":"GET /favicon-16x16.png HTTP/1.1\r\nHost: hianime.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nCookie: _ga_R34F2GCSBW=GS2.1.s1755867519$o1$g0$t1755867519$j60$l0$h0; _ga=GA1.1.831464841.1755867520; dom3ic8zudi28v8lr6fgphwffqoz0j6c=5c1a4625-c7b5-4c2f-8fca-697edc317d1a%3A3%3A1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 22 Aug 2025 12:58:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 1087\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-dns-prefetch-control: on\r\nexpect-ct: max-age=0\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff, nosniff\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0, 1; mode=block\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000\r\nlast-modified: Sun, 25 Feb 2024 16:11:19 GMT\r\netag: W/\"43f-18de108fd85\"\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ki3u%2Fz7OSClWYUzUb2fSOj5RG8E69qoadIp1EBdPrXErnVNRqivJtjJlYUxpzO23g8%2FCV3u3Y%2FOEhiuk5wTE0E2FazvGSncXwq8%3D\"}]}\r\ncf-ray: 97328b01bd5c5fc4-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1087,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit colormap, non-interlaced","md5":"6e9c90e892d6a14567c3d8ddb38b1b26","sha1":"ac809df2d7f201e9b0623783e99ba131444444ac","sha256":"18b382173b2fca572515289f4582ae5e9a68cc327500a2d58fc3e2accda0f26d","sha512":"853ab225badcb411a9560d6091ca85e7ef1d8ad0d309eb698876837ed5f9a618ad0718da6b7a5e5d39c49a7ca54be4811da7e396b523198a092b00f212f16720","ssdeep":"","tlshash":"8f11e9c3e634dd30d68e1b2a2a4e234d9ab7c82213c30c8df69cf59f4d10a8901e5ec2","first_seen":"2024-03-01T22:44:46Z","last_seen":"2026-03-11T18:54:36.901829Z","times_seen":167,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":91,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/chat/mob/ssp/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.80.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:40.916Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 01 Jul 2025 14:01:22 GMT","end":"Mon, 29 Sep 2025 14:59:36 GMT"},"fingerprint":{"sha1":"CD:76:E0:2A:28:09:08:24:2D:4C:A1:14:B2:AE:6C:39:A4:CC:2F:6B","sha256":"8B:98:84:C0:8D:47:7C:1B:A7:26:4B:E4:9E:6E:FD:8E:E1:6D:6E:41:1D:E7:91:B7:70:A3:C1:D0:C0:85:6B:31"}}},"request":{"raw":"GET /sb/chat/mob/ssp/1/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 22 Aug 2025 12:58:40 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 07 May 2022 05:43:05 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XnDNp19xuWkd3YFxyGze72KugsjZBFsTUbaQjCE%2FgvstH8s7KXrvgBeUJiamIx7eDuUmlgzWtsclY2HahVoBGMoInk0sTvHdTUDC5QIwyHE%3D\"}]}\r\nage: 1224113\r\ncf-cache-status: HIT\r\netag: W/\"627606e9-15d94\"\r\ncontent-encoding: br\r\ncf-ray: 97328b05b95196bf-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89492,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"561acb3e541133bbdd2c0c19f8ee35a1","sha1":"ffd1353cf3f77d25f801c84d8208613eb0d3d548","sha256":"9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc","sha512":"8a647ed6f56b4da93c7a034609060991cc8080350f057f4f2af2c369f18af066db3b4e77701fc017027fd774264a6d0f84927239d7d2f693edc6f7d6a0917be3","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakV:YYh8eip3hXuf6IidlrvakdtQ47GKl","tlshash":"f993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:04:00Z","last_seen":"2026-04-03T18:56:22.048855Z","times_seen":6515,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hianime.to/css/home.css?v=0.9","fqdn":"hianime.to","domain":"hianime.to","tld":"to"},"ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hianime.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 09 Aug 2025 15:14:50 GMT","end":"Fri, 07 Nov 2025 16:13:26 GMT"},"fingerprint":{"sha1":"DC:A8:7E:36:7D:7E:50:EA:F4:A7:BF:44:C8:B0:0E:66:93:41:62:EA","sha256":"00:F0:AD:9A:D1:77:78:80:8B:E2:66:30:F9:CF:C4:AB:13:35:72:19:FC:C4:78:BE:82:E2:BE:20:0F:FA:59:3F"}}},"request":{"raw":"GET /css/home.css?v=0.9 HTTP/1.1\r\nHost: hianime.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 22 Aug 2025 12:58:39 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tbgAhGsmBALQJ%2FPYtJMMM6BNYPPYX%2BfXz1NK3z017VB8RRNfMtkKA%2B57oKqSaVtkJUe4gzZOEteSrHBEG72Qdt%2B0FaJy2WgnPmQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-dns-prefetch-control: on\r\nexpect-ct: max-age=0\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff, nosniff\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0, 1; mode=block\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 19 Feb 2025 07:56:50 GMT\r\netag: W/\"3bd9-1951d35a91e\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\ncf-ray: 97328af9db6a5fc4-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15321,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text","md5":"39cd3e3ddcfb88f677b57dc882f2d94b","sha1":"bcc16221b87fa920a6c43eb57371029660c8b9c4","sha256":"c2f2a7cb2b4ea3a244a975900e75fc64588897dfb76d87e406e406a312c8dd5d","sha512":"200d26476f4e6c56055e815be387df73cec502f2ef3a73fc0501f3fda6df58908f8d46dc03d9489a940adbf96af3f8dd602d695b7de3b660e5c1bfbf4b717e42","ssdeep":"192:8NJnhmJ/805dNOIWrYI9upEIq39pNJ9pNJ9pNoTbT2MykL5vEuvL7vZhoIQ01Q1P:wrScdcZ/T2MykL5vEuvL7vXoIQ01sr","tlshash":"6362a812d361334df067a6d67eb3bb5b13288052d3012bfc59b63da8d1ce8985172ba7","first_seen":"2025-03-09T17:43:36.418017Z","last_seen":"2026-03-11T18:54:36.975915Z","times_seen":45,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.396Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"DF:A1:DB:1F:BC:5E:31:D7:F8:FE:26:E3:B9:B3:02:98:B1:C8:50:EC","sha256":"A2:57:20:B6:AE:46:89:B9:39:C7:57:9B:1E:43:96:E3:5A:BC:7E:3F:1D:18:10:34:CC:53:3D:DB:78:4E:5C:21"}}},"request":{"raw":"GET /css2?family=Poppins:wght@300;400;500;600\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 22 Aug 2025 12:58:39 GMT\r\ndate: Fri, 22 Aug 2025 12:58:39 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4792,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"7de1ccae7599ff597ec7b6c3ddf34c59","sha1":"d15726a0e09ea74b39489ada737a5a3387963348","sha256":"98c124b6b149c8338903dae79750c71e7e7f95a9adda9454ae68eaf0522fc45c","sha512":"8c91ab5ee8eecae770f6fee4f35ad42187d928a23f736dfdbd82fe15234fe6561415d0a33839ccff6b5dbd44c35f14891a37cfc2e552723476c5f0b09d8b21ee","ssdeep":"96:SO1aaO1aiJc+ukO1alN3OEaOOEarJc+ukOEalN3OXaaOXaiJc+ukOXalN3OxMa9Z:4wqdApvQn+q3K4lab","tlshash":"cca19ed1087be5049b831cc123cf7d36ee1ea255b450e5786bfd0c98adabc694362b2d","first_seen":"2025-04-24T03:53:11.676647Z","last_seen":"2025-09-16T21:25:20.925541Z","times_seen":416,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":56,"dns":1,"connect":20,"send":0,"wait":36,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJnecmNE.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"43:A0:95:35:FB:C7:02:15:92:9E:20:20:0D:0A:E7:8F:93:61:52:CD","sha256":"F1:59:AE:4E:F0:84:C7:D9:0F:67:4F:CB:FE:A6:ED:7D:47:17:4F:83:AA:B4:ED:FE:F5:F2:69:A8:AB:43:0E:0B"}}},"request":{"raw":"GET /s/poppins/v23/pxiEyp8kv8JHgFVrJJnecmNE.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hianime.to\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 5644\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 21 Aug 2025 10:35:15 GMT\r\nexpires: Fri, 21 Aug 2026 10:35:15 GMT\r\ncache-control: public, max-age=31536000\r\nage: 95004\r\nlast-modified: Wed, 23 Apr 2025 16:05:58 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5644,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 5644, version 1.0","md5":"90926c36b712cb131f3f890bbb8c477e","sha1":"854e6f96532537002044042175ea57d6f83bf4e9","sha256":"0b1fcab42c18b69bcfe9ce4799fcbff5af1621c53ffcfdc4723c6f5ec4ee3ffb","sha512":"83807f0c7a832ffcc7093e676b8da21b323e0ca46b407978249565197416429f8208191b50a47a0ee0e0e56fb0a7e52a57aceebe77544580b88c174078446147","ssdeep":"96:fIFfzjZxOWVAeoZKJygG7gQ0ARrvfzR7YHDviqi9CdWRxHTjlt7ndMk+09RiOb:wlLOLZKJzJARrl7Yjvhi9CdoTjR+09L","tlshash":"dcc19e7ff40ea6424e4c3c7afa3fe30fd5c1109f5e3985f12696a9283562195821c2e6","first_seen":"2024-12-05T00:19:49.50341Z","last_seen":"2026-04-03T21:00:26.993958Z","times_seen":20163,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":107,"dns":0,"connect":0,"send":0,"wait":8,"receive":5,"ssl":100},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"18.184.205.211","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.824Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hianime.to\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 22 Aug 2025 12:58:40 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://hianime.to\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=bba49f7d-0054-479a-b7b3-8ff11eaa5b8c:1:1; expires=Mon, 20 Aug 2035 12:58:40 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"3e3cb134e3879ed708b4ecc73f04663b","sha1":"d688e0c61592e9840cfad91304870b4cc0168a91","sha256":"45f9bffec716aebc192f2a266a8f619976b944ebdfcbefcb6a406a7a231f9d60","sha512":"74a95a18b0b19c3584e26f3431e105aee2f875625bf1a5e0cb6e917cdca6ecbe94b050d994266c9f0fc3c93c06efcf793a1108bd5f5b5977a0c8b2c6df5698f7","ssdeep":"","tlshash":"8b9004c034357401c5d340500d51dd3d1300f13dcc040c043455517171405114f54cc0","first_seen":"2025-08-22T12:59:04.727107Z","last_seen":"2025-08-22T12:59:04.727107Z","times_seen":1,"resource_available":false,"data":null}},"time_used":403,"timings":{"blocked":181,"dns":11,"connect":21,"send":0,"wait":21,"receive":1,"ssl":165},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 01 Jul 2025 15:18:37 GMT","end":"Mon, 29 Sep 2025 15:18:36 GMT"},"fingerprint":{"sha1":"1A:27:71:C0:8E:44:D4:6B:F5:AA:49:F0:F1:AF:E5:5F:30:23:A4:D4","sha256":"84:6C:2E:D6:ED:8A:2F:33:05:CC:E9:F2:24:E5:5C:E0:80:C2:04:2D:C3:21:06:64:E1:0D:14:81:A1:9A:00:1B"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Fri, 22 Aug 2025 12:58:39 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 9fecbe33cd10aa47e48c2bfd7c07053b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T21:31:01.969645Z","times_seen":13304312,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":17,"send":0,"wait":34,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hianime.to/images/logo.png?v=0.1","fqdn":"hianime.to","domain":"hianime.to","tld":"to"},"ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.033Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hianime.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 09 Aug 2025 15:14:50 GMT","end":"Fri, 07 Nov 2025 16:13:26 GMT"},"fingerprint":{"sha1":"DC:A8:7E:36:7D:7E:50:EA:F4:A7:BF:44:C8:B0:0E:66:93:41:62:EA","sha256":"00:F0:AD:9A:D1:77:78:80:8B:E2:66:30:F9:CF:C4:AB:13:35:72:19:FC:C4:78:BE:82:E2:BE:20:0F:FA:59:3F"}}},"request":{"raw":"GET /images/logo.png?v=0.1 HTTP/1.1\r\nHost: hianime.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 22 Aug 2025 12:58:39 GMT\r\ncontent-type: image/png\r\ncontent-length: 11692\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-dns-prefetch-control: on\r\nexpect-ct: max-age=0\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff, nosniff\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0, 1; mode=block\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 26 Feb 2024 18:22:32 GMT\r\netag: W/\"2dac-18de6a77cbb\"\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SdZhgjtzJa4ZsKs4pJTMck7ucOnOGKkKukHNnSfXggWqa5F7VFdWs6h6ddEtWZI4IpOIAn5CNe6cpQFqlYGn5M2%2FVFPGJg4qKBg%3D\"}]}\r\ncf-ray: 97328af9db6b5fc4-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11692,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 823 x 200, 8-bit/color RGBA, non-interlaced","md5":"492a93ad00dcf6963fcbb9fb68f30e41","sha1":"cda7d03d383c904b0c042e49b7ec87815c1623f2","sha256":"3993c075ef585ca3b0d101603170a1e8b8e816598a6ba5e167560c11dfbfd4bd","sha512":"446e1186347f94a553411ef2ea04d70a3527ac3585042f7e89e06aec9f4b9b3dfbefc2e9805881b72ff1c81f14b5aeeb0512b03eee8a43140ea7fbb6d4a7c137","ssdeep":"192:/dmpvNfa8jaMquyXBp5ui5HcAzNB1ERZHM7lzdIwtn:yZDRyXBprS++adhl","tlshash":"0d32bf87e8c34ad1eb556cb620ef9a432250289060f5edf6838bccb6e912dd4605789b","first_seen":"2024-03-01T22:44:46Z","last_seen":"2026-03-21T07:15:49.951615Z","times_seen":190,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/chat/mob/ssp/1/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.80.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:40.801Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 01 Jul 2025 14:01:22 GMT","end":"Mon, 29 Sep 2025 14:59:36 GMT"},"fingerprint":{"sha1":"CD:76:E0:2A:28:09:08:24:2D:4C:A1:14:B2:AE:6C:39:A4:CC:2F:6B","sha256":"8B:98:84:C0:8D:47:7C:1B:A7:26:4B:E4:9E:6E:FD:8E:E1:6D:6E:41:1D:E7:91:B7:70:A3:C1:D0:C0:85:6B:31"}}},"request":{"raw":"GET /sb/chat/mob/ssp/1/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hianime.to\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 22 Aug 2025 12:58:40 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sat, 07 May 2022 03:21:31 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"6275e5bb-135d1\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\nage: 663979\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9rolLSG8I1gtVwvomOepAAzKXifv%2FfoRU%2BRPf8RzOV8g5qXmvDyAeMW%2Fv8PvUMi19VyHCIOl0mW7ZFPUzV3szykNqKGVptj14t4mJc5gpoY%3D\"}]}\r\ncf-ray: 97328b05480996bf-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":79313,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"fc638645a938f69e69360c75335ffd1a","sha1":"143132fb8361c3ad0acf88cb70bf0b07c0ecc2d4","sha256":"7ef76aab275d0221c68602d18f81b4285b280756f0f71d535ed8b5b889bc2f90","sha512":"53aa35f68eede2f65b272821573513db8d2505a051c8af7fbf2350eee39d0103b8536740f5c0815dd4004bd82f7493276ad362f6f87715e281cbb1dd6297fa34","ssdeep":"384:ZNFu8uVWgnu5uLlFlH/O/Qu7u/sjzbg/jxXlIPfL4jKgZQMkL0Vvaj7Z:ZNFu8uEgnu5uBu7uhKgZQMkL0Vvaj7Z","tlshash":"27731fad2991148456638a1d83df8e68673ce573181a9cef73c2488bcf8bf9c67c9147","first_seen":"2023-04-05T09:47:15Z","last_seen":"2026-01-17T18:50:06.222826Z","times_seen":1884,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":35,"dns":0,"connect":10,"send":0,"wait":19,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=UA-304498478-1\u0026cx=c\u0026gtm=4e58k1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.868Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:34:03 GMT","end":"Mon, 29 Sep 2025 08:34:02 GMT"},"fingerprint":{"sha1":"A2:8A:24:AD:51:7D:A4:62:BB:34:6F:C9:21:A1:B9:E1:2D:A6:0E:C1","sha256":"9F:B9:94:8F:84:D3:44:71:A7:81:72:C8:80:4D:14:02:E3:E0:30:0C:F1:17:27:83:00:82:D9:C3:68:D3:B3:AF"}}},"request":{"raw":"GET /gtag/js?id=UA-304498478-1\u0026cx=c\u0026gtm=4e58k1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 22 Aug 2025 12:58:39 GMT\r\nexpires: Fri, 22 Aug 2025 12:58:39 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Fri, 22 Aug 2025 12:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1106:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1106:0\r\nreport-to: {\"group\":\"ascgcycc:1106:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1106:0\"}],}\r\nserver: Google Tag Manager\r\ncontent-length: 97283\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":273111,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2459)","md5":"a168f0cf476da966c6ad83d5ace6f70c","sha1":"8df6d9198617eb33b3e50371d4c5f3ac3fe96bd1","sha256":"b3a94bf6039f397fa5fce4a8217bd9f191daf7591c3aa9e57a6cc8f3106b1cc7","sha512":"10bbf15b9b408c9036fcd6fcd714135ad3ede3bbff7a22542c1c327950bf4a6b4439bde3edbd16795b66323dd9c83e481b6eb3d0005c50f6de17fed4d8e1b79b","ssdeep":"6144:DYqVja60UJo4uPhrNyyAtTQ2HG//wWasd8CGPgAX:8qV26Fo4uPhrNyn2oi8zos","tlshash":"7c4409cc73d6b42683a36478503f114bb23b7992f84cd894e182d8d52e74aaa4277f7d","first_seen":"2025-08-22T12:59:04.729544Z","last_seen":"2025-08-22T12:59:04.729544Z","times_seen":1,"resource_available":true,"data":null}},"time_used":52,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":33,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/7e/c0/ce/7ec0cee9c9eddc0313c7224f4bb9c235dcceed35221c66d90032359ec2e4b6ab.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:40.915Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 10 Jul 2025 02:33:11 GMT","end":"Wed, 08 Oct 2025 02:33:10 GMT"},"fingerprint":{"sha1":"06:D8:07:0F:AB:BF:D8:7F:C5:38:82:AC:A7:8A:20:4D:83:6C:EA:C9","sha256":"CF:05:58:46:C3:07:3F:B6:A6:8D:42:F2:3B:3D:91:36:93:10:CB:D5:89:47:A3:62:26:D2:F3:BA:AC:51:0E:B7"}}},"request":{"raw":"GET /si/7e/c0/ce/7ec0cee9c9eddc0313c7224f4bb9c235dcceed35221c66d90032359ec2e4b6ab.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 22 Aug 2025 12:58:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 6423\r\nserver: nginx/1.21.6\r\nlast-modified: Fri, 15 Aug 2025 01:09:57 GMT\r\netag: \"689e88e5-1917\"\r\nexpires: Sun, 24 Aug 2025 12:58:40 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: ah0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6423,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3","md5":"d8f143c53ef89fe568fb4f86eaaadd76","sha1":"57435a41ae46252e83eaa425e86c8d004fc82287","sha256":"2939c9713939fc59e054d5101edbb46015515ea52bd362372aeb6475d0a67a26","sha512":"1344497a4e548bea8882be8acbb9384fa7dcc15e31194cc670622945ba95d60825d069dffb2d3cd3a659c21df65909b3780e377c55202560be35db2aec41b680","ssdeep":"96:IElbw+iukgvhR4EpfmZe4iM/B+bNpqt9TJu5FY67pz97OPhk7fIOA+e1vRvzo:9wtwRfunBKMt9eY2pz9qa6RZvE","tlshash":"73d18e4a94192ba1ee9a49f8e8d73f03d22876716e66b63420830cfdbb12dfc4144741","first_seen":"2025-08-15T07:53:25.315072Z","last_seen":"2025-12-22T04:22:03.419479Z","times_seen":1333,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":41,"dns":0,"connect":19,"send":0,"wait":19,"receive":1,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js\u0026l=382\u0026fd=26","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:41.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Jun 2025 22:21:33 GMT","end":"Fri, 26 Sep 2025 22:21:32 GMT"},"fingerprint":{"sha1":"4A:6A:48:C8:5B:C5:2B:2E:9C:03:AF:BF:4C:E6:10:23:E2:7B:EA:97","sha256":"A8:42:B5:4A:20:C8:13:EF:B5:90:0F:54:37:F7:05:60:8D:91:07:E3:A4:0F:7A:22:C9:AF:F1:F5:22:E8:68:C9"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js\u0026l=382\u0026fd=26 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Fri, 22 Aug 2025 12:58:41 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T21:31:01.969645Z","times_seen":13304312,"resource_available":true,"data":null}},"time_used":114,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":114,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hianime.to/images/level-a-3.png","fqdn":"hianime.to","domain":"hianime.to","tld":"to"},"ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.568Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hianime.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 09 Aug 2025 15:14:50 GMT","end":"Fri, 07 Nov 2025 16:13:26 GMT"},"fingerprint":{"sha1":"DC:A8:7E:36:7D:7E:50:EA:F4:A7:BF:44:C8:B0:0E:66:93:41:62:EA","sha256":"00:F0:AD:9A:D1:77:78:80:8B:E2:66:30:F9:CF:C4:AB:13:35:72:19:FC:C4:78:BE:82:E2:BE:20:0F:FA:59:3F"}}},"request":{"raw":"GET /images/level-a-3.png HTTP/1.1\r\nHost: hianime.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/css/home.css?v=0.9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 22 Aug 2025 12:58:39 GMT\r\ncontent-type: image/png\r\ncontent-length: 5466\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-dns-prefetch-control: on\r\nexpect-ct: max-age=0\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff, nosniff\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0, 1; mode=block\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000\r\nlast-modified: Sun, 25 Feb 2024 16:11:19 GMT\r\netag: W/\"155a-18de108fd8a\"\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YmxJqLS%2BtheLKwRpM1EUQMqhZDjVAvp2CPEbJettxVyUGxbeHfoXC5lVaIYM0UBL7xwDEcZBCkf%2F1OVdYTYlgvW7nEB9RLN3HMs%3D\"}]}\r\ncf-ray: 97328afd4c455fc4-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5466,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"42671822220eb9797d9444deb7f03914","sha1":"ffc1edf29f6ca353c79756417661a6c0bff05813","sha256":"abe7005fcd42982de5fbee3e89882b0e8aeb76311169117fc8540bf2a3191926","sha512":"a35c47a116d62c1c5ddb69f5301bc3672e1bcb13494dc9b68f0f807683a37a4273752fd1ef9fcaea9e21a225eec77c4affacd47c8761358b2c79bc9e690c61b3","ssdeep":"96:T2dYOdhWjGm6XmNajh4P0peX6GWOQz4Jpm0r3MPVxxM3ZzHOmuNa:MYvRNS4P0pohcspOxylus","tlshash":"a1b19d4cbc913c22367492e74cf1fc77d676091844a4acd5a80fbd957d887faa0e068b","first_seen":"2023-05-26T10:06:10Z","last_seen":"2026-03-24T22:42:26.755211Z","times_seen":53,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":91,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.11.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 12 Jul 2025 02:43:39 GMT","end":"Fri, 10 Oct 2025 03:43:37 GMT"},"fingerprint":{"sha1":"C1:BD:D6:84:57:89:FE:9E:6D:F9:1F:26:76:1D:7C:45:E8:23:F6:35","sha256":"42:6A:B9:E6:CC:53:CB:12:2A:7A:43:B8:3D:90:FC:5E:4D:CA:A2:E0:3D:B4:2E:38:10:A6:6F:26:86:7F:D5:A0"}}},"request":{"raw":"GET /bootstrap/4.4.1/css/bootstrap.min.css HTTP/1.1\r\nHost: stackpath.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 22 Aug 2025 12:58:39 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncf-ray: 97328afa39750d92-ARN\r\ncdn-pullzone: 252412\r\ncdn-uid: b1941f61-b576-4f40-80de-5677acb38f74\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"7cc40c199d128af6b01e74a28c5900b0\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:09 GMT\r\ncdn-cachedat: 05/31/2025 19:01:54\r\ncdn-proxyver: 1.28\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 874\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: e9353977deab9d1b5b3dfa0bee16a920\r\ncdn-cache: HIT\r\ncf-cache-status: HIT\r\nage: 1240710\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":159515,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65324)","md5":"7cc40c199d128af6b01e74a28c5900b0","sha1":"d305110fb79113a961394b433d851a3410342b8c","sha256":"2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6","sha512":"ce79937f81cda05f54ea67c1e8a96101285b46f6ede02bc2687a0d574832b2c7d3a0d43ff40d1e35d51bbec4b038852825d323146da7752bebd0ba37669b13a9","ssdeep":"1536:a7OIJNT48SyEIA1pDEBi8INcuSEFO//uKFq3SYiLENM6HN26F:a7Za4GMq3SYiLENM6HN26F","tlshash":"9ef352a6f5a0312de467c61964d0bafe152f8245d7224bfaf827376487892c70a73e4c","first_seen":"2023-04-05T08:47:50Z","last_seen":"2026-04-03T20:47:00.338991Z","times_seen":17052,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":43,"dns":4,"connect":8,"send":0,"wait":21,"receive":0,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hianime.to/images/anw-min.webp?v=0.1","fqdn":"hianime.to","domain":"hianime.to","tld":"to"},"ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.032Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hianime.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 09 Aug 2025 15:14:50 GMT","end":"Fri, 07 Nov 2025 16:13:26 GMT"},"fingerprint":{"sha1":"DC:A8:7E:36:7D:7E:50:EA:F4:A7:BF:44:C8:B0:0E:66:93:41:62:EA","sha256":"00:F0:AD:9A:D1:77:78:80:8B:E2:66:30:F9:CF:C4:AB:13:35:72:19:FC:C4:78:BE:82:E2:BE:20:0F:FA:59:3F"}}},"request":{"raw":"GET /images/anw-min.webp?v=0.1 HTTP/1.1\r\nHost: hianime.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 22 Aug 2025 12:58:39 GMT\r\ncontent-type: image/webp\r\ncontent-length: 98206\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-dns-prefetch-control: on\r\nexpect-ct: max-age=0\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff, nosniff\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0, 1; mode=block\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 28 Feb 2024 00:38:35 GMT\r\netag: W/\"17f9e-18ded262247\"\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3ef3X%2FVzfY63%2BZ6d%2FBdkKJneKM1DIfGElX549G0MyF90p4ZFUgluhD91577z%2BD3pegM1OZTDXHxS%2BDS1lTCATDsB3Uxfp%2FXb8A8%3D\"}]}\r\ncf-ray: 97328af9db695fc4-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":98206,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6afcd5cc3add55c89bb977151f37a237","sha1":"4116f225c22ab717d6d81f6e6a7dca9abe57587f","sha256":"03a02f89b6edc8c00a5d6891c07c46cf415df43b020d16502e759ae0d27e1f8b","sha512":"0392eb01a1f646c02941c7ad5049f2d606cf7a791d12a6f7b6c99efcc256c9920b98b8ab2779da877d052f975f8dbd51c23022294899385d1bfe1c19ac9feeeb","ssdeep":"1536:L2lMyqFroiZsm2jA4Gn9JLkcACLGYtVU39Gb++LPvCu+59UDi/VmBsWCgTQnLQB4:Lk/WrymjP9WcTL3tVmGb5PvCuM9UDOYi","tlshash":"29a312a8bc2217eec62b7b6723bcc28d93161ef517eebc8206017222ef05c707994951","first_seen":"2024-03-02T06:01:56Z","last_seen":"2026-03-11T18:54:36.972935Z","times_seen":71,"resource_available":false,"data":null}},"time_used":192,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":92,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.noitatnemucod.net/avatar/100x100/demon_splayer/File20.jpg","fqdn":"cdn.noitatnemucod.net","domain":"noitatnemucod.net","tld":"net"},"ip":{"addr":"172.67.166.106","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.039Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noitatnemucod.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 12:07:41 GMT","end":"Sat, 08 Nov 2025 13:06:14 GMT"},"fingerprint":{"sha1":"2C:99:64:84:FE:61:C5:30:BA:C0:F8:97:C8:3A:B2:06:69:04:A4:57","sha256":"C7:AA:17:DB:CD:4D:9E:83:2C:5B:9A:2A:59:65:9D:AC:24:53:E0:01:26:10:1D:95:A3:0A:CA:22:8C:8F:FC:D1"}}},"request":{"raw":"GET /avatar/100x100/demon_splayer/File20.jpg HTTP/1.1\r\nHost: cdn.noitatnemucod.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 22 Aug 2025 12:58:39 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 10435\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 13 Oct 2022 02:09:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6347736e-747b2\"\r\nx-cache: HIT\r\naccept-ranges: bytes\r\nage: 2274\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ynBBUEo2aeBpTdXEO3X7SLyZ5LsQchxpZ5q7qUC9RClZPZI5L6ySJi7DxE29ZyrCVgOBmR1V3TYZP%2FTl5Uj%2FYFYa2tVO%2F7ApDyukxyxGutqcErQgEw%3D%3D\"}]}\r\ncf-ray: 97328afa5c15b000-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10435,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100\", progressive, precision 8, 99x100, components 3","md5":"5084a007451bd5fa47f364d059566f5f","sha1":"0c0ebb882d5ab8e3472798569f6492f6e79b5720","sha256":"1103ab8fd5335766ff14db257000c0782a81d4cd6144286e23cc77620ce5bde3","sha512":"46b57b56b3f5841c7e263df109792277f58888c0caf87d25368e739bdb55c1db6b568b127b3bff8107aadda233258aff85f4345620a8a895e6d66a13a4bb2bdb","ssdeep":"192:5XZEBDezxQRQm4Xyjhzl7xDM0rC0vN7DcsoKuKm1HRbznEa4Fc0qOt:5XZEZ6yRjhzvDRrDN7Dcs4KmVRb7EjeU","tlshash":"cd22ae6043e34d22c53eb2b68bb943d4b2c17f6bf5a489cab6187410de345e2c4b41c3","first_seen":"2023-10-31T00:49:56Z","last_seen":"2025-10-29T12:12:09.764556Z","times_seen":6,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":52,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"43:A0:95:35:FB:C7:02:15:92:9E:20:20:0D:0A:E7:8F:93:61:52:CD","sha256":"F1:59:AE:4E:F0:84:C7:D9:0F:67:4F:CB:FE:A6:ED:7D:47:17:4F:83:AA:B4:ED:FE:F5:F2:69:A8:AB:43:0E:0B"}}},"request":{"raw":"GET /s/poppins/v23/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hianime.to\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 8000\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 21 Aug 2025 10:39:42 GMT\r\nexpires: Fri, 21 Aug 2026 10:39:42 GMT\r\ncache-control: public, max-age=31536000\r\nage: 94737\r\nlast-modified: Wed, 23 Apr 2025 16:07:17 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8000,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 8000, version 1.0","md5":"72993dddf88a63e8f226656f7de88e57","sha1":"179f97ec0275f09603a8db94d4380eb584d81cd5","sha256":"f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149","sha512":"7c20165f9d22a86341e841fd58526209017dcde2afe2d0d2a89fe853d95dc69f658d25cf798c71f452dab09843fc808c1ae87a60b1284134163abf5a1d93e50a","ssdeep":"192:GDonmfrEdXT8WrxzRXwyQo3zGEOM7Y2hOMgWnsfYSjv4ENFGwrlKJ:8onPxTzjgyQSzLPXOTIYHJAJ","tlshash":"08f1b0ffa92456c4df692475a5044f27623652b4dd35cb2f496f3e12d2d74224bcc4c1","first_seen":"2023-04-05T18:53:14Z","last_seen":"2026-04-03T21:31:38.582279Z","times_seen":202947,"resource_available":false,"data":null}},"time_used":277,"timings":{"blocked":132,"dns":1,"connect":20,"send":0,"wait":8,"receive":1,"ssl":111},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css\u0026l=79313\u0026fd=62","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:40.892Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Jun 2025 22:21:33 GMT","end":"Fri, 26 Sep 2025 22:21:32 GMT"},"fingerprint":{"sha1":"4A:6A:48:C8:5B:C5:2B:2E:9C:03:AF:BF:4C:E6:10:23:E2:7B:EA:97","sha256":"A8:42:B5:4A:20:C8:13:EF:B5:90:0F:54:37:F7:05:60:8D:91:07:E3:A4:0F:7A:22:C9:AF:F1:F5:22:E8:68:C9"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css\u0026l=79313\u0026fd=62 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Fri, 22 Aug 2025 12:58:41 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T21:31:01.969645Z","times_seen":13304312,"resource_available":true,"data":null}},"time_used":550,"timings":{"blocked":274,"dns":0,"connect":0,"send":0,"wait":92,"receive":0,"ssl":184},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js?render=explicit","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 27 Jun 2025 18:18:48 GMT","end":"Thu, 25 Sep 2025 19:18:44 GMT"},"fingerprint":{"sha1":"FC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71","sha256":"BB:03:73:81:C3:D5:2A:60:50:9B:EE:D1:B3:C9:4C:36:9B:BF:95:CD:0B:6D:F8:90:F3:87:0E:0D:F9:5F:4D:CA"}}},"request":{"raw":"GET /turnstile/v0/api.js?render=explicit HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Fri, 22 Aug 2025 12:58:39 GMT\r\ncontent-length: 0\r\ncf-ray: 97328af9ea997131-OSL\r\naccess-control-allow-origin: *\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public\r\ncross-origin-resource-policy: cross-origin\r\nlocation: /turnstile/v0/b/4710d66e8fda/api.js\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48995,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T21:31:01.969645Z","times_seen":13304312,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":23,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html\u0026l=2977\u0026fd=157","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:40.795Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Jun 2025 22:21:33 GMT","end":"Fri, 26 Sep 2025 22:21:32 GMT"},"fingerprint":{"sha1":"4A:6A:48:C8:5B:C5:2B:2E:9C:03:AF:BF:4C:E6:10:23:E2:7B:EA:97","sha256":"A8:42:B5:4A:20:C8:13:EF:B5:90:0F:54:37:F7:05:60:8D:91:07:E3:A4:0F:7A:22:C9:AF:F1:F5:22:E8:68:C9"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html\u0026l=2977\u0026fd=157 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Fri, 22 Aug 2025 12:58:40 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T21:31:01.969645Z","times_seen":13304312,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/chat/mob/ssp/1/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.80.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:40.800Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 01 Jul 2025 14:01:22 GMT","end":"Mon, 29 Sep 2025 14:59:36 GMT"},"fingerprint":{"sha1":"CD:76:E0:2A:28:09:08:24:2D:4C:A1:14:B2:AE:6C:39:A4:CC:2F:6B","sha256":"8B:98:84:C0:8D:47:7C:1B:A7:26:4B:E4:9E:6E:FD:8E:E1:6D:6E:41:1D:E7:91:B7:70:A3:C1:D0:C0:85:6B:31"}}},"request":{"raw":"GET /sb/chat/mob/ssp/1/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hianime.to\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 22 Aug 2025 12:58:40 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Mon, 21 Feb 2022 08:25:04 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"62134c60-1209\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\nage: 623931\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PvY%2FV6%2Bnm83torXCOiPhERVd%2Fbzy7G%2BPjy%2FG6OgjGkKiT%2BZ8t39R8nWL3QSD796%2BUoy7C%2Fvu7yxqoqoOSAmUfSoewDqoeSZSXVTzcRX4Z60%3D\"}]}\r\ncf-ray: 97328b05480496bf-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4617,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"630f303dfe147dec2c4a226287393b69","sha1":"3e9f8270b84e09595181bd55de6785a89f53ba10","sha256":"967d085a33a12064d83cb38f582c3e418e021a2d523dd9597bb75dc00589fec7","sha512":"aa41feb60ccd79d5e3499f58fcdee9d8b14312a885901990af21f8b15cc21e84e57edf843c9dc69e8146b7151c4d010d0c2d2b4cf8dd46a312266bf73d88359d","ssdeep":"96:ynjK1CQxCqyjG+6VE1VOCXYAX5yIvcMpzsFuTOKoMGMp9h815/SgarZnA3AG5Nbd:QjK1C1qiG+6VE1VOib5yIvdpzsFuTOK+","tlshash":"a491eea202e70a40ea0bd5631bec4b027b7504c32e0ace59badd194c9fc197893d39b2","first_seen":"2023-05-18T19:42:30Z","last_seen":"2026-01-17T18:50:06.19479Z","times_seen":1110,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":35,"dns":1,"connect":8,"send":0,"wait":19,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.813Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 01 Jul 2025 15:11:38 GMT","end":"Mon, 29 Sep 2025 15:11:37 GMT"},"fingerprint":{"sha1":"F9:52:70:4B:81:A8:F8:39:E6:E7:96:8F:EA:FE:17:FD:96:C5:32:E3","sha256":"D8:C9:87:B5:89:5E:D4:F4:8D:FD:98:3C:31:39:42:67:D3:20:27:14:A9:AD:F2:AB:97:A4:48:0F:94:F0:FF:A2"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Fri, 22 Aug 2025 12:58:39 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 28254\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: efb5092c8bd0f640508056dc36c87fbf\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":179,"timings":{"blocked":61,"dns":0,"connect":18,"send":0,"wait":33,"receive":18,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hianime.to/images/icons-512.png","fqdn":"hianime.to","domain":"hianime.to","tld":"to"},"ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:40.272Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hianime.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 09 Aug 2025 15:14:50 GMT","end":"Fri, 07 Nov 2025 16:13:26 GMT"},"fingerprint":{"sha1":"DC:A8:7E:36:7D:7E:50:EA:F4:A7:BF:44:C8:B0:0E:66:93:41:62:EA","sha256":"00:F0:AD:9A:D1:77:78:80:8B:E2:66:30:F9:CF:C4:AB:13:35:72:19:FC:C4:78:BE:82:E2:BE:20:0F:FA:59:3F"}}},"request":{"raw":"GET /images/icons-512.png HTTP/1.1\r\nHost: hianime.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nCookie: _ga_R34F2GCSBW=GS2.1.s1755867519$o1$g0$t1755867519$j60$l0$h0; _ga=GA1.1.831464841.1755867520; dom3ic8zudi28v8lr6fgphwffqoz0j6c=5c1a4625-c7b5-4c2f-8fca-697edc317d1a%3A3%3A1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 22 Aug 2025 12:58:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 120169\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-dns-prefetch-control: on\r\nexpect-ct: max-age=0\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff, nosniff\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0, 1; mode=block\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000\r\nlast-modified: Sun, 25 Feb 2024 16:09:15 GMT\r\netag: W/\"1d569-18de1071a7b\"\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B1E1dhrKKLIX1cudPtu61SqqHsPE5%2BRLAvPuSA0VVWB6ZWqQ%2BAPfBOSNnmjDrsG2ZknH%2FB7sQo495vMEqFb%2BGyJVBpvciQHO1E4%3D\"}]}\r\ncf-ray: 97328b01bd5b5fc4-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":120169,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"1c9db96287f5f34a216e5456cb67d0c0","sha1":"25653c740f5edef076f8cae2cd718b7c16fb14d2","sha256":"9045948928a3f44012fe6e4a4c38388185e7ffd945309c356ae3fda8ee62c8f9","sha512":"ec0df365901d2528289c9b9c3851563427d493035680bd2ea279b71887e7f1d9c418f7e9915e99e207a7f9a949b49ebb235f13db9c171852b12ba6dec43a3d66","ssdeep":"3072:pL+Z3I2kYV9NdJhaMX2Aq4hHqQPbsxlIZ23VOw:pq38YV9mIq4dzPIDP3Vl","tlshash":"a5c312fc9af6341447c21ef49adf7176e83d0d0c89dc3c97a6a3b4160363189a6863d9","first_seen":"2024-03-01T22:44:46Z","last_seen":"2026-03-11T18:54:36.958888Z","times_seen":179,"resource_available":false,"data":null}},"time_used":199,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":102,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vandalismloungenylon.com/pixel/sbs?c=1","fqdn":"vandalismloungenylon.com","domain":"vandalismloungenylon.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:41.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"vandalismloungenylon.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Mon, 28 Jul 2025 18:59:15 GMT","end":"Sun, 26 Oct 2025 18:59:14 GMT"},"fingerprint":{"sha1":"59:A0:73:EC:67:E0:43:E4:69:AC:F7:4E:B9:74:23:F3:83:C6:92:68","sha256":"15:65:55:BB:83:D4:9F:D7:04:F4:99:4F:69:65:67:25:64:0B:18:B5:42:BB:38:48:62:98:4E:7C:AB:02:C2:23"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: vandalismloungenylon.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nCookie: uid_id2=bba49f7d-0054-479a-b7b3-8ff11eaa5b8c:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl25699542=1; slec54b536712684480f5bddc4d3fd1ac8a1=[6116561]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Fri, 22 Aug 2025 12:58:41 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: vandalismloungenylon.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T21:31:01.969645Z","times_seen":13304312,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-22","alert":"Sinkholed","trigger":"vandalismloungenylon.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/b/4710d66e8fda/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.071Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 27 Jun 2025 18:18:48 GMT","end":"Thu, 25 Sep 2025 19:18:44 GMT"},"fingerprint":{"sha1":"FC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71","sha256":"BB:03:73:81:C3:D5:2A:60:50:9B:EE:D1:B3:C9:4C:36:9B:BF:95:CD:0B:6D:F8:90:F3:87:0E:0D:F9:5F:4D:CA"}}},"request":{"raw":"GET /turnstile/v0/b/4710d66e8fda/api.js HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hianime.to/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 22 Aug 2025 12:58:39 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-encoding: br\r\nlast-modified: Thu, 14 Aug 2025 15:17:42 GMT\r\ncache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 97328afa3add7131-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48995,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (48994)","md5":"49d515b98ccae9634aff66a4ca77af98","sha1":"bfa5462a4f47c2350dcd0b3000e9cb54bec63c21","sha256":"4ca696d2fb66b44648a8fd55bc9eeaa6958dd9e523c4a740365823c30d4fc087","sha512":"856b855e0662da94dc3d314080976df11b5cb203d5ac498bacd9d201013e82258ee66ba1c3bb948e0ea71dd319345d9988be765daa3a276f8571e1787a38cc39","ssdeep":"768:XC6BRV2fM4lLa+rnhPLy6PuR8u5jUjRFPlBMqfspV6q11AY13kep+ORWqxIrm3LW:J2E4lLa+rnhT/oj2P6V6GNI","tlshash":"8f231b583256793227e980e1617ba74373257939e94ccc50d423c86536bcecad233fba","first_seen":"2025-08-15T11:12:03.097811Z","last_seen":"2025-09-08T12:15:40.897517Z","times_seen":20901,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maxcdn.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js","fqdn":"maxcdn.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.041Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 12 Jul 2025 02:43:39 GMT","end":"Fri, 10 Oct 2025 03:43:37 GMT"},"fingerprint":{"sha1":"C1:BD:D6:84:57:89:FE:9E:6D:F9:1F:26:76:1D:7C:45:E8:23:F6:35","sha256":"42:6A:B9:E6:CC:53:CB:12:2A:7A:43:B8:3D:90:FC:5E:4D:CA:A2:E0:3D:B4:2E:38:10:A6:6F:26:86:7F:D5:A0"}}},"request":{"raw":"GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1\r\nHost: maxcdn.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 22 Aug 2025 12:58:39 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncf-ray: 97328afa3ace56be-OSL\r\ncdn-pullzone: 252412\r\ncdn-uid: b1941f61-b576-4f40-80de-5677acb38f74\r\ncdn-requestcountrycode: US\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"67176c242e1bdc20603c878dee836df3\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:06 GMT\r\ncdn-proxyver: 1.07\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 12/15/2024 13:11:59\r\ncdn-edgestorageid: 1232\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: a8442012d15d5b41ef897110420b078a\r\ncdn-cache: HIT\r\ncf-cache-status: HIT\r\nage: 1838686\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":51039,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (50758)","md5":"67176c242e1bdc20603c878dee836df3","sha1":"27a71b00383d61ef3c489326b3564d698fc1227c","sha256":"56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4","sha512":"9fa75814e1b9f7db38fe61a503a13e60b82d83db8f4ce30351bd08a6b48c0d854baf472d891af23c443c8293380c2325c7b3361b708af9971aa0ea09a25cdd0a","ssdeep":"768:E9Yw7GuJM+HV0cen/7Kh5rM7V4RxCKg8FW/xsXQUd+FiID65r48Hgp5HRl+:E9X7PMIM7V4R5LFAxTWyuHHgp5HRl+","tlshash":"3533b649725078b201df9176913f460bb736788ea907816cb95d98ed2e7cd89322bf3c","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-04-03T20:51:13.496457Z","times_seen":120580,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":4,"connect":1,"send":0,"wait":19,"receive":0,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vandalismloungenylon.com/67/84/54/67845425021f776b630c899590731bf0.js","fqdn":"vandalismloungenylon.com","domain":"vandalismloungenylon.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"vandalismloungenylon.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Mon, 28 Jul 2025 18:59:15 GMT","end":"Sun, 26 Oct 2025 18:59:14 GMT"},"fingerprint":{"sha1":"59:A0:73:EC:67:E0:43:E4:69:AC:F7:4E:B9:74:23:F3:83:C6:92:68","sha256":"15:65:55:BB:83:D4:9F:D7:04:F4:99:4F:69:65:67:25:64:0B:18:B5:42:BB:38:48:62:98:4E:7C:AB:02:C2:23"}}},"request":{"raw":"GET /67/84/54/67845425021f776b630c899590731bf0.js HTTP/1.1\r\nHost: vandalismloungenylon.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Fri, 22 Aug 2025 12:58:39 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 32830\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nset-cookie: 4b4e7ab587d59b22ad7bcd2439afc363_BS-899=0; expires=Fri, 22 Aug 2025 12:58:39 GMT; secure; SameSite=None\r\nx-envoy-upstream-service-time: 3\r\nHost: vandalismloungenylon.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 1f126f0eaf2ef5f56581d83359d50ff6\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":105883,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"0031e956e03617f5f15477e8efea3072","sha1":"c0eb9ef60da08b38441f25221925f04b480cb226","sha256":"5893f1398673a311466ba73f0c2b6ca3bb8a2e0db1754b0b72c67e46f495f8cc","sha512":"b56d96eb0726fb5bcc2225fe78b3af61c06520a482ebb97398e9d14f31bf251ba49255c827ad9435ae2d3f7a3296673334c268b6e21ecbcebd507f452f7143ee","ssdeep":"1536:dKIOanNmVJiUsbaeBvat/xp1P2PNrdMCC2cevmiwB/BDMCIu+5Y:3oVJiUs7ahxp521rcuZwH2un","tlshash":"fca3b8487f90fcbe02566033663f951bf1aa0e415958c988d11afdb42a3c31bfa3da75","first_seen":"2025-08-22T12:59:04.738121Z","last_seen":"2025-08-22T12:59:04.738121Z","times_seen":1,"resource_available":true,"data":null}},"time_used":494,"timings":{"blocked":-1,"dns":27,"connect":91,"send":0,"wait":98,"receive":92,"ssl":186},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-22","alert":"Sinkholed","trigger":"vandalismloungenylon.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vandalismloungenylon.com/54/b5/36/54b536712684480f5bddc4d3fd1ac8a1.js","fqdn":"vandalismloungenylon.com","domain":"vandalismloungenylon.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.046Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"vandalismloungenylon.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Mon, 28 Jul 2025 18:59:15 GMT","end":"Sun, 26 Oct 2025 18:59:14 GMT"},"fingerprint":{"sha1":"59:A0:73:EC:67:E0:43:E4:69:AC:F7:4E:B9:74:23:F3:83:C6:92:68","sha256":"15:65:55:BB:83:D4:9F:D7:04:F4:99:4F:69:65:67:25:64:0B:18:B5:42:BB:38:48:62:98:4E:7C:AB:02:C2:23"}}},"request":{"raw":"GET /54/b5/36/54b536712684480f5bddc4d3fd1ac8a1.js HTTP/1.1\r\nHost: vandalismloungenylon.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Fri, 22 Aug 2025 12:58:39 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 25634\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nset-cookie: 4b4e7ab587d59b22ad7bcd2439afc363_F-2677-8=0; expires=Fri, 22 Aug 2025 12:58:39 GMT; secure; SameSite=None\r\nx-envoy-upstream-service-time: 5\r\nHost: vandalismloungenylon.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: bbfe9d749828fad092e60d8d09eb3268\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":72607,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"64f3e0e2e46623d794f6026ddfe07c2c","sha1":"069c4291975ba5be90a425fc85e46330fcccfbd1","sha256":"ce356cae4921a82bfe8fb0262a2125b1c8e5da20e495d57fb6a4effc76d8b4f3","sha512":"d560093a04d18af6009475720464392c44c6987999a2c1b492ea3e2c852237ea2e1329b339345ffd28f23ea95c56ca061afba07a212b98b5a558ebfd23e58c11","ssdeep":"768:Y2DcxIm9xZqw648+QhS8u+Jcj/XcdNjNmmOdY08kUbTehzbcepw6f:Y2Dc1I4x5O+jvcEdY0U3fE","tlshash":"3e63c7483f51b27802e6b8fa712fa61af0261c1195d8e4d8f503f4deae66719f036f25","first_seen":"2025-08-22T12:59:04.739205Z","last_seen":"2025-08-22T12:59:04.739205Z","times_seen":1,"resource_available":true,"data":null}},"time_used":503,"timings":{"blocked":-1,"dns":26,"connect":93,"send":0,"wait":104,"receive":92,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-22","alert":"Sinkholed","trigger":"vandalismloungenylon.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/chat/mob/ssp/1/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.80.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:41.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 01 Jul 2025 14:01:22 GMT","end":"Mon, 29 Sep 2025 14:59:36 GMT"},"fingerprint":{"sha1":"CD:76:E0:2A:28:09:08:24:2D:4C:A1:14:B2:AE:6C:39:A4:CC:2F:6B","sha256":"8B:98:84:C0:8D:47:7C:1B:A7:26:4B:E4:9E:6E:FD:8E:E1:6D:6E:41:1D:E7:91:B7:70:A3:C1:D0:C0:85:6B:31"}}},"request":{"raw":"GET /sb/chat/mob/ssp/1/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hianime.to\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 22 Aug 2025 12:58:41 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 07 May 2022 03:21:31 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xBgJXdHIvRQDQr%2F%2FUiuxE6wmrXioChLOiFDdDDVtNMhJ7NnvNCbuY69OJIFN7JRD%2BO5EYwvmDJQH3hWOgVootJbKKinznxJaziePYUCWIuQ%3D\"}]}\r\nage: 663979\r\ncf-cache-status: HIT\r\netag: W/\"6275e5bb-17e\"\r\ncontent-encoding: br\r\ncf-ray: 97328b064ab996bf-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":382,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"4f5f05ab032dd8fc0db448fcf51a35e2","sha1":"78f94f93fdb792d95ea3ac293ac1b8e3bc13d609","sha256":"7fd8e9c0e5ca0c7123954a109fa8b7e8368c7e1262880925e2ac7b8c877a9e38","sha512":"66a1f6a4996b8a21631d4bbbe85654ee1a47562b478ebd97bac584e7efe9a9d431f59c52a495876295a1e59760f12adb083e299dc302bd15080e559e1adae206","ssdeep":"","tlshash":"f4e02b2052540234c3bbc19691cb6bcb6270451ad009050e641c575b1df2bb612c9e97","first_seen":"2023-05-19T20:45:50Z","last_seen":"2026-01-17T18:50:06.236167Z","times_seen":1120,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.noitatnemucod.net/avatar/100x100/mha/avatar-23.png","fqdn":"cdn.noitatnemucod.net","domain":"noitatnemucod.net","tld":"net"},"ip":{"addr":"172.67.166.106","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.038Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noitatnemucod.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 12:07:41 GMT","end":"Sat, 08 Nov 2025 13:06:14 GMT"},"fingerprint":{"sha1":"2C:99:64:84:FE:61:C5:30:BA:C0:F8:97:C8:3A:B2:06:69:04:A4:57","sha256":"C7:AA:17:DB:CD:4D:9E:83:2C:5B:9A:2A:59:65:9D:AC:24:53:E0:01:26:10:1D:95:A3:0A:CA:22:8C:8F:FC:D1"}}},"request":{"raw":"GET /avatar/100x100/mha/avatar-23.png HTTP/1.1\r\nHost: cdn.noitatnemucod.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 22 Aug 2025 12:58:39 GMT\r\ncontent-type: image/png\r\ncontent-length: 17897\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Sat, 20 Nov 2021 08:25:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6198b104-7aa2\"\r\nx-cache: HIT\r\naccept-ranges: bytes\r\nage: 3617\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=41GEoPXeUFk5On7%2BybqnPqX1Ek6Ro4BOX6akHa1tkFCRuLKPvrtEAjFDEtZKytrJdS1X8ueFXZnyL5x8mGzXm2srWQBbgodZ9SFjzWWg04MjbNKAPg%3D%3D\"}]}\r\ncf-ray: 97328afa5c13b000-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17897,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 99 x 100, 8-bit/color RGBA, interlaced","md5":"6b365cc9a19bdffd92cb6c00c734d8e3","sha1":"fdcbc88e77b67835957ad25cf9b732b90d188b31","sha256":"818690b2e79d3dce7e92b9bc86122b87655decb0d2e91fbe2ddc7a87354b8210","sha512":"b13e0e83218685be27c6c9ac2ce835be0a298c43e739d8460b3c11e2e7b37212c16f05e3dd75a99e7aee2b38829cb45df62c3cd5aba801fd918c9a6629365677","ssdeep":"384:SaVNfhpmmympr7mH7zIacAewjlqkol80nGV+hFs3ZyXb:SaVNfdyRQJQjlqf80nhhFqyXb","tlshash":"0282d031aab620c4fd737d29b8ad9796dee53280739074c71180c9e7ef1f907642262b","first_seen":"2025-04-01T11:59:41.574439Z","last_seen":"2025-10-19T16:50:44.277116Z","times_seen":5,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":53,"dns":16,"connect":12,"send":0,"wait":16,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"43:A0:95:35:FB:C7:02:15:92:9E:20:20:0D:0A:E7:8F:93:61:52:CD","sha256":"F1:59:AE:4E:F0:84:C7:D9:0F:67:4F:CB:FE:A6:ED:7D:47:17:4F:83:AA:B4:ED:FE:F5:F2:69:A8:AB:43:0E:0B"}}},"request":{"raw":"GET /s/poppins/v23/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hianime.to\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7748\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 20 Aug 2025 20:17:34 GMT\r\nexpires: Thu, 20 Aug 2026 20:17:34 GMT\r\ncache-control: public, max-age=31536000\r\nage: 146465\r\nlast-modified: Wed, 23 Apr 2025 16:07:32 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7748,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7748, version 1.0","md5":"a09f2fccfee35b7247b08a1a266f0328","sha1":"0da2d17e738f46d2a09e6fb7969da451719a9820","sha256":"cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446","sha512":"5e3f9a298003b84250ec6801e08ad2a4ff8845d4c3e13ea61bec37da24d26ede13b436257882124cc0c27e9a323ba92e7d23c6ad3f48a7b75535f5ed98813a0e","ssdeep":"96:0g6vAF/FXh6MmoI56TEwosGU/DbVF/QBT1gaHEYT6u/w3hXLbJPAS772+6haAftj:zp6x6TYpoDYBJg8TRkbJPAS/2+CzQa7","tlshash":"f3f19de65d1e5e8980f0102f6f6efce767950d88141dadf9a9e72f884c6ba1b04c90cd","first_seen":"2023-04-05T13:48:05Z","last_seen":"2026-04-03T21:31:38.517013Z","times_seen":192210,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":120,"dns":11,"connect":7,"send":0,"wait":9,"receive":1,"ssl":88},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vandalismloungenylon.com/sbar.json?key=54b536712684480f5bddc4d3fd1ac8a1\u0026abt=F-2677-8_0\u0026uuid=bba49f7d-0054-479a-b7b3-8ff11eaa5b8c%3A1%3A1","fqdn":"vandalismloungenylon.com","domain":"vandalismloungenylon.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:40.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"vandalismloungenylon.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Mon, 28 Jul 2025 18:59:15 GMT","end":"Sun, 26 Oct 2025 18:59:14 GMT"},"fingerprint":{"sha1":"59:A0:73:EC:67:E0:43:E4:69:AC:F7:4E:B9:74:23:F3:83:C6:92:68","sha256":"15:65:55:BB:83:D4:9F:D7:04:F4:99:4F:69:65:67:25:64:0B:18:B5:42:BB:38:48:62:98:4E:7C:AB:02:C2:23"}}},"request":{"raw":"GET /sbar.json?key=54b536712684480f5bddc4d3fd1ac8a1\u0026abt=F-2677-8_0\u0026uuid=bba49f7d-0054-479a-b7b3-8ff11eaa5b8c%3A1%3A1 HTTP/1.1\r\nHost: vandalismloungenylon.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hianime.to\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Fri, 22 Aug 2025 12:58:40 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://hianime.to\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=bba49f7d-0054-479a-b7b3-8ff11eaa5b8c:1:1; expires=Fri, 29 Aug 2025 12:58:40 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Sat, 23 Aug 2025 12:58:40 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Sat, 23 Aug 2025 12:58:40 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Sat, 23 Aug 2025 12:58:40 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Sat, 23 Aug 2025 12:58:40 GMT; path=/; secure; SameSite=None\nu_pl25699542=1; expires=Sat, 23 Aug 2025 12:58:40 GMT; path=/; secure; SameSite=None\nslec54b536712684480f5bddc4d3fd1ac8a1=[6116561]; expires=Fri, 22 Aug 2025 12:58:45 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 209\r\nHost: vandalismloungenylon.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a01061edfd869bf1b928c0f996e2ca07\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":6268,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"98048d31268522c4c1e493bbacbe3d01","sha1":"62ab5dc7368a9ef4fdcf2a22e27cc47120a4df43","sha256":"5107da50d70706bd5b3b5b4b1471daa404cbc1c5826ff2cebe9c1e485224f880","sha512":"050fc21c7018637bd1124169c26b385221258a3695948a4cfb4ae12f3614c12c25d4fa81095e705a12ecea427f2900db1147026637e499703a36dc2818935466","ssdeep":"96:9zV3RkbQHppMACel3ijUr9LwDa8AQRkVNtlwQvp4zD+Ryjo6:9zBvHpSACElr9Loa8nR9+4WRyj3","tlshash":"8cd18d7e027770b66997ca0035135ebabcad8c9978c01e8c8e37d66ee90d1d44d5ce3a","first_seen":"2025-08-22T12:59:04.743434Z","last_seen":"2025-08-22T12:59:04.743434Z","times_seen":1,"resource_available":false,"data":null}},"time_used":303,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":302,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-22","alert":"Sinkholed","trigger":"vandalismloungenylon.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=5c1a4625-c7b5-4c2f-8fca-697edc317d1a\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=67845425021f776b630c899590731bf0\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=12","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:40.506Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 01 Jul 2025 15:12:33 GMT","end":"Mon, 29 Sep 2025 15:12:32 GMT"},"fingerprint":{"sha1":"9E:08:20:A0:75:ED:21:51:E0:3D:DE:29:CD:B0:11:01:4D:04:77:0A","sha256":"FB:D4:A2:1D:0F:F1:FB:A8:D9:5E:88:03:1F:BB:94:D2:32:5C:CC:49:11:11:FC:04:7B:C6:43:40:CF:1E:A2:BA"}}},"request":{"raw":"GET /pxf.gif?uuid=5c1a4625-c7b5-4c2f-8fca-697edc317d1a\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=67845425021f776b630c899590731bf0\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=12 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Fri, 22 Aug 2025 12:58:40 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: e0c139032ad9a1611b96d226d687da28\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T21:31:01.969645Z","times_seen":13304312,"resource_available":true,"data":null}},"time_used":745,"timings":{"blocked":324,"dns":44,"connect":93,"send":0,"wait":95,"receive":0,"ssl":187},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:41.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"43:A0:95:35:FB:C7:02:15:92:9E:20:20:0D:0A:E7:8F:93:61:52:CD","sha256":"F1:59:AE:4E:F0:84:C7:D9:0F:67:4F:CB:FE:A6:ED:7D:47:17:4F:83:AA:B4:ED:FE:F5:F2:69:A8:AB:43:0E:0B"}}},"request":{"raw":"GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hianime.to\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 21 Aug 2025 10:09:08 GMT\r\nexpires: Fri, 21 Aug 2026 10:09:08 GMT\r\ncache-control: public, max-age=31536000\r\nage: 96573\r\nlast-modified: Thu, 29 May 2025 23:30:55 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-03T21:31:02.085282Z","times_seen":713106,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.noitatnemucod.net/avatar/100x100/zoro_normal/av-zz-01.jpeg","fqdn":"cdn.noitatnemucod.net","domain":"noitatnemucod.net","tld":"net"},"ip":{"addr":"172.67.166.106","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.036Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noitatnemucod.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 12:07:41 GMT","end":"Sat, 08 Nov 2025 13:06:14 GMT"},"fingerprint":{"sha1":"2C:99:64:84:FE:61:C5:30:BA:C0:F8:97:C8:3A:B2:06:69:04:A4:57","sha256":"C7:AA:17:DB:CD:4D:9E:83:2C:5B:9A:2A:59:65:9D:AC:24:53:E0:01:26:10:1D:95:A3:0A:CA:22:8C:8F:FC:D1"}}},"request":{"raw":"GET /avatar/100x100/zoro_normal/av-zz-01.jpeg HTTP/1.1\r\nHost: cdn.noitatnemucod.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 22 Aug 2025 12:58:39 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 12262\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 17 Jun 2021 07:49:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60cafe95-f4f4\"\r\nx-cache: HIT\r\naccept-ranges: bytes\r\nage: 2073\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=A5OMwRh24uAuJi22Avz6i4wNbz8xbBVI1RVnIBHn6OhuKsGgknFlItUXoWDmXNdVSGCObj%2FiOebQPOQBRP89AQyQ%2BxwM%2FSim2DnRBhinZg5%2BemDsIA%3D%3D\"}]}\r\ncf-ray: 97328afa5c1eb000-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12262,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100\", progressive, precision 8, 100x100, components 3","md5":"758ddd8d352ddf65cbd9be6fb951333d","sha1":"a92ae29f8d73a6efe520613823b090ff6d097364","sha256":"48c51e282636e84f1849782fb4314c2d1ec9dcce5792fd0a0dd7d31c724ae320","sha512":"e3a944779ffc3e1dd48dfb03119eb2d7be48496d612ab71b86c4e9316ff3d13febf6a011a0a120d14a265ad64e38f34f819740f15a54779c094279d787cd73e3","ssdeep":"192:tzcD4uqYCcQ+j1Z+QcDAGaDHhhzr5QgcF+6knl3ZmPsEJlUH0a0BxgVSZ:tz1QeQNG2HhhRQk6kl3LEvUH0aa3Z","tlshash":"7342be21b994df00e01b38b3aef4068db581f65e8b08f24996b57624d22f4271cbd27a","first_seen":"2023-07-08T01:34:51Z","last_seen":"2026-02-18T13:15:39.605229Z","times_seen":17,"resource_available":false,"data":null}},"time_used":78,"timings":{"blocked":58,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.noitatnemucod.net/avatar/100x100/demon_splayer/File17.jpg","fqdn":"cdn.noitatnemucod.net","domain":"noitatnemucod.net","tld":"net"},"ip":{"addr":"172.67.166.106","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noitatnemucod.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 12:07:41 GMT","end":"Sat, 08 Nov 2025 13:06:14 GMT"},"fingerprint":{"sha1":"2C:99:64:84:FE:61:C5:30:BA:C0:F8:97:C8:3A:B2:06:69:04:A4:57","sha256":"C7:AA:17:DB:CD:4D:9E:83:2C:5B:9A:2A:59:65:9D:AC:24:53:E0:01:26:10:1D:95:A3:0A:CA:22:8C:8F:FC:D1"}}},"request":{"raw":"GET /avatar/100x100/demon_splayer/File17.jpg HTTP/1.1\r\nHost: cdn.noitatnemucod.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 22 Aug 2025 12:58:39 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 9093\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 13 Oct 2022 02:09:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6347736e-5833b\"\r\nx-cache: HIT\r\naccept-ranges: bytes\r\nage: 4761\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GBGCNgN0N90XqnneVv5xgTKjdALH7BMiOPAlpA6eQLS%2BaGuxsXPZB7kwk6N2rfT7eP0zRdPeEH%2BYUAZkybUsQ6ShK3UgK%2FM4s2JbCAxy0oqiaI6%2B%2Bg%3D%3D\"}]}\r\ncf-ray: 97328afa5c17b000-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9093,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100\", progressive, precision 8, 99x100, components 3","md5":"3e758bffda868a635f7fc54f2273a179","sha1":"3635cbc83095b66c371c0f61a1056f2174e40045","sha256":"c9532d29b08d6c860a9de867c4683581a7786638f14fa4048ba7969a046abd1e","sha512":"18fc8177e389b1f66de33c8cd87d35f3979b8ded6ff3fae638195d185fcd0d21ea494ed71545a96d2d1d7d302c65a0c3725b41b2a940fab2039364df3efbb7a9","ssdeep":"192:2YeQqdI6I4Y6vgpsldkXVgMJOIjNuWs16UL1Sj8sD:Nn6I2fdkXVgMJOII/LdsD","tlshash":"e212a006e7862f06ec6e6b3d69b445e89f2e3d0965caf35b5480ba90c1316878df0778","first_seen":"2023-07-14T04:00:30Z","last_seen":"2026-03-20T12:42:12.972931Z","times_seen":10,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":57,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.noitatnemucod.net/avatar/100x100/attack_on_titan/aot_06.png","fqdn":"cdn.noitatnemucod.net","domain":"noitatnemucod.net","tld":"net"},"ip":{"addr":"172.67.166.106","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.037Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noitatnemucod.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 12:07:41 GMT","end":"Sat, 08 Nov 2025 13:06:14 GMT"},"fingerprint":{"sha1":"2C:99:64:84:FE:61:C5:30:BA:C0:F8:97:C8:3A:B2:06:69:04:A4:57","sha256":"C7:AA:17:DB:CD:4D:9E:83:2C:5B:9A:2A:59:65:9D:AC:24:53:E0:01:26:10:1D:95:A3:0A:CA:22:8C:8F:FC:D1"}}},"request":{"raw":"GET /avatar/100x100/attack_on_titan/aot_06.png HTTP/1.1\r\nHost: cdn.noitatnemucod.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 22 Aug 2025 12:58:39 GMT\r\ncontent-type: image/png\r\ncontent-length: 13430\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 21 Apr 2025 13:43:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68064b98-186be\"\r\nx-cache: HIT\r\naccept-ranges: bytes\r\nage: 2692\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FNHkFcsdxYEaOvElNjqEazL6skLhkQjifKyhtCCOY9I0lpNgy8XVCXrG3wHxqQHGOReHgbS02ytyjrKzBNs%2Fc%2FI7joYnpFcLNYYkWvW%2Fgl69AIY%2BqA%3D%3D\"}]}\r\ncf-ray: 97328afa5c18b000-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13430,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, interlaced","md5":"8c09c0e0f250bcc298e648330146147a","sha1":"0d8d13295ab799e5a8ce51af64700ad17a114745","sha256":"9f9873ebbe783b31076d7c3712f0f39e9e4ecbf56e73f29586904201f6450ab4","sha512":"f5d17047452d73c6547c0a6f0f5feea0ee494ed22906406351d674666194cf59e220952cb2a08dbbca3c690031de53cc080751d8de9dd854b292081d3ace0891","ssdeep":"384:c0raUi6nB1R0rKPV+1UjgBuUE3ujmaLJQtvpIYzIwj:WcBgraV+8UeuCCWt5zX","tlshash":"4a52c045c8a44fde07e201d44d6cf6752728dd2c69ee82ae48c92fc1879ac2c7204e9e","first_seen":"2025-08-02T22:38:36.691476Z","last_seen":"2025-08-22T12:59:04.747447Z","times_seen":3,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":55,"dns":0,"connect":0,"send":0,"wait":13,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"use.fontawesome.com/releases/v5.3.1/css/all.css","fqdn":"use.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"172.67.142.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"use.fontawesome.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 02 Jul 2025 01:25:22 GMT","end":"Tue, 30 Sep 2025 02:25:16 GMT"},"fingerprint":{"sha1":"DA:FB:BC:1A:2B:40:16:07:27:DC:AC:27:1C:83:0A:53:D4:C7:76:89","sha256":"9D:29:3F:F4:AE:5F:81:A2:AC:DA:2A:E5:E7:B6:28:70:ED:CA:69:A2:02:75:E1:B5:87:B8:5B:08:2B:9B:62:7E"}}},"request":{"raw":"GET /releases/v5.3.1/css/all.css HTTP/1.1\r\nHost: use.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 22 Aug 2025 12:58:39 GMT\r\ncontent-type: text/css\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GuO4fZUW%2FFjAFwLCFiuyV9e0QutgJhS412bUfNX4vMvofvrgYAGE9%2BMZ%2BT5fpACb%2BIYJJCZjaqy7ZXe1ZXIw4gZySN9NmwYEy1%2BD0IVDaXHPs98%3D\"}]}\r\ncf-cache-status: HIT\r\nage: 1500759\r\ncache-control: max-age=31556926\r\nserver: cloudflare\r\nlast-modified: Fri, 22 Sep 2023 01:45:29 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: W/\"10519cfd3206802f58315b877a9beab5\"\r\ncontent-encoding: br\r\ncf-ray: 97328afa4816c6d9-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48649,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (48464)","md5":"10519cfd3206802f58315b877a9beab5","sha1":"03232d7095b4a14b88810a0ffe76ae50726c23c6","sha256":"604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9","sha512":"2ae948d29b2e2502bc50ca4e7a230b0d726d18e644066f1164d4f20411c85aaa17a0f305730f8be40128d18329b16f017e2b96add0f5ac7e86586810045e7d2e","ssdeep":"768:bTa31Ezd2Q6tXU2Wf9kHt/CMzj3RCgwSxS8/h:bTrzdb6tXQl2sgQZSzZ","tlshash":"2c230bb8e54c41d5a731c04fff82b2b861baf73ce5854d95f00e691c2ad26a811c5fba","first_seen":"2023-04-05T10:34:03Z","last_seen":"2026-04-03T20:18:31.261447Z","times_seen":4871,"resource_available":false,"data":null}},"time_used":138,"timings":{"blocked":50,"dns":1,"connect":11,"send":0,"wait":15,"receive":0,"ssl":50},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=5c1a4625-c7b5-4c2f-8fca-697edc317d1a\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=54b536712684480f5bddc4d3fd1ac8a1\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=12","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:40.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 01 Jul 2025 15:12:33 GMT","end":"Mon, 29 Sep 2025 15:12:32 GMT"},"fingerprint":{"sha1":"9E:08:20:A0:75:ED:21:51:E0:3D:DE:29:CD:B0:11:01:4D:04:77:0A","sha256":"FB:D4:A2:1D:0F:F1:FB:A8:D9:5E:88:03:1F:BB:94:D2:32:5C:CC:49:11:11:FC:04:7B:C6:43:40:CF:1E:A2:BA"}}},"request":{"raw":"GET /pxf.gif?uuid=5c1a4625-c7b5-4c2f-8fca-697edc317d1a\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=54b536712684480f5bddc4d3fd1ac8a1\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=12 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Fri, 22 Aug 2025 12:58:40 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: fd2d4aeb59a27b42b7947cbdde4c7443\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T21:31:01.969645Z","times_seen":13304312,"resource_available":true,"data":null}},"time_used":749,"timings":{"blocked":325,"dns":43,"connect":93,"send":0,"wait":96,"receive":0,"ssl":187},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vandalismloungenylon.com/ren.gif?sid=H4sIAAAAAAAC_1RSz2skRRSuzu5tBfEHKwjCHBZRcCbd0z2_dg_BuGYJZpOwG8lBFq3q6p6Uqe5qq7qnJ3MKBiUXYQQPeut8k2zWuIj7Bwg68RYQdoSFCJvLgn-Awp5lJgPRB_3e1_VVFd_7Xn25l50RFxk9Xb2tekJKOlur2KW31kXMVW5Ky2slx67YN0rrIq57N0rdcdKd647rVey3S7cCf1PNVm3Hth3bKS0IHYSqOzthIZKHLafSsiteteLUPHT1__9NZsFQC7xzRl6G4KMXn4UfQfhDxNFPNwOzmarknfejTNJUaXT44YfxZqzyGNEFDLWFMD6c7oYyI0K-nYGKD6cdQHX2xx2AiRGZufoULD6cygTrHJwrZRJBDMavIO8MEcghBB3CVzsQ_DEBfI7lFcTR_WWlc7p1ztIxOyKXn_8DkY_I5aevIo5-nJeiW7qrZJYKFRt0wwKiO4RoD5Fkx0h7MxD5Mfz0cwj-O5l9voQ42l8xUkHw02uMUa8VNnjZtmte2Wu0aJk1mFtuhqHjBJTWWNOfWCTCIaixkI0_YSELLWSJhYifljy76fkOdethi_sN26OexwNmt5pV26Ytv4HMH2vvI0368GUfvt5GorexKfrQ2S8wGwUMt2BSgg4vkAcEuSHIKUEuCPKUIO8UB1yaqinuc2ky5kxrdVrdYqDS9h49UGk7iAmo7kPzYl8kn5kd-OmlQS80fKDGibL0aKFcrTca5ebH9oAyXuwlZ-SlscHW7rUn2AxOSzWP1dx6w6nWm57XtMMa49z3uBtyh_pN6sCIAsLMTGzpiRG5deVXJGJE3rz3Jxg9hpFD-OIqaPYGaF6AbhToxUcbgsYiCiqpAlcFkvQy0i1rT56R1ycDvrf2GIF_MvdXOAn4ukCiC3wqfiNoy93BHZWT_TsqN-TRSpKKSPToePh3U5oGl44-CLZypfniTdP__l1_TIzhw7XApEs05iJuG_LDvOA80AtK-wH5edGsB2w1MxvzmY6zZGn1vYXFKNGBMULFQ1AxItbfGr4YkVe-e23ysL0nzyD0EDorEGUnZBrwk22Y5EK7UQRaXvAssZBnxUBX2cWiFCNy-5sHkMHJXPHFo6-uf_ICKCtggv8cvMADTcc3UFHsmV20tQWa7iCOCnR0gY4sQGUfJrs0SBN9MveHOwkwaQ2Y1NY-k1p-fW6zEaelWpW59WazHoR1Hrrcrbq8VbODlkdbda_l1ZCa0cYDsf1vAAAA__9UCKGQugQAAA==","fqdn":"vandalismloungenylon.com","domain":"vandalismloungenylon.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:40.616Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"vandalismloungenylon.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Mon, 28 Jul 2025 18:59:15 GMT","end":"Sun, 26 Oct 2025 18:59:14 GMT"},"fingerprint":{"sha1":"59:A0:73:EC:67:E0:43:E4:69:AC:F7:4E:B9:74:23:F3:83:C6:92:68","sha256":"15:65:55:BB:83:D4:9F:D7:04:F4:99:4F:69:65:67:25:64:0B:18:B5:42:BB:38:48:62:98:4E:7C:AB:02:C2:23"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSz2skRRSuzu5tBfEHKwjCHBZRcCbd0z2_dg_BuGYJZpOwG8lBFq3q6p6Uqe5qq7qnJ3MKBiUXYQQPeut8k2zWuIj7Bwg68RYQdoSFCJvLgn-Awp5lJgPRB_3e1_VVFd_7Xn25l50RFxk9Xb2tekJKOlur2KW31kXMVW5Ky2slx67YN0rrIq57N0rdcdKd647rVey3S7cCf1PNVm3Hth3bKS0IHYSqOzthIZKHLafSsiteteLUPHT1__9NZsFQC7xzRl6G4KMXn4UfQfhDxNFPNwOzmarknfejTNJUaXT44YfxZqzyGNEFDLWFMD6c7oYyI0K-nYGKD6cdQHX2xx2AiRGZufoULD6cygTrHJwrZRJBDMavIO8MEcghBB3CVzsQ_DEBfI7lFcTR_WWlc7p1ztIxOyKXn_8DkY_I5aevIo5-nJeiW7qrZJYKFRt0wwKiO4RoD5Fkx0h7MxD5Mfz0cwj-O5l9voQ42l8xUkHw02uMUa8VNnjZtmte2Wu0aJk1mFtuhqHjBJTWWNOfWCTCIaixkI0_YSELLWSJhYifljy76fkOdethi_sN26OexwNmt5pV26Ytv4HMH2vvI0368GUfvt5GorexKfrQ2S8wGwUMt2BSgg4vkAcEuSHIKUEuCPKUIO8UB1yaqinuc2ky5kxrdVrdYqDS9h49UGk7iAmo7kPzYl8kn5kd-OmlQS80fKDGibL0aKFcrTca5ebH9oAyXuwlZ-SlscHW7rUn2AxOSzWP1dx6w6nWm57XtMMa49z3uBtyh_pN6sCIAsLMTGzpiRG5deVXJGJE3rz3Jxg9hpFD-OIqaPYGaF6AbhToxUcbgsYiCiqpAlcFkvQy0i1rT56R1ycDvrf2GIF_MvdXOAn4ukCiC3wqfiNoy93BHZWT_TsqN-TRSpKKSPToePh3U5oGl44-CLZypfniTdP__l1_TIzhw7XApEs05iJuG_LDvOA80AtK-wH5edGsB2w1MxvzmY6zZGn1vYXFKNGBMULFQ1AxItbfGr4YkVe-e23ysL0nzyD0EDorEGUnZBrwk22Y5EK7UQRaXvAssZBnxUBX2cWiFCNy-5sHkMHJXPHFo6-uf_ICKCtggv8cvMADTcc3UFHsmV20tQWa7iCOCnR0gY4sQGUfJrs0SBN9MveHOwkwaQ2Y1NY-k1p-fW6zEaelWpW59WazHoR1Hrrcrbq8VbODlkdbda_l1ZCa0cYDsf1vAAAA__9UCKGQugQAAA== HTTP/1.1\r\nHost: vandalismloungenylon.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nCookie: uid_id2=bba49f7d-0054-479a-b7b3-8ff11eaa5b8c:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl25699542=1; slec54b536712684480f5bddc4d3fd1ac8a1=[6116561]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Fri, 22 Aug 2025 12:58:40 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: vandalismloungenylon.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 98f16d241e3eb74b6622cec43f689b09\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T21:31:01.969645Z","times_seen":13304312,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-22","alert":"Sinkholed","trigger":"vandalismloungenylon.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css\u0026l=4617\u0026fd=61","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:40.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Jun 2025 22:21:33 GMT","end":"Fri, 26 Sep 2025 22:21:32 GMT"},"fingerprint":{"sha1":"4A:6A:48:C8:5B:C5:2B:2E:9C:03:AF:BF:4C:E6:10:23:E2:7B:EA:97","sha256":"A8:42:B5:4A:20:C8:13:EF:B5:90:0F:54:37:F7:05:60:8D:91:07:E3:A4:0F:7A:22:C9:AF:F1:F5:22:E8:68:C9"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css\u0026l=4617\u0026fd=61 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Fri, 22 Aug 2025 12:58:40 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T21:31:01.969645Z","times_seen":13304312,"resource_available":true,"data":null}},"time_used":110,"timings":{"blocked":7,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hianime.to/images/level-a-4.png","fqdn":"hianime.to","domain":"hianime.to","tld":"to"},"ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hianime.to/","date":"2025-08-22T12:58:39.571Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hianime.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 09 Aug 2025 15:14:50 GMT","end":"Fri, 07 Nov 2025 16:13:26 GMT"},"fingerprint":{"sha1":"DC:A8:7E:36:7D:7E:50:EA:F4:A7:BF:44:C8:B0:0E:66:93:41:62:EA","sha256":"00:F0:AD:9A:D1:77:78:80:8B:E2:66:30:F9:CF:C4:AB:13:35:72:19:FC:C4:78:BE:82:E2:BE:20:0F:FA:59:3F"}}},"request":{"raw":"GET /images/level-a-4.png HTTP/1.1\r\nHost: hianime.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hianime.to/css/home.css?v=0.9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 22 Aug 2025 12:58:39 GMT\r\ncontent-type: image/png\r\ncontent-length: 4019\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-dns-prefetch-control: on\r\nexpect-ct: max-age=0\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff, nosniff\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0, 1; mode=block\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000\r\nlast-modified: Sun, 25 Feb 2024 16:11:19 GMT\r\netag: W/\"fb3-18de108fd8b\"\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mbiUfr0yvmirg9ohX8oovTdnkTzS%2Bretqzlg8gu7fcvZO4wAQxu%2BqMPKWyrI%2BET3Z%2BjhJTWCi3CE4WURFLAf7G60JcGtqI04pkc%3D\"}]}\r\ncf-ray: 97328afd4c465fc4-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4019,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"fe1ea733294942fe0bb3fd1596a0d3be","sha1":"1956b8f46a43926e4fec41b18be2c0f757f6d139","sha256":"e1f9910b0e0aeb0ce0e8e44eacb073b26cb18c32ab183b94f53100cac1410a84","sha512":"14498b665ab6ecbbb84b4479367b19f57bc64615dcd4f2d55bfef92a03771ad0da80f5dc6763c7d9c3500d6b3187be24f15470e3977f0d567f73f3a6b3677788","ssdeep":"","tlshash":"b5817dc9ba091590611deb9525ee032a0a7210e1c8d0a0d9adcf0aa369b13794124efb","first_seen":"2023-05-24T18:55:11Z","last_seen":"2026-03-24T22:42:26.800144Z","times_seen":84,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":92,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}