kimcartoon.li/Cartoon/Daria-Version-2/Season-1-Episode-1-Esteemers?id=74420
301 Moved Permanently 0 B URL HTTP/1.1 kimcartoon.li/Cartoon/Daria-Version-2/Season-1-Episode-1-Esteemers?id=74420
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Cartoon/Daria-Version-2/Season-1-Episode-1-Esteemers?id=74420 HTTP/1.1
Host: kimcartoon.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 29 Jan 2023 07:35:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 29 Jan 2023 08:35:12 GMT
Location: https://kimcartoon.li/Cartoon/Daria-Version-2/Season-1-Episode-1-Esteemers?id=74420
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSDnejh9ACqpd8teVnwPnydirQU6CX%2FFFD4JbX2OnTBc%2B03SBDtjCPYNvnVo1rXhkKpNP7WzYS3x1OBOvWEfYNF%2FgPqEvTyYghP7ZqAW9Kp9bAXyoZFx42tF6%2FTzln0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79104a2deead0b4d-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5409
Expires: Sun, 29 Jan 2023 09:05:21 GMT
Date: Sun, 29 Jan 2023 07:35:12 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7492
Expires: Sun, 29 Jan 2023 09:40:04 GMT
Date: Sun, 29 Jan 2023 07:35:12 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11105
Expires: Sun, 29 Jan 2023 10:40:17 GMT
Date: Sun, 29 Jan 2023 07:35:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 06:43:08 GMT
content-type: application/json
age: 3124
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: y+wHS2sp14rfpGABosHgi9hpiDvLZ0OhbUClQsuw2PzzlmT6eLc4kKGWO1y5p+vHWew62a6Mlsc=
x-amz-request-id: SR2FAPK4C3E44X2B
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 06:50:13 GMT
age: 2699
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 6afb65da6ea791962aa37d015172cc6a
3281131c19dcd5b0e0b32527dcc35c68d58ec7bb
c2cacdf4e417a178fdca74a7ea95542f2373622f6cf18df095f13b0427fb3c13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3249
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:12 GMT
Etag: "63d43b82-117"
Last-Modified: Sun, 29 Jan 2023 06:41:04 GMT
Server: ECS (amb/6BC2)
X-Cache: HIT
Content-Length: 279
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 07:35:12 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 06:41:41 GMT
age: 3212
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6319
Expires: Sun, 29 Jan 2023 09:20:32 GMT
Date: Sun, 29 Jan 2023 07:35:13 GMT
Connection: keep-alive
kimcartoon.li/Content/images/adb.png
200 OK 6.6 kB URL HTTP/2 kimcartoon.li/Content/images/adb.png
IP
File type PNG image data, 126 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 3006c4e4951895028b25c6ae7068b142
35e9d1c0cf53568a613166e4af699b880ce96cc4
1bc0a5b35eabe7e056ae4f57e798c92415310942a93deb703f6e985cea44792f
GET /Content/images/adb.png HTTP/1.1
Host: kimcartoon.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/Cartoon/Daria-Version-2/Season-1-Episode-1-Esteemers?id=74420
Cookie: ASP.NET_SessionId=g2zrp1gd5duqn0u3cipbzlbf; k_token=eNgwOUqpuJyZILUOWxqNsde%2bc%2fPvLR1U3vN7ozFIoX1XgwaXEIEpaLZVdnLWDWOqTOGlp1ry5V8He5TFUmMk6bcPoTU3Uah%2fnswVyFEj2JiQDKgcNuItmEduE%2f6u9RYwo7W%2buCku85XW%2bt2Xs64SSFtAnghr0kYXhDETQS8Pu0w%3d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:13 GMT
content-type: image/png
content-length: 6568
last-modified: Thu, 18 Apr 2019 02:46:52 GMT
etag: "076ffa90f5d41:0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 958
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0scip1H5p2C6b3pWzdcHMtlusDwn5nH0g8ppKD0K%2BcSsrMCCsaMsw9NY6vmVg%2Ffpz6Jo4Pzha%2FJLKXq4B3FuyyW8p3nCkNv9TbCZ3%2BDcqQ%2FWFNMWm%2FA3aTH5z%2BDQKM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a3469b1b4fd-OSL
X-Firefox-Spdy: h2
kimcartoon.li/Content/images/read.png
200 OK 4.2 kB URL HTTP/2 kimcartoon.li/Content/images/read.png
IP
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash a852c6621f4c24da47e0d5873bec25cb
bc085d68ab075436e504b023bf49ad21497cd7ee
92e3577523bda5413fa3d9b324eef4248416f70f95cfac5090ede23969ed9f05
GET /Content/images/read.png HTTP/1.1
Host: kimcartoon.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/Cartoon/Daria-Version-2/Season-1-Episode-1-Esteemers?id=74420
Cookie: ASP.NET_SessionId=g2zrp1gd5duqn0u3cipbzlbf; k_token=eNgwOUqpuJyZILUOWxqNsde%2bc%2fPvLR1U3vN7ozFIoX1XgwaXEIEpaLZVdnLWDWOqTOGlp1ry5V8He5TFUmMk6bcPoTU3Uah%2fnswVyFEj2JiQDKgcNuItmEduE%2f6u9RYwo7W%2buCku85XW%2bt2Xs64SSFtAnghr0kYXhDETQS8Pu0w%3d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:13 GMT
content-type: image/png
content-length: 4224
last-modified: Thu, 12 Mar 2015 15:28:19 GMT
etag: "502ee02ad95cd01:0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 958
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DL%2BJpWqPFGsp9rWJ9at2BdHIiJYzIr4orRqYNY1KJq1i%2FTfa7LHz7bZixcl8ZwJqmOKf0vX0CDssjdz97cTaQwTGvBgiCdc4%2BEM2rV%2FEsXaP0MuFJf%2ByF06X%2Fma8fik%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a3479bcb4fd-OSL
X-Firefox-Spdy: h2
kimcartoon.li/Content/images/user-small.png
200 OK 3.5 kB URL HTTP/2 kimcartoon.li/Content/images/user-small.png
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 06f587f4626e1e5670e9ad945ccbe7e0
6fefc83c36069f0260ae7deef360972b473c8887
d660eab52c2636d2de2a42173f071af45892b035a5fe65a0b4691b84d8a55495
GET /Content/images/user-small.png HTTP/1.1
Host: kimcartoon.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/Cartoon/Daria-Version-2/Season-1-Episode-1-Esteemers?id=74420
Cookie: ASP.NET_SessionId=g2zrp1gd5duqn0u3cipbzlbf; k_token=eNgwOUqpuJyZILUOWxqNsde%2bc%2fPvLR1U3vN7ozFIoX1XgwaXEIEpaLZVdnLWDWOqTOGlp1ry5V8He5TFUmMk6bcPoTU3Uah%2fnswVyFEj2JiQDKgcNuItmEduE%2f6u9RYwo7W%2buCku85XW%2bt2Xs64SSFtAnghr0kYXhDETQS8Pu0w%3d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:13 GMT
content-type: image/png
content-length: 3542
last-modified: Thu, 12 Mar 2015 15:26:43 GMT
etag: "b08fc1f1d85cd01:0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 958
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ceDl5zM4fYRIAkZ%2Bewl5Yv9p37ZWv9p4FWp658pG2BNehYGjwR68Eu2FK%2Bi4kk2A6YKunpa3AJ%2FgJCjC455qEmZ7RghYFlgs9MOMgHQ2EEyo2ioVg1nJoXUmLkIpbQQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a3479bbb4fd-OSL
X-Firefox-Spdy: h2
kimcartoon.li/Content/images/next.png
200 OK 3.6 kB URL HTTP/2 kimcartoon.li/Content/images/next.png
IP
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 75ca4741bf93724b212cd865e647b4ba
70afb01cfe1704cc25355ca96cf83326dc46d716
5a68c044354e18b0d36c6783c73776df4b405952f8112ddda2cfb441008d35f2
GET /Content/images/next.png HTTP/1.1
Host: kimcartoon.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/Cartoon/Daria-Version-2/Season-1-Episode-1-Esteemers?id=74420
Cookie: ASP.NET_SessionId=g2zrp1gd5duqn0u3cipbzlbf; k_token=eNgwOUqpuJyZILUOWxqNsde%2bc%2fPvLR1U3vN7ozFIoX1XgwaXEIEpaLZVdnLWDWOqTOGlp1ry5V8He5TFUmMk6bcPoTU3Uah%2fnswVyFEj2JiQDKgcNuItmEduE%2f6u9RYwo7W%2buCku85XW%2bt2Xs64SSFtAnghr0kYXhDETQS8Pu0w%3d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:13 GMT
content-type: image/png
content-length: 3615
last-modified: Thu, 12 Mar 2015 15:28:18 GMT
etag: "30e99f2ad95cd01:0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3614
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=leEge26FpHbEAbeVTuhguJUNuk45Dda6Huq01MVLSTiLlZqNy3Aci51UPg0OVRAGTyQsG4PBBZI%2FJXdIHTf3MAmC%2BFtKNYX2cJaJ%2B%2F4QIDVwaQRzSsf9Rib5cusTyxk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a3479bdb4fd-OSL
X-Firefox-Spdy: h2
code.jquery.com/jquery-1.7.min.js
200 OK 33 kB URL HTTP/2 code.jquery.com/jquery-1.7.min.js
IP
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 252414e4e6d318c579e9c1221f0e818d
9f8c9f042732ecf4ebb9a16cf141ce9af983e2e1
740b6c679f0d1e9b684a6f27877415999d332b5be6e82b0afa038ba5a9458851
GET /jquery-1.7.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:13 GMT
content-encoding: gzip
content-length: 33254
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-16f44"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1674977713.dop069.sk1.t,1674977713.cds210.sk1.hn,1674977713.cds237.sk1.c
X-Firefox-Spdy: h2
kimcartoon.li/Scripts/jquery.allofthelights-min.js?v=4
200 OK 2.4 kB URL HTTP/2 kimcartoon.li/Scripts/jquery.allofthelights-min.js?v=4
IP
File type HTML document, ASCII text, with very long lines (5272), with CRLF, LF line terminators
Hash 149884dbf6c223cd4bf281f91fb8a503
156604630ccbb1564072701124adb0b801900d7b
500c45edb71090f2113f5527a65a82bf6df060d21693a5bd6607fb95e007b76f
GET /Scripts/jquery.allofthelights-min.js?v=4 HTTP/1.1
Host: kimcartoon.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/Cartoon/Daria-Version-2/Season-1-Episode-1-Esteemers?id=74420
Cookie: ASP.NET_SessionId=g2zrp1gd5duqn0u3cipbzlbf; k_token=eNgwOUqpuJyZILUOWxqNsde%2bc%2fPvLR1U3vN7ozFIoX1XgwaXEIEpaLZVdnLWDWOqTOGlp1ry5V8He5TFUmMk6bcPoTU3Uah%2fnswVyFEj2JiQDKgcNuItmEduE%2f6u9RYwo7W%2buCku85XW%2bt2Xs64SSFtAnghr0kYXhDETQS8Pu0w%3d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:13 GMT
content-type: application/javascript
last-modified: Wed, 15 Mar 2017 10:14:29 GMT
etag: W/"904af0ee749dd21:0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5065
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46ftI6b38etpMuFYx%2BwbOXqyg4zU%2FyKTXezJZUi78Vk%2BzrZtqybTlZCRIP9LbH9tRi%2FCpwwZufM5uobZ8MGCl1Vyb%2FCJprlcevCzbTOHujYjv5Pm0waHyaOwC4iCfDg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a3459a2b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
kimcartoon.li/Scripts/common.js?v=1
200 OK 18 kB URL HTTP/2 kimcartoon.li/Scripts/common.js?v=1
IP
File type ASCII text, with very long lines (929)
Hash 09b6f742064fbab9963c00152b6407ef
7bfe738fde64eacae7579052f2dca69cf52b542a
17a0f26b7abeebc2c69d7468c365c015e4dc26f38c87b4b5901639e98c3bc53e
GET /Scripts/common.js?v=1 HTTP/1.1
Host: kimcartoon.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/Cartoon/Daria-Version-2/Season-1-Episode-1-Esteemers?id=74420
Cookie: ASP.NET_SessionId=g2zrp1gd5duqn0u3cipbzlbf; k_token=eNgwOUqpuJyZILUOWxqNsde%2bc%2fPvLR1U3vN7ozFIoX1XgwaXEIEpaLZVdnLWDWOqTOGlp1ry5V8He5TFUmMk6bcPoTU3Uah%2fnswVyFEj2JiQDKgcNuItmEduE%2f6u9RYwo7W%2buCku85XW%2bt2Xs64SSFtAnghr0kYXhDETQS8Pu0w%3d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:13 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=2396
etag: W/"509b5bbdf79dd21:0"
last-modified: Thu, 16 Mar 2017 01:50:50 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 173
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IRQ0uI3qr0LpwPitDDZYO5wEcwkQxRY%2F9P4pKJeSTo32ErW5Pj4AHHdYaqz3naSH24c91hjj9WLU7hIPyS7dV4LlmpSxcp1%2B7YQwgUr%2FoiAHU31QWjmA0AhUuiyTSFc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a34599bb4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
kimcartoon.li/Content/images/body_bg.gif
200 OK 11 kB URL HTTP/2 kimcartoon.li/Content/images/body_bg.gif
IP
File type GIF image data, version 89a, 160 x 152\012- data
Hash 4a57be689c5606084384fa4e4146f1d1
234c8c86ad8509e5b717a64ad8978ff428b20077
07b968f6566378b91936898db46bf0c5024513658194a8f66aa4847fd9840b3d
GET /Content/images/body_bg.gif HTTP/1.1
Host: kimcartoon.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
Cookie: ASP.NET_SessionId=g2zrp1gd5duqn0u3cipbzlbf; k_token=eNgwOUqpuJyZILUOWxqNsde%2bc%2fPvLR1U3vN7ozFIoX1XgwaXEIEpaLZVdnLWDWOqTOGlp1ry5V8He5TFUmMk6bcPoTU3Uah%2fnswVyFEj2JiQDKgcNuItmEduE%2f6u9RYwo7W%2buCku85XW%2bt2Xs64SSFtAnghr0kYXhDETQS8Pu0w%3d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:13 GMT
content-type: image/gif
content-length: 11287
last-modified: Fri, 24 Mar 2017 02:58:47 GMT
etag: "808d5a8e4aa4d21:0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 173
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l68%2BMvK7STMdBddUwpWCY%2F4HDRMs91tYJldBpz1aefOL7%2Fm8kXqK37fxJ8HkCBnumzgf3mCfHh2k2safzoPzyGImbMF0UMZ4a%2B4MI2UYxjVb9lAnrGj42YPET4zJh0Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a351a47b4fd-OSL
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-X04565JYJY
200 OK 68 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-X04565JYJY
IP
File type ASCII text, with very long lines (6356)
Hash 9448ac84d0536a0422b15a80b7c67f73
7c4f3f481113629559434b29cc87f720f19b4deb
faa077f3d5f94ef8f3f25727d0f23849b06d724283060977f08f6df6afdea121
GET /gtag/js?id=G-X04565JYJY HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 07:35:13 GMT
expires: Sun, 29 Jan 2023 07:35:13 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 67975
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5ecf0df4dfa6d2b5e0972a138b700aff
b90a852224bd65e05f43c24124eaaf6f81daeee7
37e0418ef4577051e8bb0a190a3f1c15fb201f07ed20aa565991bc08c570ed06
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "37E0418EF4577051E8BB0A190A3F1C15FB201F07ED20AA565991BC08C570ED06"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16151
Expires: Sun, 29 Jan 2023 12:04:24 GMT
Date: Sun, 29 Jan 2023 07:35:13 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rRJhfudYmTzyNA2hp7OYZg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PYYxTyHl++jiHyPXsZebDU0MsZQ=
ky.enactsbasiate.com/r63c19322a85e563c19322a85e6/10790
200 OK 25 B URL HTTP/1.1 ky.enactsbasiate.com/r63c19322a85e563c19322a85e6/10790
IP
File type ASCII text, with no line terminators
Hash 2339750dbbbcbd8fe83612a65b72e03d
672074d493c051cffcc96bce7d15f77ec6ef1889
1fa220e7725025343d910d83e9f0e663b82419a3422e5465dc73c092b0853ccd
GET /r63c19322a85e563c19322a85e6/10790 HTTP/1.1
Host: ky.enactsbasiate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 07:35:13 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://kimcartoon.li
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Mon, 30-Jan-2023 07:35:13 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Mon, 30-Jan-2023 07:35:13 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
kimcartoon.li/Content/images/search.png
200 OK 2.5 kB URL HTTP/2 kimcartoon.li/Content/images/search.png
IP
File type PNG image data, 90 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 69569f9472150c03c285ad6a460a1d51
9d72265b9512bab1db1d1ace9ca72182d677d675
872ef2eb7e062c1cea3fb5e7a4c1e5553818d68fc2d0b476c3af20baae42df89
GET /Content/images/search.png HTTP/1.1
Host: kimcartoon.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/Cartoon/Daria-Version-2/Season-1-Episode-1-Esteemers?id=74420
Cookie: ASP.NET_SessionId=g2zrp1gd5duqn0u3cipbzlbf; k_token=eNgwOUqpuJyZILUOWxqNsde%2bc%2fPvLR1U3vN7ozFIoX1XgwaXEIEpaLZVdnLWDWOqTOGlp1ry5V8He5TFUmMk6bcPoTU3Uah%2fnswVyFEj2JiQDKgcNuItmEduE%2f6u9RYwo7W%2buCku85XW%2bt2Xs64SSFtAnghr0kYXhDETQS8Pu0w%3d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:13 GMT
content-type: image/png
content-length: 2539
last-modified: Thu, 12 Mar 2015 15:28:17 GMT
etag: "50b5e2ad95cd01:0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 172
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8km22ImwXL5HQlqHEPOJIfkss3sCRQBfozzm5lXpBdGG%2Fge%2Fxk4aGtr7Vkw56ClBId%2BnYAUH1jqFqvEfDUlfVRle6tvKp5xqhi2m1NFOB%2Bl7n%2F5Su8jcbFvHXl41Qo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a373bdcb4fd-OSL
X-Firefox-Spdy: h2
kimcartoon.li/Content/images/logo.png?v=4
200 OK 21 kB URL HTTP/2 kimcartoon.li/Content/images/logo.png?v=4
IP
File type PNG image data, 300 x 110, 8-bit/color RGBA, non-interlaced\012- data
Hash be0695e5db9e2a7647d96127ceadbab1
aaf1fa2ecc4377231e1886c3b3e865274b807247
e11e5b545c945273300b9eea5835e2735eb06781ee9e879f90dd8ed9522052c8
GET /Content/images/logo.png?v=4 HTTP/1.1
Host: kimcartoon.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
Cookie: ASP.NET_SessionId=g2zrp1gd5duqn0u3cipbzlbf; k_token=eNgwOUqpuJyZILUOWxqNsde%2bc%2fPvLR1U3vN7ozFIoX1XgwaXEIEpaLZVdnLWDWOqTOGlp1ry5V8He5TFUmMk6bcPoTU3Uah%2fnswVyFEj2JiQDKgcNuItmEduE%2f6u9RYwo7W%2buCku85XW%2bt2Xs64SSFtAnghr0kYXhDETQS8Pu0w%3d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:13 GMT
content-type: image/png
content-length: 20997
last-modified: Mon, 29 Jan 2018 01:16:36 GMT
etag: "07276ce9e98d31:0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 173
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2x8h5CwtwIjaUdUp3aPrnskdDSZyGiEvkrYTSAiXgybjTO9nWTub1WrBkcnBRvXbMjC2r1IVEikNVoRxcFc7MF91Jv52owzZ1FcuOhKop1nmCR%2BqCLJvgW1T5ppoYh4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a374bf9b4fd-OSL
X-Firefox-Spdy: h2
kimcartoon.li/Content/images/tpl_input_bg.gif
200 OK 3.5 kB URL HTTP/2 kimcartoon.li/Content/images/tpl_input_bg.gif
IP
File type GIF image data, version 89a, 300 x 20\012- data
Hash fab26801ea77c5ba5352192947077418
1b0a4b3c8d1c838856d7df7f623893256fbcc9c9
ba233b29c19c0e9fc90d01b572c05cbc0844ba9595eca12d66f704ffbfa13424
GET /Content/images/tpl_input_bg.gif HTTP/1.1
Host: kimcartoon.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
Cookie: ASP.NET_SessionId=g2zrp1gd5duqn0u3cipbzlbf; k_token=eNgwOUqpuJyZILUOWxqNsde%2bc%2fPvLR1U3vN7ozFIoX1XgwaXEIEpaLZVdnLWDWOqTOGlp1ry5V8He5TFUmMk6bcPoTU3Uah%2fnswVyFEj2JiQDKgcNuItmEduE%2f6u9RYwo7W%2buCku85XW%2bt2Xs64SSFtAnghr0kYXhDETQS8Pu0w%3d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:13 GMT
content-type: image/gif
content-length: 3451
last-modified: Thu, 12 Mar 2015 15:26:43 GMT
etag: "10f1c3f1d85cd01:0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 173
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNmsmwr6JBuUq5KvQnbzpkVepDavLGA3bbqYAJsM0deMSYMtbJqz3VgicG0d1jgmXnS0Tx%2BR1yiIxl43u5EOnx0EsqmtwDZaSpJ1hzDzyW6hhd1JUB5%2BtigQqxwZuao%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a374bf8b4fd-OSL
X-Firefox-Spdy: h2
kimcartoon.li/Content/images/plus.png
200 OK 3.2 kB URL HTTP/2 kimcartoon.li/Content/images/plus.png
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 6111e62cd0f9c8ee1dea22a93969cfe9
e79574b8034fdad4357ad70cfceaa469090e2fb1
9b6c131e8583746c21be515c3dea1f7094de98c7eb4d88b4c13a02191ce5d23c
GET /Content/images/plus.png HTTP/1.1
Host: kimcartoon.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
Cookie: ASP.NET_SessionId=g2zrp1gd5duqn0u3cipbzlbf; k_token=eNgwOUqpuJyZILUOWxqNsde%2bc%2fPvLR1U3vN7ozFIoX1XgwaXEIEpaLZVdnLWDWOqTOGlp1ry5V8He5TFUmMk6bcPoTU3Uah%2fnswVyFEj2JiQDKgcNuItmEduE%2f6u9RYwo7W%2buCku85XW%2bt2Xs64SSFtAnghr0kYXhDETQS8Pu0w%3d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:13 GMT
content-type: image/png
content-length: 3178
last-modified: Sun, 18 Dec 2016 00:43:58 GMT
etag: "529a9d1c758d21:0"
access-control-allow-origin: http://kimcartoon.li
cache-control: max-age=14400
cf-cache-status: HIT
age: 5401
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GnU%2FFlnhahxDC44tcvZeUlZXfYNwrT0cPJhHS7n%2BFR0SyklragTqtQvy921QyHfncDQf9IsV6ZKivRh63afflbBMOmRrBX9F4E9MPo0Zgv2lgnq364pzDmi7pRVLSSQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a374bfab4fd-OSL
X-Firefox-Spdy: h2
kimcartoon.li/Content/font/fontawesome-webfont.ttf
200 OK 166 kB URL HTTP/2 kimcartoon.li/Content/font/fontawesome-webfont.ttf
IP
File type TrueType Font data, 13 tables, 1st "FFTM", 24 names, Macintosh\012- data
Size 166 kB (165548 bytes)
Hash b06871f281fee6b241d60582ae9369b9
13b1eab65a983c7a73bc7997c479d66943f7c6cb
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8
GET /Content/font/fontawesome-webfont.ttf HTTP/1.1
Host: kimcartoon.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
Cookie: ASP.NET_SessionId=g2zrp1gd5duqn0u3cipbzlbf; k_token=eNgwOUqpuJyZILUOWxqNsde%2bc%2fPvLR1U3vN7ozFIoX1XgwaXEIEpaLZVdnLWDWOqTOGlp1ry5V8He5TFUmMk6bcPoTU3Uah%2fnswVyFEj2JiQDKgcNuItmEduE%2f6u9RYwo7W%2buCku85XW%2bt2Xs64SSFtAnghr0kYXhDETQS8Pu0w%3d
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:13 GMT
content-type: application/octet-stream
content-length: 165548
last-modified: Thu, 22 Dec 2016 08:50:34 GMT
etag: "0291a75305cd21:0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5064
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dUNkJZ5UTPv3xuRoltrsQ6qZBv6UiToU%2B%2B3UBQCB%2Bt8TLN5thNbyElF6kWieb1DHLRecdaSDi5eRgJaKAGrYtM%2FioNu1h4tUe%2Bt%2FgtA5NbT6yfXtoIP2EadAkCGfKYg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a376c0cb4fd-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 7078b1d21bbac26012d93fc9501fbbb0
412189ffa7980709edc28b87a820aa1ae64fa3a7
6db1d0d3f3924d7e75e1fd087553cf4ec5fa938ecc52adf3f149570551eaf7f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5965
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:13 GMT
Last-Modified: Sun, 29 Jan 2023 05:55:48 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
kimcartoon.li/Content/images/tpl_footer_bg.png
200 OK 3.2 kB URL HTTP/2 kimcartoon.li/Content/images/tpl_footer_bg.png
IP
File type PNG image data, 8 x 74, 8-bit/color RGB, non-interlaced\012- data
Hash d46ca7bad394a233c9735ae870cf9c9a
8e003de8410b2195e1b97ce7e5e81ad915447b0c
a77934c9ba958163b297b2adf4eeab588ef21268f594e45bcee29905c632b269
GET /Content/images/tpl_footer_bg.png HTTP/1.1
Host: kimcartoon.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
Cookie: ASP.NET_SessionId=g2zrp1gd5duqn0u3cipbzlbf; k_token=eNgwOUqpuJyZILUOWxqNsde%2bc%2fPvLR1U3vN7ozFIoX1XgwaXEIEpaLZVdnLWDWOqTOGlp1ry5V8He5TFUmMk6bcPoTU3Uah%2fnswVyFEj2JiQDKgcNuItmEduE%2f6u9RYwo7W%2buCku85XW%2bt2Xs64SSFtAnghr0kYXhDETQS8Pu0w%3d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:13 GMT
content-type: image/png
content-length: 3236
last-modified: Thu, 12 Mar 2015 15:28:18 GMT
etag: "50e15a2ad95cd01:0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 172
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynKThQAuR0dtYGy7K2rnX%2BBB1H8J4dNjWaiBREu2TLpjNQ1tgAbt8TFS6SouqawGjLgXbT9DocVDjfo9h0w5va0vsToDiwTQImu2Pwp8zlIc897y64k%2Bw7VhzctgXiw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a379c3eb4fd-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cedc53a463251aee7ba34bad35ef0048
f42c5827bd14eba8ded91e3f9a2afac47891781c
5e54508a173053cde532792cc40c69bd2139a0e8fa1b8d351d82d0e00d641351
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E54508A173053CDE532792CC40C69BD2139A0E8FA1B8D351D82D0E00D641351"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8208
Expires: Sun, 29 Jan 2023 09:52:01 GMT
Date: Sun, 29 Jan 2023 07:35:13 GMT
Connection: keep-alive
www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fkimcartoonfp&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=dark&font&height=21
200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fkimcartoonfp&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=dark&font&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fkimcartoonfp&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=dark&font&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: +wWncTPIOW3Q93Bgdyl/YmZM0S+P2it/9ojQgyLbHNc1XrmYHC86ohLRAWYjwJoWtMo+YpERfJOTDgnerIwLow==
content-length: 0
date: Sun, 29 Jan 2023 07:35:13 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2FKimCartoon-1500686783296635&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=dark&font&height=21
200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2FKimCartoon-1500686783296635&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=dark&font&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2FKimCartoon-1500686783296635&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=dark&font&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: 7yZ3rewGcNzk2+jZk7xfytLwUQ0M+zHBgn6QDDWVSX+CJwSe2DeesN45ew8sg1sgAXVKBGNYsiEC925zRIHiGA==
content-length: 0
date: Sun, 29 Jan 2023 07:35:13 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
sbfull.com/e/8d2mivg2ncd4.html
301 Moved Permanently 162 B URL HTTP/2 sbfull.com/e/8d2mivg2ncd4.html
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /e/8d2mivg2ncd4.html HTTP/1.1
Host: sbfull.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 29 Jan 2023 07:35:13 GMT
content-type: text/html
content-length: 162
location: https://sblongvu.com/e/8d2mivg2ncd4.html
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 7078b1d21bbac26012d93fc9501fbbb0
412189ffa7980709edc28b87a820aa1ae64fa3a7
6db1d0d3f3924d7e75e1fd087553cf4ec5fa938ecc52adf3f149570551eaf7f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5965
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:13 GMT
Last-Modified: Sun, 29 Jan 2023 05:55:48 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a74ab9986e287dc89881fc0b39bedad1
a70e9c57f46402103990afe492f5320feb60a8f1
059a1f8d87bb9dfb6e8da2f545bd15888c7138988829aea396ef6d66c9cf774c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "059A1F8D87BB9DFB6E8DA2F545BD15888C7138988829AEA396EF6D66C9CF774C"
Last-Modified: Thu, 26 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8602
Expires: Sun, 29 Jan 2023 09:58:35 GMT
Date: Sun, 29 Jan 2023 07:35:13 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bd602d3641f747a06de1363fb5597e56
11cde30b453123d030e525580507fd7328eb202a
39ff77766eaac899613f3d6be8be1f1bb779602f562a0226dd605cdb581dbf26
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39FF77766EAAC899613F3D6BE8BE1F1BB779602F562A0226DD605CDB581DBF26"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11129
Expires: Sun, 29 Jan 2023 10:40:42 GMT
Date: Sun, 29 Jan 2023 07:35:13 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 112b6e1d2b22c825384e8439842903fd
583c700a28b0343ac1711f487bc38b3ecc057ee7
448bf774411fe564bdb1b708bf3d4c6c46d928e34d4dfa77db8561e53090f307
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "448BF774411FE564BDB1B708BF3D4C6C46D928E34D4DFA77DB8561E53090F307"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1282
Expires: Sun, 29 Jan 2023 07:56:36 GMT
Date: Sun, 29 Jan 2023 07:35:14 GMT
Connection: keep-alive
cdn.itskiddien.club/apu.php?zoneid=5021906
200 OK 968 B URL HTTP/2 cdn.itskiddien.club/apu.php?zoneid=5021906
IP
File type ASCII text, with very long lines (801)
Hash 7aaf7466d5f150694e15159be92128ed
b6652b8b0f763e4ba23f178533bb00189ae5c061
eb3f5d628abbcbeac0a0ab53340ee43a4d0afbb6836e54377c13fe678cc61ee4
GET /apu.php?zoneid=5021906 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 07:35:14 GMT
content-type: application/javascript
content-length: 968
x-trace-id: 7fee8fdfe5acf64aca8905c3d440ed4c
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=751aa374819545a7a927d787d3b6c321; expires=Mon, 29 Jan 2024 07:35:14 GMT; path=/; secure; SameSite=None
oaidts=1674977714; expires=Mon, 29 Jan 2024 07:35:14 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/96s8juNQ55E
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/96s8juNQ55E
IP
Hash d5b8c5d6d455e4fc7e86eafc56168e1c
d0a20bc9db8298e1a402fcd6d8675cd57063f5e7
ab222addc4ff2143b61625c0e0fb4dcd9204d7a9f0bec3ff0614e032aac7d302
POST /s/gts1p5/96s8juNQ55E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:14 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.itskiddien.club/apu.php?zoneid=5379568
200 OK 968 B URL HTTP/2 cdn.itskiddien.club/apu.php?zoneid=5379568
IP
File type ASCII text, with very long lines (801)
Hash c0efba18b960a95e0072ec3c78aad02d
18b894b5c7eefc3ebf5116f36273c4eb32f762f2
5972e26d126cc1f04e19398d16a1d3d7904b5bce7d9e8193877a4914d630c885
GET /apu.php?zoneid=5379568 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 07:35:14 GMT
content-type: application/javascript
content-length: 968
x-trace-id: b5753335e1a4620231b8e69a0ad23a87
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=65947c5287f7412d928553f4800da175; expires=Mon, 29 Jan 2024 07:35:14 GMT; path=/; secure; SameSite=None
oaidts=1674977714; expires=Mon, 29 Jan 2024 07:35:14 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2c4380697a101b67d9f8edb80bbe917c
d031ccb76ff8aeef9f80594b3ac3a7117e1ad05d
92fcb57afd01dbdc56cdd37ff2ebfb8807a286936093b1a863d334a3826aceb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92FCB57AFD01DBDC56CDD37FF2EBFB8807A286936093B1A863D334A3826ACEB3"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4904
Expires: Sun, 29 Jan 2023 08:56:58 GMT
Date: Sun, 29 Jan 2023 07:35:14 GMT
Connection: keep-alive
eehuzaih.com/401/5021804
200 OK 33 kB IP
Hash 187e7dd45e2eef5d25c1b0d5bf408b80
dbdad9a491d7c84eabe9407dd74feea77923a0e8
b8ea7f861caffe838d2a278a42d546d2cd23c57f4e9f04ddb04403a55af6e84d
Analyzer Verdict Alert quad9 Sinkholed
GET /401/5021804 HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 07:35:13 GMT
content-type: application/javascript
x-trace-id: d3498c91006ffb26ec04f4d5ab95f693
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=34ca52f81261462a9f1a2ccdab5cf158; expires=Mon, 29 Jan 2024 07:35:13 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1261
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 29 Jan 2023 07:35:15 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://kimcartoon.li
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
kimcartoon.li/Ads/geniee300a.aspx
200 OK 18 kB URL HTTP/2 kimcartoon.li/Ads/geniee300a.aspx
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash f2454346f296a7e89e485c9e9bed5ecd
9f2220b671f1ba110885a6dee2826a4e69af74dc
1e7a92b1d3b9ff2f39279281d023766d6a3c84c094ae9db65c02293f4e3a73f5
GET /Ads/geniee300a.aspx HTTP/1.1
Host: kimcartoon.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/Cartoon/Daria-Version-2/Season-1-Episode-1-Esteemers?id=74420
Cookie: ASP.NET_SessionId=g2zrp1gd5duqn0u3cipbzlbf; k_token=eNgwOUqpuJyZILUOWxqNsde%2bc%2fPvLR1U3vN7ozFIoX1XgwaXEIEpaLZVdnLWDWOqTOGlp1ry5V8He5TFUmMk6bcPoTU3Uah%2fnswVyFEj2JiQDKgcNuItmEduE%2f6u9RYwo7W%2buCku85XW%2bt2Xs64SSFtAnghr0kYXhDETQS8Pu0w%3d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:14 GMT
content-type: text/html; charset=utf-8
cache-control: private
access-control-allow-origin: http://kimcartoon.li
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gw3n1B1a%2Bmih3L6e6ne3tD9xTB1CgKDPSWZeOcNfINcl5Jd%2F9yPD0xfKogvVUwycA%2FjEnLMgrzlnb4tyiKeSO7jGOmJnPBGi7WuA81it27U05lRscRafl7qonoKsl%2FA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79104a374bedb4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
my.rtmark.net/gid.js
200 OK 65 B IP
File type JSON data\012- , ASCII text
Hash d3b74354e6c6a2bd78b9689c429058a9
d89b6421c0f653718a767b66e8e9abc1cc1038c4
c1483bdf324feb7c549c617675812951891d937c216ddbcff586ec573fc19f9c
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 07:35:14 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://kimcartoon.li
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=dc2e446b0e3f457db033c6f0ea90817c; expires=Mon, 29 Jan 2024 07:35:14 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.0/js/bootstrap.bundle.min.js
200 OK 19 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.0/js/bootstrap.bundle.min.js
IP
File type ASCII text, with very long lines (65299)
Hash 6eec994f904e4a6a49d27df23d27c3dd
46d7824728ceb9116a5a118c2d4fdec7f39f4924
c2c51310d9d0b5de9a9c29b150f8d9f93811f21e0df5f3c03792717c90edaef4
GET /ajax/libs/twitter-bootstrap/4.6.0/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sblongvu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 19173
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60071661-1499a"
last-modified: Tue, 19 Jan 2021 17:26:57 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3201270
expires: Fri, 19 Jan 2024 07:35:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KlsQ2HkuaNUJwK8mgoG8FtfnfGnr%2FEM1MEkJVoNRV%2BEVevYnjeBOfSyG9IHKqlhCAiFnYO0BGwCq55%2FiGY9EPIEv4GxlwGdJVZTRqJXRJDpc9XLnQinpE4Ciirz%2FSKWLILemu6NL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79104a3b6d890b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/axios/0.22.0/axios.min.js
200 OK 5.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/axios/0.22.0/axios.min.js
IP
File type ASCII text, with very long lines (17781)
Hash b0a12be08ec4fa4d54524b55363389fd
f171fb814f9e3d6080450f857c7ec99acc68d782
4411647947a3a1bc9693a501db3b6409489800274a6e1db06b33c2a6ae1540ce
GET /ajax/libs/axios/0.22.0/axios.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sblongvu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 5467
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6156acbe-155b"
last-modified: Fri, 01 Oct 2021 06:37:50 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3288274
expires: Fri, 19 Jan 2024 07:35:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4S3MLvrE3D3BLtkbG0YdxjfIbGDjQBFasqhruIpPo0CxfSXlXj3leEV7HbkEeYDevYOEQ7TMVcSyXLCq7uY%2Fy7EJNSz7hAKc0aFqWokPDC%2Fju3wooy9DEuPcAZvyqPFWxqtM9o1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79104a3b7d910b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sblongvu.com/vast.js
200 OK 14 B IP
File type ASCII text, with no line terminators
Hash f889954a7cf30bbbfa6f7c3ae440dd2a
7adb4056d99c21fa515a67b5e17f12e82a16509d
27057a15c852eb49822e63991ce5e1863a05f2f5ccbcf916ca624ca773ed8d97
Analyzer Verdict Alert fortinet Malware
GET /vast.js HTTP/1.1
Host: sblongvu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sblongvu.com/e/8d2mivg2ncd4.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 14
last-modified: Fri, 22 Oct 2021 10:58:00 GMT
etag: "e-5ceeee26ebe00"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 5182
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qu%2FgajKCi1TOtRKIB%2BS%2Flloh6oOXKIHI2UvxSdK6Mv8DSHEeBiF3mfGSAh5uS%2FaoPlzwK1aHqwPCRhvqqkY%2B5VDqRuHT42gBz0d0EqYcrsq8GaOrKOURtZSqxB4L%2FEQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a3b893f35de-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-X04565JYJY>m=2oe1p0&_p=1853967724&cid=92975192.1674977720&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674977720&sct=1&seg=0&dl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&dt=Watch%20Daria%20(Version%202)%20Season%201%20Episode%201%20-%20Esteemers%20online%20FREE%20%7C%20KimCartoon&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-X04565JYJY>m=2oe1p0&_p=1853967724&cid=92975192.1674977720&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674977720&sct=1&seg=0&dl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&dt=Watch%20Daria%20(Version%202)%20Season%201%20Episode%201%20-%20Esteemers%20online%20FREE%20%7C%20KimCartoon&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-X04565JYJY>m=2oe1p0&_p=1853967724&cid=92975192.1674977720&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674977720&sct=1&seg=0&dl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&dt=Watch%20Daria%20(Version%202)%20Season%201%20Episode%201%20-%20Esteemers%20online%20FREE%20%7C%20KimCartoon&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://kimcartoon.li
date: Sun, 29 Jan 2023 07:35:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/96s8juNQ55E
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/96s8juNQ55E
IP
Hash d5b8c5d6d455e4fc7e86eafc56168e1c
d0a20bc9db8298e1a402fcd6d8675cd57063f5e7
ab222addc4ff2143b61625c0e0fb4dcd9204d7a9f0bec3ff0614e032aac7d302
POST /s/gts1p5/96s8juNQ55E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:14 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ws.sharethis.com/button/async-buttons.js
200 OK 19 kB URL HTTP/2 ws.sharethis.com/button/async-buttons.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0b3b7d06f8df8276ede0facec198706e
3e42fc6cacb95a5fa1b56c5b3984e8269752fbbe
342ffe242184c80ddf304e21db8b256ccb8aecb1f4bd9363802dcf2f36053837
GET /button/async-buttons.js HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 18813
content-encoding: gzip
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
cache-control: max-age=259200
date: Sat, 28 Jan 2023 09:31:47 GMT
expires: Tue, 31 Jan 2023 09:31:47 GMT
etag: W/"634f1895-16245"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zmoqHT7Nwsb1G5s9dCt-_IJwKKDhlQeO7BHAwCSariK-mPuCYoLhcA==
age: 79407
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform.twitter.com/widgets.js
200 OK 28 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP
File type Unicode text, UTF-8 text, with very long lines (38752)
Hash 8aa708f5eebf10bd82e942dabf1623a5
326a6d469222302a80ecf29039e7837d8870ee47
fcfdc2930fdd7f4b3c7f0c1308ce2e89fcc5082ae6a0a1e16ecf0f7e417f1368
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 983
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Sun, 29 Jan 2023 07:35:14 GMT
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F716)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amzn-internal-status: 304
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 27630
kimcartoon.li/Content/images/favicon.ico
200 OK 3.8 kB URL HTTP/2 kimcartoon.li/Content/images/favicon.ico
IP
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 1b3ca411786cb3169d02008f71aef637
88938b9f93f3a0c621f554340f4952fc262dd6da
92cd2ecb4d9b01f8fac01c76adcbe7008d79095e398bc45a74fa2df33b61ef8f
GET /Content/images/favicon.ico HTTP/1.1
Host: kimcartoon.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/Cartoon/Daria-Version-2/Season-1-Episode-1-Esteemers?id=74420
Cookie: ASP.NET_SessionId=g2zrp1gd5duqn0u3cipbzlbf; k_token=eNgwOUqpuJyZILUOWxqNsde%2bc%2fPvLR1U3vN7ozFIoX1XgwaXEIEpaLZVdnLWDWOqTOGlp1ry5V8He5TFUmMk6bcPoTU3Uah%2fnswVyFEj2JiQDKgcNuItmEduE%2f6u9RYwo7W%2buCku85XW%2bt2Xs64SSFtAnghr0kYXhDETQS8Pu0w%3d; _ga_X04565JYJY=GS1.1.1674977720.1.0.1674977720.0.0.0; _ga=GA1.1.92975192.1674977720
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:14 GMT
content-type: image/x-icon
last-modified: Sun, 26 Mar 2017 03:44:50 GMT
etag: W/"065e52e3a5d21:0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzWLVnl3T795VsE7fLrK15m3FF9GyRNSRUza07BahgEzORVndV6aD3EUp2qzg1sVlofjCJOmv3l%2F%2FJsT61LarZQ2KApUGiUImMthVCUgI0TCIJ3I5plQerIJ4E7q8%2F4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a3cc8efb4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18109
Expires: Sun, 29 Jan 2023 12:37:03 GMT
Date: Sun, 29 Jan 2023 07:35:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18109
Expires: Sun, 29 Jan 2023 12:37:03 GMT
Date: Sun, 29 Jan 2023 07:35:14 GMT
Connection: keep-alive
sblongvu.com/js/jquery/jquery.min.js?v=1
200 OK 32 kB URL HTTP/2 sblongvu.com/js/jquery/jquery.min.js?v=1
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9855ab77ff938b5f3c4de194cb2a6f2a
0f08f598f663953395be6086f924b88ce795ec43
3d5f8fe43fc4a985e1c4b37f96e66b4f767240d28c245732749de76bdbd6119a
Analyzer Verdict Alert fortinet Malware
GET /js/jquery/jquery.min.js?v=1 HTTP/1.1
Host: sblongvu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sblongvu.com/e/8d2mivg2ncd4.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:14 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 07 Dec 2022 21:33:03 GMT
etag: W/"6391068f-13f75"
expires: Sun, 05 Feb 2023 01:56:42 GMT
cache-control: max-age=604800
access-control-allow-origin: *
cf-cache-status: HIT
age: 20312
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rFSgXZGeyV%2BwadpoVRoET%2FAtmdrisKJfi4NfO75wzKruy0IY71MQRh0O20Gtqxye3N1X%2BO1TRVgOO9MbGWWzz%2BhHbb94z8hIT8XDcTK5mnVIY1nfrBaDWstpQcpFEBU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a3b48f735de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.usertrust.com/
200 OK 2.2 kB IP
Hash ae39333ae66accd3f8c0b703536422b3
56276d359bb892b328ad946d38c5198258e7c7a6
fa80d7b61e5d5b84955ab46a8ea06f2661f36614ef81d3e6596dccfa30c9b51b
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 07:35:14 GMT
Content-Type: application/ocsp-response
Content-Length: 2236
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 22:12:16 GMT
Expires: Sat, 04 Feb 2023 22:12:15 GMT
Etag: "56276d359bb892b328ad946d38c5198258e7c7a6"
Cache-Control: max-age=603458,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1770
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79104a3d68c7b505-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d5ed99a9aed6f367efc5c9498ce87ff1
3123eb6f550c51fe17fc62eff943b3739e239a9b
536f45bf2eb41f7056df8b34964538005d6a0a4c6157def3fbdd9487f8c79027
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10168
x-amzn-requestid: fe58fe3c-dd23-4614-b5a2-e91ef68c2ab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFOD7H-NIAMFcxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb907f-687fc51741d7ff97182d1955;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 07:13:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SORDxKQP-GudaCfRIbrmexyEeJXBExRipfF8sPHI-UkaYhR_RkDjvQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 00:55:27 GMT
age: 23987
etag: "3123eb6f550c51fe17fc62eff943b3739e239a9b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 20:46:16 GMT
age: 38938
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10a6491e2c1dfde68c7cd7297e70700f
d0f195319825a6d3e5e50ad15b2fcab27cb65896
4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11470
x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6WFgAIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 04:01:15 GMT
age: 12839
etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg
200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6af6f32397882f56d14d22348e44a9f1
5a626376807e7507fa3a204c4e4e9e44aa074a37
478f32e98c0a1f0d62fa337795ca88b7927e14b684b681f7629b648bc2d709a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7417
x-amzn-requestid: 53032353-8613-49b0-944d-3742236cf50c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fYcMmFeQIAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d340b6-7fe2226327d90db014527c08;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 03:10:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zd8cTO2N1JO-OK3hCDwVO8naClCsg0raJLboRFle-DPSKhR_7k8-Yg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 03:16:35 GMT
age: 15519
etag: "5a626376807e7507fa3a204c4e4e9e44aa074a37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c77437e3a7361861aed8bfecbfe6bd6
fefd238c13c0fdfb7d964c90fcc8a8cbbf953034
282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5594
x-amzn-requestid: d56c9b84-dc1f-4d5c-91bf-7db55058bf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLyeEGOloAMFpzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce3126-5013a6b971d6800c5c85a4eb;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:03:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uPJu2SzvWcfqukF9t0PKG5iK7LrTnk1Cn5nioD4MklQgDAZnbiH8Gw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 14:55:48 GMT
age: 59966
etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sblongvu.com/e/8d2mivg2ncd4.html
200 OK 22 kB URL HTTP/2 sblongvu.com/e/8d2mivg2ncd4.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (5217), with CRLF line terminators
Hash 704c3c7ae51e6dba09053b488c562e49
96a295d40175a89f9af5a04037379bf0edcb8310
86670c059e8529d63d023f3f8a08a3c90573003e4edc213d451e80c47b52ddb0
Analyzer Verdict Alert fortinet Malware
GET /e/8d2mivg2ncd4.html HTTP/1.1
Host: sblongvu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kimcartoon.li/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:14 GMT
content-type: text/html; charset=utf-8
last-modified: Sat, 14 Jan 2023 03:29:14 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GO2ficgOMxJlAz2URe3zAmD7yzTr4Hza6C%2F4p0BzNJTOHaiomFpAi99YD5hWGTM%2ButadNI8oqXcJ7dsB%2FoilR6jj4zk3LY1L2PuqCWvizRtUHjRS9CXnpJa%2FV0dSfAA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79104a3a681b35de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash fc57907c02fbece1b9a2380777d0d0ed
86c45f19f64545e33e626a2dd832e76a86665997
716e420e7c92f9e4a8565b1548ac54f3a1fd069929c154635bf1a84a22ca5f59
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 07:35:14 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 23:07:05 GMT
Expires: Sat, 04 Feb 2023 23:07:04 GMT
Etag: "86c45f19f64545e33e626a2dd832e76a86665997"
Cache-Control: max-age=573709,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79104a3d8a61b524-OSL
ws.sharethis.com/button/css/buttons-secure.css
200 OK 3.9 kB URL HTTP/2 ws.sharethis.com/button/css/buttons-secure.css
IP
File type ASCII text, with very long lines (23158), with no line terminators
Hash 61da924a747e08c5f54a6cb31c724a48
8e49d971d6a667c3888a481b742e05cafcf72a43
54302324d4b6aa780466c869b9932504d0b1eaa7ef1df6c5481b35fb0625343a
GET /button/css/buttons-secure.css HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 3851
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 21:20:21 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
date: Sat, 28 Jan 2023 17:55:36 GMT
etag: W/"634f1895-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1EBJNJPQGDUT8AK17Wj63CFjdThSboKU-eychfAv6Z8W1iAEiHB8SA==
age: 49179
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 5bdb97ad2eaffca61d599ad7b82c303a
4b1b2b7a9fff03a1fae48fe8fd65ac68b5d126ec
2f374e16137dd578c8cd6d112cd9eff8dbee5d09a4a8656774b0cd24b9300230
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 29 Jan 2023 07:35:14 GMT
Last-Modified: Sun, 29 Jan 2023 07:07:54 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: unW7vcrxWbvcOjz65EEzw_9ETKQHEXc_xooqciS6YTaRz5rZPHkxBw==
Age: 1640
propellerads.com/wp-content/themes/propeller/assets/js/app.min.js?_=1674977720161
200 OK 6.0 kB URL HTTP/1.1 propellerads.com/wp-content/themes/propeller/assets/js/app.min.js?_=1674977720161
IP
ASN #200449 Qrator Labs CZ s.r.o.
File type ASCII text, with CRLF, LF line terminators
Hash 90e654b00ddbb5b7a23a230e4ba1f588
dd5010479da8fc2b24eca9c020bc2a24b39e9dca
52ec194fe735d180ba2c260dbc7491540aa91669899ad016f77f5a6fa7ee1428
GET /wp-content/themes/propeller/assets/js/app.min.js?_=1674977720161 HTTP/1.1
Host: propellerads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: QRATOR
Date: Sun, 29 Jan 2023 07:35:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Vary: Accept-Encoding
Last-Modified: Thu, 15 Dec 2022 18:21:51 GMT
ETag: W/"639b65bf-8962"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Security-Policy: frame-ancestors self googleads.g.doubleclick.net www.youtube.com propellerads.com
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Content-Encoding: gzip
platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fkimcartoon.li
200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fkimcartoon.li
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56166)
Size 105 kB (105435 bytes)
Hash 58f06e7d628e7e207cad8e48c9cc76be
9042f057d52be00c9535ce93b0ce4c03707e0c41
ea6c34f2e7acfea93ba722fe283f2704392dc518c9a0d1eeca0ba03a0b63d789
GET /widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fkimcartoon.li HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 381119
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 29 Jan 2023 07:35:14 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F709)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105435
l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1674977720168.20440&hostname=kimcartoon.li&location=%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&title=Watch%20Daria%20(Version%202)%20Season%201%20Episode%201%20-%20Esteemers%20online%20FREE%20%7C%20KimCartoon&sop=false&description=Watch%20online%20and%20download%20cartoon%20Daria%20(Version%202)%20Season%201%20Episode%201%20-%20Esteemers%20in%20high%20quality.%20Various%20formats%20from%20240p%20to%20720p%20HD%20(or%20even%201080p).%20HTML5%20available%20for%20mobile%20devices
204 No Content 0 B URL HTTP/1.1 l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1674977720168.20440&hostname=kimcartoon.li&location=%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&title=Watch%20Daria%20(Version%202)%20Season%201%20Episode%201%20-%20Esteemers%20online%20FREE%20%7C%20KimCartoon&sop=false&description=Watch%20online%20and%20download%20cartoon%20Daria%20(Version%202)%20Season%201%20Episode%201%20-%20Esteemers%20in%20high%20quality.%20Various%20formats%20from%20240p%20to%20720p%20HD%20(or%20even%201080p).%20HTML5%20available%20for%20mobile%20devices
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pview?event=pview&version=buttons.js&lang=en&sessionID=1674977720168.20440&hostname=kimcartoon.li&location=%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&title=Watch%20Daria%20(Version%202)%20Season%201%20Episode%201%20-%20Esteemers%20online%20FREE%20%7C%20KimCartoon&sop=false&description=Watch%20online%20and%20download%20cartoon%20Daria%20(Version%202)%20Season%201%20Episode%201%20-%20Esteemers%20in%20high%20quality.%20Various%20formats%20from%20240p%20to%20720p%20HD%20(or%20even%201080p).%20HTML5%20available%20for%20mobile%20devices HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: https://kimcartoon.li
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 29 Jan 2023 07:35:14 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
ocsp.sectigo.com/
200 OK 471 B IP
Hash a8a089289debf92a6939ad028d59dcce
7385f9ef8f2e559faf23d5641fd4b0c6fc3a4c80
67f4046e4e2976e99f3985d89373acc12825a9e44e34c21c8251b756483142e4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 07:35:14 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 12:00:52 GMT
Expires: Thu, 02 Feb 2023 12:00:51 GMT
Etag: "7385f9ef8f2e559faf23d5641fd4b0c6fc3a4c80"
Cache-Control: max-age=360936,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79104a3d5a031bfe-OSL
ocsp.globalsign.com/gseccovsslca2018
200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash e1ad875cc6528218b1c2e2a2067e9c68
9e3b45379461c1bcbfc08043fd588e9b1ea72450
59aba6b9e099dab7f0525beeab4e317e971417962215c1b0f671a21bd7f23e48
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 939
Server: nginx
Content-Type: application/ocsp-response
Expires: Thu, 02 Feb 2023 04:30:21 GMT
ETag: "9e3b45379461c1bcbfc08043fd588e9b1ea72450"
Last-Modified: Sun, 29 Jan 2023 04:30:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 29 Jan 2023 07:35:14 GMT
Age: 437
X-Served-By: cache-qpg1244-QPG, cache-bma1678-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 60
X-Timer: S1674977715.983951,VS0,VE0
ocsp.sectigo.com/
200 OK 472 B IP
Hash fc57907c02fbece1b9a2380777d0d0ed
86c45f19f64545e33e626a2dd832e76a86665997
716e420e7c92f9e4a8565b1548ac54f3a1fd069929c154635bf1a84a22ca5f59
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 07:35:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 23:07:05 GMT
Expires: Sat, 04 Feb 2023 23:07:04 GMT
Etag: "86c45f19f64545e33e626a2dd832e76a86665997"
Cache-Control: max-age=573709,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79104a3d8f7bb529-OSL
connect.facebook.net/en_US/sdk.js
200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP
File type ASCII text, with very long lines (1957)
Hash 077902113f646fd5c4c5e123d38d577b
723af152242bd778969a2075ee50d69f5ec9839a
1afe7eea42337b3f024f6d5e9a4d81e47e57cc3f17422899b812d97fd90be649
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: f64942ff4d8db3c00d68bcdbee980229
etag: "36f7d78177ebddc8e5b4e87fdeafc02c"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 29 Jan 2023 07:36:59 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: B3kCET9kb9XExeEj041Xew==
x-fb-debug: MUXaI2Q1tle1JKSMaX07l6Hb/qxb1ecNOCO3NldIP9LKmDsJ21lHQL+aOhOZYfyVLndVgBw+58sYoeSOdg5oWA==
content-length: 1686
x-fb-trip-id: 1679558926
date: Sun, 29 Jan 2023 07:35:15 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
propellerads.com/wp-content/themes/propeller/assets/js/app.min.js?_=1674977720108
200 OK 6.0 kB URL HTTP/1.1 propellerads.com/wp-content/themes/propeller/assets/js/app.min.js?_=1674977720108
IP
ASN #200449 Qrator Labs CZ s.r.o.
File type ASCII text, with CRLF, LF line terminators
Hash 90e654b00ddbb5b7a23a230e4ba1f588
dd5010479da8fc2b24eca9c020bc2a24b39e9dca
52ec194fe735d180ba2c260dbc7491540aa91669899ad016f77f5a6fa7ee1428
GET /wp-content/themes/propeller/assets/js/app.min.js?_=1674977720108 HTTP/1.1
Host: propellerads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: QRATOR
Date: Sun, 29 Jan 2023 07:35:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Vary: Accept-Encoding
Last-Modified: Thu, 15 Dec 2022 18:21:51 GMT
ETag: W/"639b65bf-8962"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Security-Policy: frame-ancestors self googleads.g.doubleclick.net www.youtube.com propellerads.com
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 314 B IP
Hash 22fcd16b2e42281931f99c8b9f1dc771
ea45e9c59b13c185b09f7b7ebd91fb3795794203
e057dadbb5516c2274237a9fad40e1ee50151deac938d16d0bd74796e864c9ad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3602
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:15 GMT
Last-Modified: Sun, 29 Jan 2023 06:35:14 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 314
eehuzaih.com/500/5021804?excludes=&oaid=dc2e446b0e3f457db033c6f0ea90817c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=7&pl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
200 OK 0 B URL HTTP/2 eehuzaih.com/500/5021804?excludes=&oaid=dc2e446b0e3f457db033c6f0ea90817c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=7&pl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5021804?excludes=&oaid=dc2e446b0e3f457db033c6f0ea90817c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=7&pl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://kimcartoon.li/
Origin: https://kimcartoon.li
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 07:35:15 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://kimcartoon.li
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
200 OK 74 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash a236c7014c1f1a1e52d356f59e5d665a
b66c638eb2346287364c37725819bbab1f409d66
ad2d57579e453af0eac49156840bcd1dcfbd802a82135af98f41f714d7e698f2
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sblongvu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73769
date: Sun, 29 Jan 2023 07:35:15 GMT
access-control-allow-origin: *
etag: "63c93a4b-12029"
expires: Sun, 29 Jan 2023 08:35:15 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
rndskittytor.com/500/5374683?excludes=&oaid=dc2e446b0e3f457db033c6f0ea90817c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=7&pl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
200 OK 0 B URL HTTP/2 rndskittytor.com/500/5374683?excludes=&oaid=dc2e446b0e3f457db033c6f0ea90817c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=7&pl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5374683?excludes=&oaid=dc2e446b0e3f457db033c6f0ea90817c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=7&pl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: rndskittytor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://kimcartoon.li/
Origin: https://kimcartoon.li
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 07:35:15 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://kimcartoon.li
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sblongvu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 29 Jan 2023 05:46:59 GMT
expires: Sun, 29 Jan 2023 07:46:59 GMT
cache-control: public, max-age=7200
age: 6496
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
syndication.twitter.com/settings?session_id=04bf9b16458f0500a1936af43670fb45a4365cb3
200 OK 326 B URL HTTP/2 syndication.twitter.com/settings?session_id=04bf9b16458f0500a1936af43670fb45a4365cb3
IP
File type JSON data\012- , ASCII text, with very long lines (919), with no line terminators
Hash 11f6a2d6bb52340b52d53f9cf72973e8
ea0c3e5d850a2659b3344d84957b691a6f7942b8
a0b2545f4adeaf91f7a23b95f43c682557bdfd1e59d2cf394d10a01f97c886ff
GET /settings?session_id=04bf9b16458f0500a1936af43670fb45a4365cb3 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:14 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Sun, 29 Jan 2023 07:35:15 GMT
content-length: 326
content-encoding: gzip
x-transaction-id: 3c48aee75f56b710
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 113
x-connection-hash: 31251e4367772b1cdabd719d168534454230fbb3a5ba6bf08e24e5ff11460969
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sblongvu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 29 Jan 2023 07:35:15 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Sun, 29 Jan 2023 08:35:15 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 14f87e851a859efbad0c789c216da33c
fc93610f3659d7db2a4a9687935288386f1b20b3
d01af919dfdc1418021450dfcd67d790c05a3385ca4beb57c4a96f74d37f6c63
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 56
Cache-Control: max-age=149553
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:15 GMT
Etag: "63d5c6ac-116"
Expires: Tue, 31 Jan 2023 01:07:48 GMT
Last-Modified: Sun, 29 Jan 2023 01:06:52 GMT
Server: ECS (amb/6B87)
X-Cache: HIT
Content-Length: 278
offerimage.com/www/images/0fb6066747e1a495065815fb44fb9b41.png
200 OK 12 kB URL HTTP/2 offerimage.com/www/images/0fb6066747e1a495065815fb44fb9b41.png
IP
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 0fb6066747e1a495065815fb44fb9b41
c62f83dec41d2b508176f11784edc75db8dbb6f8
dca249be9c1aeee895ea79046856c178a1830f46a55cfc7f552b95b04eb3e5a6
GET /www/images/0fb6066747e1a495065815fb44fb9b41.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:15 GMT
content-type: image/png
content-length: 11899
last-modified: Thu, 25 Aug 2022 05:53:00 GMT
etag: "63070e3c-2e7b"
expires: Sun, 29 Jan 2023 07:53:50 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 85285
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a40fe9db50f-OSL
X-Firefox-Spdy: h2
eehuzaih.com/500/5021804?excludes=&oaid=dc2e446b0e3f457db033c6f0ea90817c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=7&pl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
200 OK 3.5 kB URL HTTP/2 eehuzaih.com/500/5021804?excludes=&oaid=dc2e446b0e3f457db033c6f0ea90817c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=7&pl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
Hash 0dea9af6234a9a46d6aeb542060800c5
f6e660090360e455d226c03ad2ec61d3be06d3fb
f675c79c25671363e80be9cf5c8dbced0df950238a38b0e5e80f94e42fc3e5f0
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5021804?excludes=&oaid=dc2e446b0e3f457db033c6f0ea90817c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=7&pl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Cookie: OAID=34ca52f81261462a9f1a2ccdab5cf158
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 07:35:15 GMT
content-type: application/javascript
x-trace-id: 1d14e9233f523c383544e7afc14b9fbd
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://kimcartoon.li
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=dc2e446b0e3f457db033c6f0ea90817c; expires=Mon, 29 Jan 2024 07:35:15 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ws.sharethis.com/images/2017/facebook_counter.png
200 OK 2.4 kB URL HTTP/2 ws.sharethis.com/images/2017/facebook_counter.png
IP
File type PNG image data, 120 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 7ba4aa0077ecbfdad7b112b723bf3b89
8d85c1b4ca791a4a9010c304c3af620cdc2fac94
3488c49147b809d1e457c14a37bf3a79b0455fd159c121325e8f737eea45eb75
GET /images/2017/facebook_counter.png HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2423
accept-ranges: bytes
cache-control: max-age=31536000
date: Sun, 13 Nov 2022 03:11:53 GMT
etag: "634f1850-977"
expires: Mon, 13 Nov 2023 03:11:53 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JAu12p-ydwhCZNQTVBiR8NpqiBFyNP4JuSpYW40H70sAST7fnx3wgg==
age: 6668602
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
rndskittytor.com/500/5374683?excludes=&oaid=dc2e446b0e3f457db033c6f0ea90817c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=7&pl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
200 OK 3.6 kB URL HTTP/2 rndskittytor.com/500/5374683?excludes=&oaid=dc2e446b0e3f457db033c6f0ea90817c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=7&pl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
Hash 3a6b20184be398a2a41f480bd0d72204
aba7bed9bac50a1c3256b89c87424dcf0184f6c0
1d9aa5663327cc4f394a148ed5ef4f5d6025219101e602f544c18dedccebddd4
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5374683?excludes=&oaid=dc2e446b0e3f457db033c6f0ea90817c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=7&pl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: rndskittytor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Cookie: OAID=f1d02aa3556f4e378a61f270a947478e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 07:35:15 GMT
content-type: application/javascript
x-trace-id: 1c3062713e0f4ced627148ec59321992
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://kimcartoon.li
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=dc2e446b0e3f457db033c6f0ea90817c; expires=Mon, 29 Jan 2024 07:35:15 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ws.sharethis.com/secure/images/bubble_arrow.png
200 OK 979 B URL HTTP/2 ws.sharethis.com/secure/images/bubble_arrow.png
IP
File type PNG image data, 4 x 6, 8-bit colormap, non-interlaced\012- data
Hash 9466fb05cc9cae591337910debe1282e
03a3bc8a8c1a744dd1b283ad82fa392f01cafc09
516630dc137782b6ea784ed6891b487b8a2fff9be9ed921977008453039cc1fe
GET /secure/images/bubble_arrow.png HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws.sharethis.com/button/css/buttons-secure.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 979
accept-ranges: bytes
cache-control: max-age=31536000
date: Tue, 29 Nov 2022 06:20:32 GMT
etag: "634f1895-3d3"
expires: Wed, 29 Nov 2023 06:20:32 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5zTCJzUooSVv-JrAj0gersFN6R89CZ6Se9cu4tqrW4ud4oXhKh5K8w==
age: 5274883
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ws.sharethis.com/images/2017/googleplus_16.png
200 OK 1.6 kB URL HTTP/2 ws.sharethis.com/images/2017/googleplus_16.png
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 9bc6a070e9d0391719e0f9a436ebeac2
e83f2bf6edb27df27a28a40366f59b1af8226ae2
592a848da6f427ea5d9169179bd309484f531d3c23c5aaf858afa22fc28d40c8
GET /images/2017/googleplus_16.png HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws.sharethis.com/button/css/buttons-secure.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1567
accept-ranges: bytes
cache-control: max-age=31536000
date: Mon, 28 Nov 2022 14:38:05 GMT
etag: "634f1850-61f"
expires: Tue, 28 Nov 2023 14:38:05 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Yx5n5x8jXRUiIzVh50xVro1btQXoVHFp1dv6rkDoexGc7VhW9ev0Bw==
age: 5331430
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
200 OK 2.6 kB URL HTTP/1.1 platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
IP
File type ASCII text, with very long lines (7891), with no line terminators
Hash 50af2557985d9ae5ef0bb111a4066237
b164d515f502d950df3ba208cc32bbe74e70d3d2
a3b6dbbc4e57c65eb23f84b312095c86a69ff47fc57fc745f464394158bda9af
GET /js/button.e7f9415a2e000feaab02c86dd5802747.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 381119
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sun, 29 Jan 2023 07:35:15 GMT
Etag: "506673dbdb9085e7201e137e893cc152+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:06 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F716)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2618
l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1674977720168.20440&hostname=kimcartoon.li&location=%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&title=Watch%20Daria%20(Version%202)%20Season%201%20Episode%201%20-%20Esteemers%20online%20FREE%20%7C%20KimCartoon&sop=false&description=Watch%20online%20and%20download%20cartoon%20Daria%20(Version%202)%20Season%201%20Episode%201%20-%20Esteemers%20in%20high%20quality.%20Various%20formats%20from%20240p%20to%20720p%20HD%20(or%20even%201080p).%20HTML5%20available%20for%20mobile%20devices&description=Watch%20online%20and%20download%20cartoon%20Daria%20(Version%202)%20Season%201%20Episode%201%20-%20Esteemers%20in%20high%20quality.%20Various%20formats%20from%20240p%20to%20720p%20HD%20(or%20even%201080p).%20HTML5%20available%20for%20mobile%20devices&img_pview=true
204 No Content 0 B URL HTTP/1.1 l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1674977720168.20440&hostname=kimcartoon.li&location=%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&title=Watch%20Daria%20(Version%202)%20Season%201%20Episode%201%20-%20Esteemers%20online%20FREE%20%7C%20KimCartoon&sop=false&description=Watch%20online%20and%20download%20cartoon%20Daria%20(Version%202)%20Season%201%20Episode%201%20-%20Esteemers%20in%20high%20quality.%20Various%20formats%20from%20240p%20to%20720p%20HD%20(or%20even%201080p).%20HTML5%20available%20for%20mobile%20devices&description=Watch%20online%20and%20download%20cartoon%20Daria%20(Version%202)%20Season%201%20Episode%201%20-%20Esteemers%20in%20high%20quality.%20Various%20formats%20from%20240p%20to%20720p%20HD%20(or%20even%201080p).%20HTML5%20available%20for%20mobile%20devices&img_pview=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pview?event=pview&version=buttons.js&lang=en&sessionID=1674977720168.20440&hostname=kimcartoon.li&location=%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&title=Watch%20Daria%20(Version%202)%20Season%201%20Episode%201%20-%20Esteemers%20online%20FREE%20%7C%20KimCartoon&sop=false&description=Watch%20online%20and%20download%20cartoon%20Daria%20(Version%202)%20Season%201%20Episode%201%20-%20Esteemers%20in%20high%20quality.%20Various%20formats%20from%20240p%20to%20720p%20HD%20(or%20even%201080p).%20HTML5%20available%20for%20mobile%20devices&description=Watch%20online%20and%20download%20cartoon%20Daria%20(Version%202)%20Season%201%20Episode%201%20-%20Esteemers%20in%20high%20quality.%20Various%20formats%20from%20240p%20to%20720p%20HD%20(or%20even%201080p).%20HTML5%20available%20for%20mobile%20devices&img_pview=true HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 29 Jan 2023 07:35:15 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/sdk.js?hash=d3233c98ddde3e0e991935abe49ba19e
200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=d3233c98ddde3e0e991935abe49ba19e
IP
File type ASCII text, with very long lines (18530)
Hash 4bed1a6ba5be744caec9b89475cad246
d3b077ec46d4620ee37c1b350cd313f1845746a9
7458b9234849de7c7627a19080b854dbac49b5d7574249d737db41f410c2b4d8
GET /en_US/sdk.js?hash=d3233c98ddde3e0e991935abe49ba19e HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 95f6e4bcf1a8ce36cb99bfbd57aa6c98
etag: "fcb3a5f7ec0098aeab576f9c3b46ad48"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 29 Jan 2024 04:59:01 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: S+0aa6W+dEyuybiUdcrSRg==
x-fb-debug: ZzGqK1AuT/LPlKv3424xYde8sq8jjAoCXA20Qh0BSItzZvg7NFiZ6WGZGa/9iA/YhhmnvvzzBj1xTP68YScnbw==
priority: u=3,i
content-length: 88415
x-fb-trip-id: 1679558926
date: Sun, 29 Jan 2023 07:35:15 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ssl.p.jwpcdn.com/player/v/8.9.5/jwplayer.core.controls.js
200 OK 68 kB URL HTTP/2 ssl.p.jwpcdn.com/player/v/8.9.5/jwplayer.core.controls.js
IP
Hash 3cd095c63f65fd24dec3bb5b4523bc87
d98057837615d8e2a18991cf6d1f6a82f484beee
5e092db32df7377a7ed1246d94badc7213f46cc2bfbe7d39385882bf74088cd7
GET /player/v/8.9.5/jwplayer.core.controls.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sblongvu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=31536000, immutable
last-modified: Fri, 26 Jul 2019 21:30:49 GMT
etag: "1a9869122184328930c8b5dcb9124cc0"
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 07:35:15 GMT
via: 1.1 varnish
age: 27410795
x-served-by: cache-bma1669-BMA
x-cache: HIT
x-cache-hits: 16821
x-timer: S1674977715.482404,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 67405
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
200 OK 16 kB URL HTTP/2 www.youtube.com/iframe_api
IP
File type ASCII text, with very long lines (509)
Hash f9f1e6f7bb72e5db00eacdcd3678fab2
c95f4d5656758403f4dd0dabb2f53ef65968fc7c
e41ed04d78206b13193a29cb4355ef5f00b4c35fde7960950d88358615e67657
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Sun, 29 Jan 2023 07:35:15 GMT
date: Sun, 29 Jan 2023 07:35:15 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=dbxEJXDw0SU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=20zNFcKUSLQ; Domain=.youtube.com; Expires=Fri, 28-Jul-2023 07:35:15 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TXprM05EVXdPRFUxTVRrd016WTVOQT09ELPD2J4GGLPD2J4G; Domain=.youtube.com; Expires=Fri, 28-Jul-2023 07:35:15 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+502; expires=Tue, 28-Jan-2025 07:35:15 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ssl.p.jwpcdn.com/player/plugins/vast/v/8.6.2/vast.js
200 OK 30 kB URL HTTP/2 ssl.p.jwpcdn.com/player/plugins/vast/v/8.6.2/vast.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 67244f0e2065955811e3033aad234cbe
5d85caa458f4e6076fb267af7a5394eb32c9d730
e9e140bf5a83ebf6c264a3ff50fbae625fc8d692240a232b26eb7fb5af1adb9b
GET /player/plugins/vast/v/8.6.2/vast.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sblongvu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=31536000, immutable
last-modified: Mon, 22 Jul 2019 14:32:16 GMT
etag: "55abdca282a2f0a96bcde67204eb6a40"
content-type: text/plain
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 07:35:15 GMT
via: 1.1 varnish
age: 27499624
x-served-by: cache-bma1669-BMA
x-cache: HIT
x-cache-hits: 11288
x-timer: S1674977715.484011,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 29852
X-Firefox-Spdy: h2
admin.genieessp.com/app/bundles/fosjsrouting/js/router.js?_=1674977720161
200 OK 66 kB URL HTTP/2 admin.genieessp.com/app/bundles/fosjsrouting/js/router.js?_=1674977720161
IP
ASN #2519 ARTERIA Networks Corporation
Hash 19c9e66e06454c3a028738f5be2ce130
d37f7dad56bcce67ade1851561805c2eeb9ab66e
95acce9b62e1221e0871c7c645274effb4a8390cc53c3cfba9e5596559c6c57d
GET /app/bundles/fosjsrouting/js/router.js?_=1674977720161 HTTP/1.1
Host: admin.genieessp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 07:35:15 GMT
content-type: application/javascript
last-modified: Wed, 28 Nov 2018 20:11:21 GMT
etag: W/"5bfef669-332c"
cross-origin-resource-policy: cross-origin
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
count-server.sharethis.com/v2.0/get_counts?url=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&cb=stButtons.processCB&wd=true
200 OK 149 B URL HTTP/2 count-server.sharethis.com/v2.0/get_counts?url=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&cb=stButtons.processCB&wd=true
IP
File type ASCII text, with no line terminators
Hash d7a42cd6c0d21842c2899641b0462153
79595950ff850e06b02c76ffbb82be4ea961cf49
672c3b60b5c666c5a19f5d0c86270dfa669d523b0fd610f23a44c351bcd78594
GET /v2.0/get_counts?url=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&cb=stButtons.processCB&wd=true HTTP/1.1
Host: count-server.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 149
date: Sun, 29 Jan 2023 07:35:15 GMT
cache-control: no-cache, no-store, must-revalidate
etag: d7a42cd6c0d21842c2899641b0462153
apigw-requestid: ffo0EijIoAMESNw=
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HIYoJ3PTLFyFX2t6s-SFHbYUgdL5Q37vSecN3eNlNITMxniem9A6wg==
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1674977721817%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=04bf9b16458f0500a1936af43670fb45a4365cb3
200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1674977721817%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=04bf9b16458f0500a1936af43670fb45a4365cb3
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1674977721817%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=04bf9b16458f0500a1936af43670fb45a4365cb3 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:14 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Sun, 29 Jan 2023 07:35:15 GMT
content-length: 43
x-transaction-id: 5011281d10797999
strict-transport-security: max-age=631138519
x-response-time: 106
x-connection-hash: 31251e4367772b1cdabd719d168534454230fbb3a5ba6bf08e24e5ff11460969
X-Firefox-Spdy: h2
entitlements.jwplayer.com/GCCG.json
400 Bad Request 71 B URL HTTP/2 entitlements.jwplayer.com/GCCG.json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 5534f424f1d6586164a58758f3e2c51a
ef37ca3d8831aaad699430dcaa9967469542d602
f28df38bea81995fd78f9077bff2dfc9d60ee13b8c414bc426c61c0e1b0bee86
GET /GCCG.json HTTP/1.1
Host: entitlements.jwplayer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sblongvu.com
Connection: keep-alive
Referer: https://sblongvu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
accept-ranges: bytes
access-control-allow-origin: *
age: 22477
cache-control: max-age=1800, s-maxage=6420
content-type: application/json
date: Sun, 29 Jan 2023 07:35:15 GMT
last-modified: Sun, 29 Jan 2023 01:20:38 GMT
server: ECAcc (ska/F77E)
x-cache: 400-HIT
content-length: 71
X-Firefox-Spdy: h2
prd.jwpltx.com/v1/error/ping.gif?h=-1069108837&e=ers&n=7088858882406613&abc=0&aid=GCCG&=0&at=1&c=0&ccp=0&cp=0&d=0&eb=0&ed=6&emi=wphwlheq0jji&i=1&lid=jxbk47sv6e2u&lsa=set&mt=0&pbd=1&pbr=1&pgi=a7nevsjjkrpf&ph=0&pii=0&pl=0&plc=0&pli=702ldgiu9dqm&pp=&prc=1&ps=0&pss=0&pt=&pu=https%3A%2F%2Fkimcartoon.li%2F&pv=8.9.5&pyc=0&s=0&sdk=0&stc=1&stpe=0&tv=3.26.1&vl=90&wd=0&cme=0&erc=102630&flc=0&sa=1674977721914
204 No Content 0 B URL HTTP/2 prd.jwpltx.com/v1/error/ping.gif?h=-1069108837&e=ers&n=7088858882406613&abc=0&aid=GCCG&=0&at=1&c=0&ccp=0&cp=0&d=0&eb=0&ed=6&emi=wphwlheq0jji&i=1&lid=jxbk47sv6e2u&lsa=set&mt=0&pbd=1&pbr=1&pgi=a7nevsjjkrpf&ph=0&pii=0&pl=0&plc=0&pli=702ldgiu9dqm&pp=&prc=1&ps=0&pss=0&pt=&pu=https%3A%2F%2Fkimcartoon.li%2F&pv=8.9.5&pyc=0&s=0&sdk=0&stc=1&stpe=0&tv=3.26.1&vl=90&wd=0&cme=0&erc=102630&flc=0&sa=1674977721914
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/error/ping.gif?h=-1069108837&e=ers&n=7088858882406613&abc=0&aid=GCCG&=0&at=1&c=0&ccp=0&cp=0&d=0&eb=0&ed=6&emi=wphwlheq0jji&i=1&lid=jxbk47sv6e2u&lsa=set&mt=0&pbd=1&pbr=1&pgi=a7nevsjjkrpf&ph=0&pii=0&pl=0&plc=0&pli=702ldgiu9dqm&pp=&prc=1&ps=0&pss=0&pt=&pu=https%3A%2F%2Fkimcartoon.li%2F&pv=8.9.5&pyc=0&s=0&sdk=0&stc=1&stpe=0&tv=3.26.1&vl=90&wd=0&cme=0&erc=102630&flc=0&sa=1674977721914 HTTP/1.1
Host: prd.jwpltx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sblongvu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
accept-ranges: bytes
date: Sun, 29 Jan 2023 07:35:15 GMT
via: 1.1 varnish
x-served-by: cache-bma1669-BMA
x-cache: MISS
x-cache-hits: 0
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash d40905f2233c7a912ffc732a4ed1d83e
e8a70b37adb724c0d849c4d2319186ceaa7051d0
ad6ab3caef600fe46b158bcc8213efeeda071303c9ced01fa55ef627f2162cdf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 07:35:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 05:29:14 GMT
Expires: Sat, 04 Feb 2023 05:29:13 GMT
Etag: "e8a70b37adb724c0d849c4d2319186ceaa7051d0"
Cache-Control: max-age=510237,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79104a428c85b529-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash d40905f2233c7a912ffc732a4ed1d83e
e8a70b37adb724c0d849c4d2319186ceaa7051d0
ad6ab3caef600fe46b158bcc8213efeeda071303c9ced01fa55ef627f2162cdf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 07:35:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 05:29:14 GMT
Expires: Sat, 04 Feb 2023 05:29:13 GMT
Etag: "e8a70b37adb724c0d849c4d2319186ceaa7051d0"
Cache-Control: max-age=510237,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79104a428f36b524-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0cf8c73eee9b9f29f51d6f3a922b6b94
5bb14ef3206d702ef6d412c8e00870a199c20e2a
7c1e5a639dc5f02f611dd72b0ce3fad3ce89ec9940f565323622fdfc4fcfeec3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C1E5A639DC5F02F611DD72B0CE3FAD3CE89EC9940F565323622FDFC4FCFEEC3"
Last-Modified: Fri, 27 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19354
Expires: Sun, 29 Jan 2023 12:57:50 GMT
Date: Sun, 29 Jan 2023 07:35:16 GMT
Connection: keep-alive
pubmatic.com/wp-content/plugins/pardot/js/asyncdc.min.js?ver=5.8.6&_=1674977720107
403 Forbidden 118 B URL HTTP/2 pubmatic.com/wp-content/plugins/pardot/js/asyncdc.min.js?ver=5.8.6&_=1674977720107
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash bad2e8579dcdb79399aac2064216a37d
7771e4d9c60e02ce2246b5d71bb23f92b9fb8a90
58bf2215b395dcac74c009aa98701854e43cbe54a1cd3a95fee6a647ca9910d4
GET /wp-content/plugins/pardot/js/asyncdc.min.js?ver=5.8.6&_=1674977720107 HTTP/1.1
Host: pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: awselb/2.0
date: Sun, 29 Jan 2023 07:35:15 GMT
content-type: text/html
content-length: 118
set-cookie: AWSALBTG=ZdgX12AM2B/9JaqtESzdAGgTxxw9kPJtloWu8g7ijctN0yeL7JqnOUv5O5BI1xq19E1YZsEAW8Rzrq6WcoJunu8c5pMlyksw8DtANnvbxDXpF+2DHK2aExSjdYhhL+z7geUbrhfB9jiO2CTsXb9Sxp6BvuScsB565uijgFADC91lM5MXQxY=; Expires=Sun, 05 Feb 2023 07:35:15 GMT; Path=/
AWSALBTGCORS=ZdgX12AM2B/9JaqtESzdAGgTxxw9kPJtloWu8g7ijctN0yeL7JqnOUv5O5BI1xq19E1YZsEAW8Rzrq6WcoJunu8c5pMlyksw8DtANnvbxDXpF+2DHK2aExSjdYhhL+z7geUbrhfB9jiO2CTsXb9Sxp6BvuScsB565uijgFADC91lM5MXQxY=; Expires=Sun, 05 Feb 2023 07:35:15 GMT; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
pubmatic.com/wp-content/plugins/pardot/js/asyncdc.min.js?ver=5.8.6&_=1674977720161
403 Forbidden 118 B URL HTTP/2 pubmatic.com/wp-content/plugins/pardot/js/asyncdc.min.js?ver=5.8.6&_=1674977720161
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash bad2e8579dcdb79399aac2064216a37d
7771e4d9c60e02ce2246b5d71bb23f92b9fb8a90
58bf2215b395dcac74c009aa98701854e43cbe54a1cd3a95fee6a647ca9910d4
GET /wp-content/plugins/pardot/js/asyncdc.min.js?ver=5.8.6&_=1674977720161 HTTP/1.1
Host: pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: awselb/2.0
date: Sun, 29 Jan 2023 07:35:15 GMT
content-type: text/html
content-length: 118
set-cookie: AWSALBTG=niqVabCxhOMd4aqow4nJOn0yRoU1h8B0PT6v6eHmvN20YVlLcMqHDWQ2pgGmU8+/M/O2zkumZDnWzG2wMcBjcjWYJLGkVbXOVqHki66QbbOcRcBLtQaXWxE8GD4CiDEEmGbTyp1DEpeolyu1M+Oa7q0fkI3QtzuyAyJzGPtfGciycJTMq78=; Expires=Sun, 05 Feb 2023 07:35:15 GMT; Path=/
AWSALBTGCORS=niqVabCxhOMd4aqow4nJOn0yRoU1h8B0PT6v6eHmvN20YVlLcMqHDWQ2pgGmU8+/M/O2zkumZDnWzG2wMcBjcjWYJLGkVbXOVqHki66QbbOcRcBLtQaXWxE8GD4CiDEEmGbTyp1DEpeolyu1M+Oa7q0fkI3QtzuyAyJzGPtfGciycJTMq78=; Expires=Sun, 05 Feb 2023 07:35:15 GMT; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
status.geotrust.com/
200 OK 471 B IP
Hash b92362c6f29ce615063ac737e31d2a3b
093e84b8e6d9665cc89fcea00e23fb867c565c58
9156c787fdfbee286e74bf98279c143486fe235203c6aa012bc522a1f0e8bf93
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2741
Cache-Control: max-age=91733
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:16 GMT
Etag: "63d4da54-1d7"
Expires: Mon, 30 Jan 2023 09:04:09 GMT
Last-Modified: Sat, 28 Jan 2023 08:18:28 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
privacywithholdrepose.com/ac/96/89/ac9689ea4c0b75250967275b2219e87e.js
200 OK 21 kB URL HTTP/1.1 privacywithholdrepose.com/ac/96/89/ac9689ea4c0b75250967275b2219e87e.js
IP
File type HTML document, ASCII text, with very long lines (60177), with no line terminators
Hash 8a9479b0ada8674ff7a4782eba10d5d4
2598ae93b31f9e67bfb6d8ec62f34f7e0fb8d10b
901df351b151b67dc718a75bed4fb9fa5288accd148ac62b47c1f24fc45e7e90
GET /ac/96/89/ac9689ea4c0b75250967275b2219e87e.js HTTP/1.1
Host: privacywithholdrepose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sblongvu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 29 Jan 2023 07:35:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4363cf7592517ae5822b4e13f93ace2a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash c2d37fd4f1678643fc9f53dd026cd7e3
1dd8510cd853835d82892664350acccfc6715f16
6506e317135169829b64f503a456bdd7d1a28dab8985bf20c2c5534d033779af
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111698
Date: Sun, 29 Jan 2023 07:35:16 GMT
Etag: "63d5239a-1d7"
Expires: Mon, 30 Jan 2023 14:36:54 GMT
Last-Modified: Sat, 28 Jan 2023 13:31:06 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ALh7RNBCQPsTgjjn83KBKrfZyON_Qz8oxyX_PnGRgxC9eGXuQFSGeg==
Age: 3949
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash e25b2bb01da3531a94a89f59bac6b60a
5e8a6cc2fc4a30e50177cc850eadd22f48a7a968
5a13bb0bd8d910b01f1fee14820477fddb9a98970aaea7817557d143fc0d7082
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sblongvu.com
Connection: keep-alive
Referer: https://sblongvu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:16 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://sblongvu.com
access-control-allow-credentials: true
set-cookie: uid_id2=8434f2c5-f086-4713-8545-b7d6425f81f5:2:1; expires=Wed, 26 Jan 2033 07:35:16 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 29c3aadcd47a30f32512235085897891
4aeb872839929bdf0a10d2fddf3e65a9191b23bf
2514a4d02f01ccbe0c9a16be16bfe12da644971ea6d1f58c7effbf7965a30e99
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2514A4D02F01CCBE0C9A16BE16BFE12DA644971EA6D1F58C7EFFBF7965A30E99"
Last-Modified: Sat, 28 Jan 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14864
Expires: Sun, 29 Jan 2023 11:43:00 GMT
Date: Sun, 29 Jan 2023 07:35:16 GMT
Connection: keep-alive
dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
200 OK 445 B URL HTTP/1.1 dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (523)
Hash f152c14f4391a61a4222fd05e619d5b0
9f9edec1a1a089947323bc49a3d8899f500c56ed
7532a08a1a4aaaf25631feec1de5868dbd215539eed4d6f53b0b7bdbb0aef213
GET /scripts/im-uid-hook.js?cid=3929 HTTP/1.1
Host: dmp.im-apps.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Encoding: gzip
Content-Length: 445
Cache-Control: public, max-age=3600, s-maxage=10800
Date: Sun, 29 Jan 2023 07:35:16 GMT
Connection: keep-alive
Vary: Accept-Encoding
P3P: CP="NOI PSD OTR"
naveljutmistress.com/a7/a4/a3/a7a4a3d358e01b43771ddd49cda3539d.js
200 OK 11 kB URL HTTP/1.1 naveljutmistress.com/a7/a4/a3/a7a4a3d358e01b43771ddd49cda3539d.js
IP
File type ASCII text, with very long lines (32095), with no line terminators
Hash 3c8f84d1d6cb8338821cea5e875e7193
fc808be07a1b7cf1cd8b027952cc65a07c984bef
59eb4908568e7c8fa3dc74b34d7693286ec2f85e8424a010f0883edb03051c52
Analyzer Verdict Alert quad9 Sinkholed
GET /a7/a4/a3/a7a4a3d358e01b43771ddd49cda3539d.js HTTP/1.1
Host: naveljutmistress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sblongvu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 29 Jan 2023 07:35:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e3b2765b9467c14ff0be5fb918b11011
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
naveljutmistress.com/pixel/purst?dl=0&th=0&sc=0&rs=2519&rd=2519&fd=701&bv=22.10.v.9&tmpl=70
200 OK 0 B URL HTTP/1.1 naveljutmistress.com/pixel/purst?dl=0&th=0&sc=0&rs=2519&rd=2519&fd=701&bv=22.10.v.9&tmpl=70
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2519&rd=2519&fd=701&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: naveljutmistress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sblongvu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 29 Jan 2023 07:35:16 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1e715f4b3d6203337ae6dd8d49084bbf
26dbf6b4ddd31cfd6503e73dbdf8f6ed1ff710c0
64297ca762c862009d82dbba9d082fdc6a69bd37cc27297b8fd8e016def5ed84
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64297CA762C862009D82DBBA9D082FDC6A69BD37CC27297B8FD8E016DEF5ED84"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8242
Expires: Sun, 29 Jan 2023 09:52:38 GMT
Date: Sun, 29 Jan 2023 07:35:16 GMT
Connection: keep-alive
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash e25b2bb01da3531a94a89f59bac6b60a
5e8a6cc2fc4a30e50177cc850eadd22f48a7a968
5a13bb0bd8d910b01f1fee14820477fddb9a98970aaea7817557d143fc0d7082
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sblongvu.com
Connection: keep-alive
Referer: https://sblongvu.com/
Cookie: uid_id2=8434f2c5-f086-4713-8545-b7d6425f81f5:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:16 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://sblongvu.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 89231e8fe1afd89090e6a09d61430e11
11b471e4821cade1ea075b8835c892d455bfdaa2
8c78cce8f98a69e9c1c2bf45d12879b40c784288b4e79dabb296c24f94025c12
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8C78CCE8F98A69E9C1C2BF45D12879B40C784288B4E79DABB296C24F94025C12"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4274
Expires: Sun, 29 Jan 2023 08:46:30 GMT
Date: Sun, 29 Jan 2023 07:35:16 GMT
Connection: keep-alive
banquetunarmedgrater.com/advertisers.js
200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sblongvu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 29 Jan 2023 07:35:16 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f0fb84910196ea61dcd447557d6cbd44
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash b621329ff2c3dd5af0d472b5e9dbcaec
c4f63bf0f7505f642290af76003721d29c7100fc
77e6539d857736304814a44cb10399e7b83e4370f970dd5a101f44f82431565e
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 29 Jan 2023 07:35:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 28 Jan 2023 23:34:30 GMT
Expires: Sun, 29 Jan 2023 23:34:30 GMT
ETag: "c4f63bf0f7505f642290af76003721d29c7100fc"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 46c7b332aa7ceb8ad3c60797d359fb1b
76bf60e3fa9f39da69bf67961605ac8aae40b742
1411c1473901f792bc66b2dfceaadf8decdaa077481b0ef17dd5f742bd929574
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1411C1473901F792BC66B2DFCEAADF8DECDAA077481B0EF17DD5F742BD929574"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4517
Expires: Sun, 29 Jan 2023 08:50:34 GMT
Date: Sun, 29 Jan 2023 07:35:17 GMT
Connection: keep-alive
whos.amung.us/swidget/streamsbm
307 Temporary Redirect 367 B URL HTTP/2 whos.amung.us/swidget/streamsbm
IP
File type PNG image data, 80 x 15, 8-bit colormap, non-interlaced\012- data
Hash e2acc46b1a693d61703c538ad9dd4d76
e4049751dc2d7c0d225d3c8fe89ac2e65e9637b3
b9fd83bf4eca236264608795e1c33cb3ed6088962900bad0e7eea217c490d66b
GET /swidget/streamsbm HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sblongvu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Sun, 29 Jan 2023 07:35:16 GMT
content-type: text/html; charset=UTF-8
location: https://widgets.amung.us/draw/?w=small&n=19200&c=ffc20e000000&p=left
cache-control: max-age=295
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79104a43c9529900-ARN
X-Firefox-Spdy: h2
app.audiopulsar.com/js/chunk-vendors-c8085d85.5db21600.js
200 OK 90 B URL HTTP/2 app.audiopulsar.com/js/chunk-vendors-c8085d85.5db21600.js
IP
ASN #34989 ServeTheWorld AS
File type ASCII text, with no line terminators
Hash 56fc48284bda1da6545e7923d7061960
3f322cd62a85e6671bab80d64a4f36f97d442b71
f61e853f0174bd3e1f2e70c6e102d5475760f53174b14fa1d6095e49452c7c8f
GET /js/chunk-vendors-c8085d85.5db21600.js HTTP/1.1
Host: app.audiopulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:17 GMT
content-type: application/javascript
content-length: 90
server: BunnyCDN-NO1-830
cdn-pullzone: 173797
cdn-uid: 54876772-1b75-4d80-bae5-e278cce146bd
cdn-requestcountrycode: NO
vary: Accept-Encoding
cache-control: public, max-age=10800
etag: "61fcbda4-5a"
last-modified: Fri, 04 Feb 2022 05:46:12 GMT
cdn-storageserver: DE-169
cdn-fileserver: 292
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/29/2023 06:48:39
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 1d5933c53aeaab1e37f7ebacbf7665a2
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
app.audiopulsar.com/js/chunk-vendors-c964cbd5.fa658bff.js
200 OK 6.0 kB URL HTTP/2 app.audiopulsar.com/js/chunk-vendors-c964cbd5.fa658bff.js
IP
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (8092), with no line terminators
Hash c11a11a7f476b07660e5063a10b941c1
7f2361d2cf9a2626331c013b9aa9929c9cfa370e
955f9bedc0cf9e1a14324878401fd1dab743091b59edfa4e5f3d028c933d38d8
GET /js/chunk-vendors-c964cbd5.fa658bff.js HTTP/1.1
Host: app.audiopulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:17 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 173797
cdn-uid: 54876772-1b75-4d80-bae5-e278cce146bd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=10800
etag: W/"61ff8795-1f9c"
last-modified: Sun, 06 Feb 2022 08:32:21 GMT
cdn-storageserver: DE-168
cdn-fileserver: 220
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/29/2023 06:48:39
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: ab1c8eb5922b6a76232b47ce861ca47f
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
app.audiopulsar.com/js/chunk-vendors-d939e436.92da2c7d.js
200 OK 20 kB URL HTTP/2 app.audiopulsar.com/js/chunk-vendors-d939e436.92da2c7d.js
IP
ASN #34989 ServeTheWorld AS
File type Unicode text, UTF-8 text, with very long lines (55041), with NEL line terminators
Hash 5b340042ef71a07b9708ce258a0304b0
d252d67d53b0242fd270e2935534f6cebd8788d0
4362ee8ca5a9cb719d970c6d3223cb3e860870f23d83a5ed34aa461877dca906
GET /js/chunk-vendors-d939e436.92da2c7d.js HTTP/1.1
Host: app.audiopulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:17 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 173797
cdn-uid: 54876772-1b75-4d80-bae5-e278cce146bd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=10800
etag: W/"6395cc87-108e2"
last-modified: Sun, 11 Dec 2022 12:26:47 GMT
cdn-storageserver: DE-168
cdn-fileserver: 486
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/29/2023 06:48:39
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: e7ddf2a67ab92c041480b2cad02a805a
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ialaddin.genieesspv.jp/yie/ld/jsk?zoneid=1495180&cb=76040700045&charset=UTF-8&loc=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&sw=1024&sh=1280&topframe=0
200 OK 57 kB URL HTTP/2 ialaddin.genieesspv.jp/yie/ld/jsk?zoneid=1495180&cb=76040700045&charset=UTF-8&loc=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&sw=1024&sh=1280&topframe=0
IP
ASN #10010 TOKAI Communications Corporation
File type ASCII text, with very long lines (57452)
Hash 0318ea44c0dbe6fac9ec11d370bf3a89
6a2c9aab1ce955af571c2bed28af22006a780152
e9dbbc4e322e59388ef82ed19aba17fd8d73928eb70d41b055b5ccc4f5e97555
GET /yie/ld/jsk?zoneid=1495180&cb=76040700045&charset=UTF-8&loc=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&sw=1024&sh=1280&topframe=0 HTTP/1.1
Host: ialaddin.genieesspv.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:16 GMT
content-type: text/javascript; charset=UTF-8
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
content-encoding: gzip
X-Firefox-Spdy: h2
app.audiopulsar.com/js/chunk-vendors-11c2601a.ca96cfd2.js
200 OK 706 B URL HTTP/2 app.audiopulsar.com/js/chunk-vendors-11c2601a.ca96cfd2.js
IP
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (798), with no line terminators
Hash b6b0327cb8456c0d75541cb718a60135
7193ffb32801bbadc90a5b7895cc4d8cf13a5f39
41839fe4609176b5ade9b7debd0e10be945befae69d6733d8caeada292750e4a
GET /js/chunk-vendors-11c2601a.ca96cfd2.js HTTP/1.1
Host: app.audiopulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:17 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 173797
cdn-uid: 54876772-1b75-4d80-bae5-e278cce146bd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=10800
etag: W/"61ff878e-31e"
last-modified: Sun, 06 Feb 2022 08:32:14 GMT
cdn-storageserver: DE-165
cdn-fileserver: 192
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/29/2023 06:48:39
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 5b6681cda40bb22b055b6c56f8f5fae0
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
app.audiopulsar.com/js/chunk-vendors-9a9c82b2.8a3d1a2c.js
200 OK 12 kB URL HTTP/2 app.audiopulsar.com/js/chunk-vendors-9a9c82b2.8a3d1a2c.js
IP
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (25595)
Hash 59f40cbb81ade3b67e430afd18c01c19
daab0b68e6b6784bbd910d95a2c4ba02859b293b
111f1ce1d4fa9b6c974f3b9aef17f23a4e14c0ca22ac0ab49a7ec19d2db5f172
GET /js/chunk-vendors-9a9c82b2.8a3d1a2c.js HTTP/1.1
Host: app.audiopulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:17 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 173797
cdn-uid: 54876772-1b75-4d80-bae5-e278cce146bd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=10800
etag: W/"61fcbd9f-8bd9"
last-modified: Fri, 04 Feb 2022 05:46:07 GMT
cdn-storageserver: DE-169
cdn-fileserver: 246
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/29/2023 06:48:39
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 2963d6de280da9eeea65c690b8f36ffe
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ialaddin.genieesspv.jp/yie/ld/gl0?zid=1495180&asid=10261740&idx=0&cb=584cb785cf&l=IEp1OGcrqvrU99gREHLU_q8z0uxCsKizIfD9W5QNH98S5hzHX06Q6T4N7epa-Yya-_we3lUZ_KELni7-ue2wqss3E7FyI7mZnDrIZhCcYuw1yukptt2tSMotPi5IbUTJJ6Iz4JWMovk8Wt5o9fNkOhnq6uKAha8ZIENBoBbXQ-W1MdGl29LvLKSdVEuzCi4u4oXV-45zdpW70LrPxnFyjUSjKtDWO1Wl6-Wwwrv2IWAypJry_gdLZ1U2q-8nDm_ybZamlCMRJG0rXvvnOiioEkx0SjPeSWFOfNNvxsxiH_0GfEDIFUmQmFQ2fi2y2DLDM5-dMNJou3191WJRlMBmqCxcZn8_DlYYdwG2AQ0xc4TfsvH4ZNItVIp6EzBiBC6YIvU_3QbTDYENjzFaov5dyC411xvzJ6f0xdWQmaawl4pAE4A6PQc-_MTDvARvCqfKOmoks5Bj6ME5X7rJlYovAarXq5YLdZw_V7R2DgPorgRpQkK7QhP94pbrxJ-cq0dFCKBEP99KVEhNg24q6IdRp1r1Au0DXEdApaOjyO2DaWaePn7L63V2WbRzmv7J8W1rFZnGyTi57T9WgGSiQBWYsqwHKLmRiJ424ekiFG-COjyq5zCt8N_k5I2VKisutoucsqNgmkrpRpRrLTiupAgeFouNRNhaJDfc5uo802FGiIY
200 OK 43 B URL HTTP/2 ialaddin.genieesspv.jp/yie/ld/gl0?zid=1495180&asid=10261740&idx=0&cb=584cb785cf&l=IEp1OGcrqvrU99gREHLU_q8z0uxCsKizIfD9W5QNH98S5hzHX06Q6T4N7epa-Yya-_we3lUZ_KELni7-ue2wqss3E7FyI7mZnDrIZhCcYuw1yukptt2tSMotPi5IbUTJJ6Iz4JWMovk8Wt5o9fNkOhnq6uKAha8ZIENBoBbXQ-W1MdGl29LvLKSdVEuzCi4u4oXV-45zdpW70LrPxnFyjUSjKtDWO1Wl6-Wwwrv2IWAypJry_gdLZ1U2q-8nDm_ybZamlCMRJG0rXvvnOiioEkx0SjPeSWFOfNNvxsxiH_0GfEDIFUmQmFQ2fi2y2DLDM5-dMNJou3191WJRlMBmqCxcZn8_DlYYdwG2AQ0xc4TfsvH4ZNItVIp6EzBiBC6YIvU_3QbTDYENjzFaov5dyC411xvzJ6f0xdWQmaawl4pAE4A6PQc-_MTDvARvCqfKOmoks5Bj6ME5X7rJlYovAarXq5YLdZw_V7R2DgPorgRpQkK7QhP94pbrxJ-cq0dFCKBEP99KVEhNg24q6IdRp1r1Au0DXEdApaOjyO2DaWaePn7L63V2WbRzmv7J8W1rFZnGyTi57T9WgGSiQBWYsqwHKLmRiJ424ekiFG-COjyq5zCt8N_k5I2VKisutoucsqNgmkrpRpRrLTiupAgeFouNRNhaJDfc5uo802FGiIY
IP
ASN #10010 TOKAI Communications Corporation
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /yie/ld/gl0?zid=1495180&asid=10261740&idx=0&cb=584cb785cf&l=IEp1OGcrqvrU99gREHLU_q8z0uxCsKizIfD9W5QNH98S5hzHX06Q6T4N7epa-Yya-_we3lUZ_KELni7-ue2wqss3E7FyI7mZnDrIZhCcYuw1yukptt2tSMotPi5IbUTJJ6Iz4JWMovk8Wt5o9fNkOhnq6uKAha8ZIENBoBbXQ-W1MdGl29LvLKSdVEuzCi4u4oXV-45zdpW70LrPxnFyjUSjKtDWO1Wl6-Wwwrv2IWAypJry_gdLZ1U2q-8nDm_ybZamlCMRJG0rXvvnOiioEkx0SjPeSWFOfNNvxsxiH_0GfEDIFUmQmFQ2fi2y2DLDM5-dMNJou3191WJRlMBmqCxcZn8_DlYYdwG2AQ0xc4TfsvH4ZNItVIp6EzBiBC6YIvU_3QbTDYENjzFaov5dyC411xvzJ6f0xdWQmaawl4pAE4A6PQc-_MTDvARvCqfKOmoks5Bj6ME5X7rJlYovAarXq5YLdZw_V7R2DgPorgRpQkK7QhP94pbrxJ-cq0dFCKBEP99KVEhNg24q6IdRp1r1Au0DXEdApaOjyO2DaWaePn7L63V2WbRzmv7J8W1rFZnGyTi57T9WgGSiQBWYsqwHKLmRiJ424ekiFG-COjyq5zCt8N_k5I2VKisutoucsqNgmkrpRpRrLTiupAgeFouNRNhaJDfc5uo802FGiIY HTTP/1.1
Host: ialaddin.genieesspv.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 07:35:17 GMT
content-type: image/gif
content-length: 43
cross-origin-resource-policy: cross-origin
cache-control: private, max-age=0, no-cache
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
app.audiopulsar.com/ablist33.json
200 OK 81 kB URL HTTP/2 app.audiopulsar.com/ablist33.json
IP
ASN #34989 ServeTheWorld AS
Hash e569fe011d771ab35392e18c238b2aa9
61d11549d816c26c14823a10a3303a9be74232a2
d288dd7851aa66d3df88f2d33f49f0855fb2228d7afd8d120d135b185b983dd6
GET /ablist33.json HTTP/1.1
Host: app.audiopulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:17 GMT
content-type: application/json
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 173797
cdn-uid: 54876772-1b75-4d80-bae5-e278cce146bd
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=10800
last-modified: Fri, 27 Jan 2023 09:53:44 GMT
cdn-storageserver: DE-167
cdn-fileserver: 183
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 01/29/2023 07:13:38
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 8968ae902f662e61a2e2795277a3f469
cdn-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
audiencedata.im-apps.net/imuid/get?cid=3929&vid=01GQY77H67WZHVAJS88XYDAPS0
200 OK 10 B URL HTTP/1.1 audiencedata.im-apps.net/imuid/get?cid=3929&vid=01GQY77H67WZHVAJS88XYDAPS0
IP
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 190f0ca90ef9d8f401ed505b8e377411
12ad51bbdfcc081a984bbff898a0d47cc29a61dc
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
GET /imuid/get?cid=3929&vid=01GQY77H67WZHVAJS88XYDAPS0 HTTP/1.1
Host: audiencedata.im-apps.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 10
Access-Control-Allow-Origin: https://kimcartoon.li
Access-Control-Allow-Credentials: true
Date: Sun, 29 Jan 2023 07:35:17 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
app.audiopulsar.com/js/chunk-vendors-03631906.a93e6d23.js
200 OK 27 kB URL HTTP/2 app.audiopulsar.com/js/chunk-vendors-03631906.a93e6d23.js
IP
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (42649), with no line terminators
Hash 7d62cb50603cb2b5415acdc32740b838
4e471c5385bdd51ec6454c1dc8bc973ad0ce1e26
ef68b8d22ea684d82ba448004a9ede012c2075abafb020205dfd90e6711dc17d
GET /js/chunk-vendors-03631906.a93e6d23.js HTTP/1.1
Host: app.audiopulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:17 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 173797
cdn-uid: 54876772-1b75-4d80-bae5-e278cce146bd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=10800
etag: W/"61ff878d-a699"
last-modified: Sun, 06 Feb 2022 08:32:13 GMT
cdn-storageserver: DE-167
cdn-fileserver: 192
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/29/2023 06:48:39
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: f68e8bec549362988ad3eabcb9a5488d
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d3f3ce934cb2eb21660eca3d4b01022d
897e54c64971c2dea3fd802ad2c29fd936734a90
733d3b5de206471fea3d2639245379d3f272d278fb6b7e51b38494ae01678176
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "733D3B5DE206471FEA3D2639245379D3F272D278FB6B7E51B38494AE01678176"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18166
Expires: Sun, 29 Jan 2023 12:38:03 GMT
Date: Sun, 29 Jan 2023 07:35:17 GMT
Connection: keep-alive
play.adtonos.com/attc-GPJApFZhQsAzzJZzn.min.js
200 OK 3.2 kB URL HTTP/1.1 play.adtonos.com/attc-GPJApFZhQsAzzJZzn.min.js
IP
File type ASCII text, with very long lines (3176), with no line terminators
Hash 4de6d5bfd5d5b32765626f68e8c41600
aaa8b073dc15a7b743d1cb23e3da49abe9ec1978
3725290aef599ad1147b59ef9f82555987c6deb0f292e9cf0a96e870ade95f2e
GET /attc-GPJApFZhQsAzzJZzn.min.js HTTP/1.1
Host: play.adtonos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 07:35:17 GMT
Content-Type: application/javascript
Content-Length: 3176
Connection: close
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Accept-Ranges: bytes
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 4415636dcfca1aa677fe8611b1a6e0a1
09b53c7f1f934142958cfd2bc3017cacb7ada6ae
41d7588904e225a74b1604bba33d5cb5929ba67bc9d25cdd1cc10b7cc3505d9a
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 29 Jan 2023 07:35:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 29 Jan 2023 00:38:36 GMT
Expires: Mon, 30 Jan 2023 00:38:36 GMT
ETag: "09b53c7f1f934142958cfd2bc3017cacb7ada6ae"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 4415636dcfca1aa677fe8611b1a6e0a1
09b53c7f1f934142958cfd2bc3017cacb7ada6ae
41d7588904e225a74b1604bba33d5cb5929ba67bc9d25cdd1cc10b7cc3505d9a
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 29 Jan 2023 07:35:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 29 Jan 2023 00:38:36 GMT
Expires: Mon, 30 Jan 2023 00:38:36 GMT
ETag: "09b53c7f1f934142958cfd2bc3017cacb7ada6ae"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
status.geotrust.com/
200 OK 471 B IP
Hash a50376c56347b57cc9738f6e1d1db4af
52ec36fa98ef5ffeac0e89477a51da029be43b57
952e235df3b4deb2884ece1eea862f80357152a0e8f949cacf864a88a77c932e
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3314
Cache-Control: max-age=86557
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:18 GMT
Etag: "63d4c3e1-1d7"
Expires: Mon, 30 Jan 2023 07:37:55 GMT
Last-Modified: Sat, 28 Jan 2023 06:42:41 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
200 OK 471 B IP
Hash 49edc4157892cd73d9d1c6383103f6d5
c618efdc7707df571f5f8562fba402d62f4cba2f
8b326a1be475a362d2308d31a0f95dd6a2132b5ca64287f31e779ccd425a9cb1
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 706
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:18 GMT
Etag: "63d4c3e1-1d7"
Last-Modified: Sun, 29 Jan 2023 07:23:32 GMT
Server: ECS (amb/6B92)
X-Cache: HIT
Content-Length: 471
playerservices.live.streamtheworld.com/api/idsync.js?stationId=438633&bounce=true
200 OK 916 B URL HTTP/1.1 playerservices.live.streamtheworld.com/api/idsync.js?stationId=438633&bounce=true
IP
Hash 58cc50695d69b01ea2eb02b159def79b
7574561849c20c616030dd352ce38eb53892462c
11b476e272de3a05f81106ca2ebe05e1070928be36fa155102eef94d9bea03fa
GET /api/idsync.js?stationId=438633&bounce=true HTTP/1.1
Host: playerservices.live.streamtheworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Cookie: uuid-s=b4fd65c2-a7ba-4eea-ab34-1053817d694d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sun, 29 Jan 2023 07:35:18 GMT
p3p: policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=ISO-8859-1
content-language: en-US
x-stw-server: par-strc-docker02_8082
x-stw-site: PAR
access-control-allow-origin: *
connection: close
mc.yandex.ru/watch/64815175/1?wmode=7&page-url=https%3A%2F%2Fsblongvu.com%2Fe%2F8d2mivg2ncd4.html&page-ref=https%3A%2F%2Fkimcartoon.li%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1050%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1389414264197%3Ahid%3A552474721%3Az%3A0%3Ai%3A20230129073524%3Aet%3A1674977725%3Arn%3A966816509%3Arqn%3A1%3Au%3A16749777221041428871%3Aw%3A706x505%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C146%2C0%2C%2C414%2C2%2C1483%2C1483%2C0%2C1067%3Aco%3A0%3Ans%3A1674977720117%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674977725%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
200 OK 419 B URL HTTP/2 mc.yandex.ru/watch/64815175/1?wmode=7&page-url=https%3A%2F%2Fsblongvu.com%2Fe%2F8d2mivg2ncd4.html&page-ref=https%3A%2F%2Fkimcartoon.li%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1050%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1389414264197%3Ahid%3A552474721%3Az%3A0%3Ai%3A20230129073524%3Aet%3A1674977725%3Arn%3A966816509%3Arqn%3A1%3Au%3A16749777221041428871%3Aw%3A706x505%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C146%2C0%2C%2C414%2C2%2C1483%2C1483%2C0%2C1067%3Aco%3A0%3Ans%3A1674977720117%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674977725%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash a8f3abec8e320ba93d1b7d92c7f6b5c3
64717f98c3a231d8641a2c9e17829b28d632d6a4
6c9cb6e13e928ec551ec82bcf3c9761cd8e1a7e65b33ab99ed3b15197512ed51
GET /watch/64815175/1?wmode=7&page-url=https%3A%2F%2Fsblongvu.com%2Fe%2F8d2mivg2ncd4.html&page-ref=https%3A%2F%2Fkimcartoon.li%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1050%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1389414264197%3Ahid%3A552474721%3Az%3A0%3Ai%3A20230129073524%3Aet%3A1674977725%3Arn%3A966816509%3Arqn%3A1%3Au%3A16749777221041428871%3Aw%3A706x505%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C146%2C0%2C%2C414%2C2%2C1483%2C1483%2C0%2C1067%3Aco%3A0%3Ans%3A1674977720117%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674977725%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sblongvu.com
Referer: https://sblongvu.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Sun, 29 Jan 2023 07:35:18 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://sblongvu.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 29-Jan-2023 07:35:18 GMT
last-modified: Sun, 29-Jan-2023 07:35:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
playerservices.live.streamtheworld.com/api/idsync.js?stationId=170713&bounce=true
200 OK 1.4 kB URL HTTP/1.1 playerservices.live.streamtheworld.com/api/idsync.js?stationId=170713&bounce=true
IP
Hash 17f9f1b6daa5bb492c8ad2dff35e37e5
c6705857cc83c0b65fccc5aa7aa72f515e063117
9f9e414ecc919c8efb7c33ad327d82526dc92b28e36d9803231e17cac72b6622
GET /api/idsync.js?stationId=170713&bounce=true HTTP/1.1
Host: playerservices.live.streamtheworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Cookie: uuid-s=fa65982d-b767-4c46-8408-1273dd8b0cf0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sun, 29 Jan 2023 07:35:18 GMT
p3p: policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=ISO-8859-1
content-language: en-US
x-stw-server: par-strc-docker01_8082
x-stw-site: PAR
access-control-allow-origin: *
connection: close
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-175061327-2&cid=1319096645.1674977724&jid=899131571&gjid=364063718&_gid=1992553608.1674977724&_u=4GBAAQAAAAAAACAAIC~&z=694227243
200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-175061327-2&cid=1319096645.1674977724&jid=899131571&gjid=364063718&_gid=1992553608.1674977724&_u=4GBAAQAAAAAAACAAIC~&z=694227243
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-175061327-2&cid=1319096645.1674977724&jid=899131571&gjid=364063718&_gid=1992553608.1674977724&_u=4GBAAQAAAAAAACAAIC~&z=694227243 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://app.audiopulsar.com
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://app.audiopulsar.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 29 Jan 2023 07:35:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 278 B IP
Hash ed238268800d3486c6b42cae01d89702
d188cae844a8bc649c58cee4bce15fd9e83ed27a
41b08bc9a8004055c9d399973a3ddb19ac0185558f9780926b6a2930c0bd2a3d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3456
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:18 GMT
Last-Modified: Sun, 29 Jan 2023 06:37:42 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 278
cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/materialdesignicons-webfont.woff2?v=7.1.96
200 OK 392 kB URL HTTP/2 cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/materialdesignicons-webfont.woff2?v=7.1.96
IP
File type Web Open Font Format (Version 2), TrueType, length 391688, version 1.0\012- data
Size 392 kB (391688 bytes)
Hash 63b125eca92f2f7ba0e9f6594d7d8c6f
c76736806f46b3379614aff39081d6c1e08c5d22
739dc70ddd8affbac6e6a7a7cec3ff342fd28fcd77e3711a312c01845517a495
GET /npm/@mdi/font@latest/fonts/materialdesignicons-webfont.woff2?v=7.1.96 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://app.audiopulsar.com
Connection: keep-alive
Referer: https://cdn.jsdelivr.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
x-jsd-version: 7.1.96
x-jsd-version-type: version
etag: W/"5fa08-x2c2gG9GszeWFK/zkIHWweCMXSI"
accept-ranges: bytes
date: Sun, 29 Jan 2023 07:35:18 GMT
age: 1214
x-served-by: cache-fra-eddf8230045-FRA, cache-bma1674-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 391688
X-Firefox-Spdy: h2
ialaddin.genieesspv.jp/yie/ld/gl1?zid=1495170&asid=10286371&idx=0&cb=6240aac132&l=JAzEjYfxQVO62Wqb84B-xbzZwrI2zNKD9kdX6iYfIjEGjFUvB5RaZhHPLFXq2A8oFg6WaTJ3yENVVwxUnFen4XyL09qP8Jbpyu9QzicDdNvHwfWSXAd-hcotPi5IbUTJJ6Iz4JWMovk8Wt5o9fNkOu0OYliho5smjsD4j6gbGbvU05rWtpTJj9H0hzWRPF1daqBk2CSJeECsh-yeOEKmj3dTJhI4MV2YRGlTUFPV8ek2FabZBL04131o26sqmM2r4dDU9DwFwic951iDAF_9tAjsOIMpzcqlRxE9dwihtLWds23c8_jKlzL2qdCUDzfND9Z_rheGkG8blpseiB276dTQCUEapJAgYk4RPac4VO8zHP3_3VPmjQ32BKrwg-Zz5_8jNkxuTSKkILpMQxPCqyYKrHiqWFizRhkrBf6UV3TjjxZllYPf61a4CpYuxAxXtfxiVq2wKlt3qP4XaxlYgKFgoCtH9B1jS6PV6GZnn0ZGRHhU9qG_qXqbNMfhzzd-ekJZK23kWPwB-xGujiPHdc_TBwQfI9QGyFgCBP3mFvvu8iw6J7hd3-A3VgeksaOFBsdhRWVroGS3jTsu5aXZ04R8WqJgPQEKBgQ3Daek1T80CiXUUQArE47fBwlew7lxRIaM0VSbmGXqvYxAbqaACQK3l5kFdthQ
200 OK 43 B URL HTTP/2 ialaddin.genieesspv.jp/yie/ld/gl1?zid=1495170&asid=10286371&idx=0&cb=6240aac132&l=JAzEjYfxQVO62Wqb84B-xbzZwrI2zNKD9kdX6iYfIjEGjFUvB5RaZhHPLFXq2A8oFg6WaTJ3yENVVwxUnFen4XyL09qP8Jbpyu9QzicDdNvHwfWSXAd-hcotPi5IbUTJJ6Iz4JWMovk8Wt5o9fNkOu0OYliho5smjsD4j6gbGbvU05rWtpTJj9H0hzWRPF1daqBk2CSJeECsh-yeOEKmj3dTJhI4MV2YRGlTUFPV8ek2FabZBL04131o26sqmM2r4dDU9DwFwic951iDAF_9tAjsOIMpzcqlRxE9dwihtLWds23c8_jKlzL2qdCUDzfND9Z_rheGkG8blpseiB276dTQCUEapJAgYk4RPac4VO8zHP3_3VPmjQ32BKrwg-Zz5_8jNkxuTSKkILpMQxPCqyYKrHiqWFizRhkrBf6UV3TjjxZllYPf61a4CpYuxAxXtfxiVq2wKlt3qP4XaxlYgKFgoCtH9B1jS6PV6GZnn0ZGRHhU9qG_qXqbNMfhzzd-ekJZK23kWPwB-xGujiPHdc_TBwQfI9QGyFgCBP3mFvvu8iw6J7hd3-A3VgeksaOFBsdhRWVroGS3jTsu5aXZ04R8WqJgPQEKBgQ3Daek1T80CiXUUQArE47fBwlew7lxRIaM0VSbmGXqvYxAbqaACQK3l5kFdthQ
IP
ASN #10010 TOKAI Communications Corporation
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /yie/ld/gl1?zid=1495170&asid=10286371&idx=0&cb=6240aac132&l=JAzEjYfxQVO62Wqb84B-xbzZwrI2zNKD9kdX6iYfIjEGjFUvB5RaZhHPLFXq2A8oFg6WaTJ3yENVVwxUnFen4XyL09qP8Jbpyu9QzicDdNvHwfWSXAd-hcotPi5IbUTJJ6Iz4JWMovk8Wt5o9fNkOu0OYliho5smjsD4j6gbGbvU05rWtpTJj9H0hzWRPF1daqBk2CSJeECsh-yeOEKmj3dTJhI4MV2YRGlTUFPV8ek2FabZBL04131o26sqmM2r4dDU9DwFwic951iDAF_9tAjsOIMpzcqlRxE9dwihtLWds23c8_jKlzL2qdCUDzfND9Z_rheGkG8blpseiB276dTQCUEapJAgYk4RPac4VO8zHP3_3VPmjQ32BKrwg-Zz5_8jNkxuTSKkILpMQxPCqyYKrHiqWFizRhkrBf6UV3TjjxZllYPf61a4CpYuxAxXtfxiVq2wKlt3qP4XaxlYgKFgoCtH9B1jS6PV6GZnn0ZGRHhU9qG_qXqbNMfhzzd-ekJZK23kWPwB-xGujiPHdc_TBwQfI9QGyFgCBP3mFvvu8iw6J7hd3-A3VgeksaOFBsdhRWVroGS3jTsu5aXZ04R8WqJgPQEKBgQ3Daek1T80CiXUUQArE47fBwlew7lxRIaM0VSbmGXqvYxAbqaACQK3l5kFdthQ HTTP/1.1
Host: ialaddin.genieesspv.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 07:35:18 GMT
content-type: image/gif
content-length: 43
cross-origin-resource-policy: cross-origin
cache-control: private, max-age=0, no-cache
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
yield-op-idsync.live.streamtheworld.com/idsync.js?stn=PODIUM_AUDIO
200 OK 2.9 kB URL HTTP/2 yield-op-idsync.live.streamtheworld.com/idsync.js?stn=PODIUM_AUDIO
IP
Hash 6a044b929d8e6ee7a5b3dbee4768d943
0d3250765ea58afbd6454bd29f24409767cd958d
4b99e0ac372cce42f494312b6ca8b50e1e0d256a04186204210aef9991a40f05
GET /idsync.js?stn=PODIUM_AUDIO HTTP/1.1
Host: yield-op-idsync.live.streamtheworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Cookie: uuid-s=b4fd65c2-a7ba-4eea-ab34-1053817d694d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 2887
content-type: application/javascript; charset=UTF-8
date: Sun, 29 Jan 2023 07:35:19 GMT
p3p: policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-Firefox-Spdy: h2
yield-op-idsync.live.streamtheworld.com/idsync.js?stn=INSTREAMATIC
200 OK 2.2 kB URL HTTP/2 yield-op-idsync.live.streamtheworld.com/idsync.js?stn=INSTREAMATIC
IP
Hash f47beacdd0ec1f3b0ba5d6b9ab4b6ce6
4d59d0408c5642fd9a1322492b9e19f8c769230e
e7a87472642324bd5133b27fff99ec21e0eaed621b12369198c510b44167d741
GET /idsync.js?stn=INSTREAMATIC HTTP/1.1
Host: yield-op-idsync.live.streamtheworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Cookie: uuid-s=b4fd65c2-a7ba-4eea-ab34-1053817d694d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 2168
content-type: application/javascript; charset=UTF-8
date: Sun, 29 Jan 2023 07:35:19 GMT
p3p: policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 84f7b98a652765bbd430f0899ac4e416
db4075eb86464dd41e6d8c12aba1f37cbb25cdd5
6814c601026ec7c515d0419c7ae306c3f4e53a59df7993db6eb32892ae20bfe7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 29 Jan 2023 07:35:19 GMT
Last-Modified: Sun, 29 Jan 2023 06:22:36 GMT
Server: ECS (nyb/1D24)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lh8i7doJ9pxhky3JF_loqSph2a8YVHRlU2RH7mUroUE5zSqE4iilfA==
Age: 4363
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 84f7b98a652765bbd430f0899ac4e416
db4075eb86464dd41e6d8c12aba1f37cbb25cdd5
6814c601026ec7c515d0419c7ae306c3f4e53a59df7993db6eb32892ae20bfe7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=117419
Date: Sun, 29 Jan 2023 07:35:19 GMT
Etag: "63d535e2-1d7"
Expires: Mon, 30 Jan 2023 16:12:18 GMT
Last-Modified: Sat, 28 Jan 2023 14:49:06 GMT
Server: ECS (dcb/7EA7)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: OdDBzcluCPfP0EJmchYBkwOuyq9YPyWzW4CtwK7iS-gh1CAtqijwlg==
Age: 4992
podiums.link/widget/context/?h=970ac124a8427374029dc13a19f4a4f4d0fbe07a4d3144c36a4df0cb87e1636f&mode=keywords&blockedg=1
204 No Content 0 B URL HTTP/2 podiums.link/widget/context/?h=970ac124a8427374029dc13a19f4a4f4d0fbe07a4d3144c36a4df0cb87e1636f&mode=keywords&blockedg=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /widget/context/?h=970ac124a8427374029dc13a19f4a4f4d0fbe07a4d3144c36a4df0cb87e1636f&mode=keywords&blockedg=1 HTTP/1.1
Host: podiums.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://app.audiopulsar.com/
Origin: https://app.audiopulsar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 29 Jan 2023 07:35:19 GMT
x-powered-by: Express
access-control-allow-origin: https://app.audiopulsar.com
vary: Origin, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: content-type
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/gen.js?type=1
200 OK 19 kB URL HTTP/2 ads.themoneytizer.com/s/gen.js?type=1
IP
ASN #60068 Datacamp Limited
Hash 98e0310be2a13073110e372ab27e5cd0
e766d443f2bfa9a2b754151d3520269095592f6f
7b04888cf2ea3d3332cb1e08042f4e4c9434fc456a91b97c29544665de7cf209
GET /s/gen.js?type=1 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:18 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1675400651
server: CDN77-Turbo
x-77-nzt: AblMCRT1bI7/a8YCAA
x-77-nzt-ray: af5856309710f2d6b621d66324c27b34
x-cache: HIT
x-age: 181867
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
eehuzaih.com/impression/NY1-Cpp_6ThMs_uaX9EsASrVFKo5GpqPMIzRtkWkZhchNnQDltVCDTsGyuOvTsOrgccuP3heeSvbeyDtGWbpYN_dco6aWT-WF4WbJyvuFPoZdYhGyWurkNhZkPw-WFeytxLtNaJbYaszEVKXggveqZORcGcbg05iqGSUEpTp-KOjuP_TVKQSmQLlb6LtPHmG7j4lNM7sfTFQEDUy-wIghJY6-9HBfYVHLvzbCjZxe9qhHMM8Zfxe-ruSWfcxLACfKzrsfhwYNyg4b2-keCkNnXTOixGMdpm8fRVZTRK2cdrOpczYBaigpzR7HD8kQgbD-95ObmDv-beAL5AeHBvhfKar2LcOBFoRuVjFZiI8vHeLOrH_vGopIkY8_CcRq_uhd-7IsZDl7Td3U8q-oAInQH1aIU5XpKxHBOXa6a7-uGs0uE4sD-ZxXwOuP8OnTVBH7kxnf8Xyu7zaXr2-8gdiyp_7Xyudc2Yv2yy6lRLP9aDiKl7AsL-Au0akGCJ1p2jqPm1SqB4MxVq1rpPP?_z=5021804&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=9&pl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
200 OK 43 B URL HTTP/2 eehuzaih.com/impression/NY1-Cpp_6ThMs_uaX9EsASrVFKo5GpqPMIzRtkWkZhchNnQDltVCDTsGyuOvTsOrgccuP3heeSvbeyDtGWbpYN_dco6aWT-WF4WbJyvuFPoZdYhGyWurkNhZkPw-WFeytxLtNaJbYaszEVKXggveqZORcGcbg05iqGSUEpTp-KOjuP_TVKQSmQLlb6LtPHmG7j4lNM7sfTFQEDUy-wIghJY6-9HBfYVHLvzbCjZxe9qhHMM8Zfxe-ruSWfcxLACfKzrsfhwYNyg4b2-keCkNnXTOixGMdpm8fRVZTRK2cdrOpczYBaigpzR7HD8kQgbD-95ObmDv-beAL5AeHBvhfKar2LcOBFoRuVjFZiI8vHeLOrH_vGopIkY8_CcRq_uhd-7IsZDl7Td3U8q-oAInQH1aIU5XpKxHBOXa6a7-uGs0uE4sD-ZxXwOuP8OnTVBH7kxnf8Xyu7zaXr2-8gdiyp_7Xyudc2Yv2yy6lRLP9aDiKl7AsL-Au0akGCJ1p2jqPm1SqB4MxVq1rpPP?_z=5021804&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=9&pl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/NY1-Cpp_6ThMs_uaX9EsASrVFKo5GpqPMIzRtkWkZhchNnQDltVCDTsGyuOvTsOrgccuP3heeSvbeyDtGWbpYN_dco6aWT-WF4WbJyvuFPoZdYhGyWurkNhZkPw-WFeytxLtNaJbYaszEVKXggveqZORcGcbg05iqGSUEpTp-KOjuP_TVKQSmQLlb6LtPHmG7j4lNM7sfTFQEDUy-wIghJY6-9HBfYVHLvzbCjZxe9qhHMM8Zfxe-ruSWfcxLACfKzrsfhwYNyg4b2-keCkNnXTOixGMdpm8fRVZTRK2cdrOpczYBaigpzR7HD8kQgbD-95ObmDv-beAL5AeHBvhfKar2LcOBFoRuVjFZiI8vHeLOrH_vGopIkY8_CcRq_uhd-7IsZDl7Td3U8q-oAInQH1aIU5XpKxHBOXa6a7-uGs0uE4sD-ZxXwOuP8OnTVBH7kxnf8Xyu7zaXr2-8gdiyp_7Xyudc2Yv2yy6lRLP9aDiKl7AsL-Au0akGCJ1p2jqPm1SqB4MxVq1rpPP?_z=5021804&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=9&pl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Cookie: OAID=dc2e446b0e3f457db033c6f0ea90817c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 07:35:19 GMT
content-type: image/gif
content-length: 43
x-trace-id: 57a104c0fd6becbb15217dea96617bc4
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 32bd7a8ca6fac31744c96401a4182f94
fb849be23415c166108489e5df97d65ff9d00f73
d89baf9cf9137566693ae42c785e47c123513f1afe53fed283449e58548413ce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2391
Cache-Control: max-age=101140
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:19 GMT
Etag: "63d50074-118"
Expires: Mon, 30 Jan 2023 11:40:59 GMT
Last-Modified: Sat, 28 Jan 2023 11:01:08 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 312 B IP
Hash 6dc58e758ed52d1989669c8f61a821ef
d43c374f872456426bb135d8f090d595dda25204
cda1d2b9bc4299b3ddf9b089c4f2444da080139eec22ab6af83dff81df69815f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3090
Cache-Control: max-age=111539
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:19 GMT
Etag: "63d52658-138"
Expires: Mon, 30 Jan 2023 14:34:18 GMT
Last-Modified: Sat, 28 Jan 2023 13:42:48 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 312
c.tmyzer.com/c/?s=92736&f=1&fi=99
200 OK 0 B URL HTTP/1.1 c.tmyzer.com/c/?s=92736&f=1&fi=99
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=92736&f=1&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 07:35:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
X-IPLB-Request-ID: 5B5A2A9A:F8D8_36264064:01BB_63D621B7_1E7580F:28F21
X-IPLB-Instance: 38431
onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1674977725637
204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1674977725637
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=2a897e3f18e6769&cb=1674977725637 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
tag.leadplace.fr/libJsLP.js
200 OK 5.5 kB URL HTTP/1.1 tag.leadplace.fr/libJsLP.js
IP
Hash a0c24f993bc0901cfe62d1e801cb2b45
7eb2bdce06161ae486bc8e7ecd0b5c9c4f7b2984
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
GET /libJsLP.js HTTP/1.1
Host: tag.leadplace.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 29 Jan 2023 07:35:19 GMT
Content-Type: application/javascript
Content-Length: 5547
Last-Modified: Thu, 14 Oct 2021 07:27:52 GMT
ETag: "6167dbf8-15ab"
Accept-Ranges: bytes
X-IPLB-Request-ID: 5B5A2A9A:259B_91EFC0A6:01BB_63D621B7_6601D045:237B7
X-IPLB-Instance: 30195
play.adtonos.com/attc-GPJApFZhQsAzzJZzn.min.js
200 OK 3.2 kB URL HTTP/1.1 play.adtonos.com/attc-GPJApFZhQsAzzJZzn.min.js
IP
File type ASCII text, with very long lines (3176), with no line terminators
Hash 4de6d5bfd5d5b32765626f68e8c41600
aaa8b073dc15a7b743d1cb23e3da49abe9ec1978
3725290aef599ad1147b59ef9f82555987c6deb0f292e9cf0a96e870ade95f2e
GET /attc-GPJApFZhQsAzzJZzn.min.js HTTP/1.1
Host: play.adtonos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 07:35:19 GMT
Content-Type: application/javascript
Content-Length: 3176
Connection: close
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Accept-Ranges: bytes
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://app.audiopulsar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:33:54 GMT
expires: Thu, 25 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 302485
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
app.audiopulsar.com/css/chunk-vendors-c8085d85.935abeb1.css
200 OK 24 kB URL HTTP/2 app.audiopulsar.com/css/chunk-vendors-c8085d85.935abeb1.css
IP
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (65536), with no line terminators
Hash 968885a254abcab4bce1fcf7255c617b
83acb7da9ddb8d789d5e9681cdac66cb3849f42f
9cf969ba1b65136a5151aee8d1d59141ca2f1eb5105383a333832942f8ff6b4e
GET /css/chunk-vendors-c8085d85.935abeb1.css HTTP/1.1
Host: app.audiopulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:17 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 173797
cdn-uid: 54876772-1b75-4d80-bae5-e278cce146bd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=10800
etag: W/"61fcbd30-3a914"
last-modified: Fri, 04 Feb 2022 05:44:16 GMT
cdn-storageserver: DE-168
cdn-fileserver: 292
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/29/2023 06:48:39
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: b77a6558c19f864811027b221b097d24
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.teads.tv/analytics/tag.js
200 OK 3.4 kB URL HTTP/2 a.teads.tv/analytics/tag.js
IP
File type ASCII text, with very long lines (4822)
Hash 6ddfb3a828a563a7719081ff9aeedaba
80286455b7c85311df5f997714b83380ac02fd6d
826524e59a21d4190f923f804a17db1513e1ee3cb4a5ed12f3bb6a5b4f370835
GET /analytics/tag.js HTTP/1.1
Host: a.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +hi3J8gLh7odTbzzwPTTi1cNLRiMIMeCbLwhFS3fdhvnkPc6F/KidF+aylAlaVgqP4umQC5X3TY=
x-amz-request-id: VYTSDGA8QVA7F7Y0
last-modified: Wed, 02 Nov 2022 09:38:15 GMT
etag: "6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption: AES256
x-amz-version-id: Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
accept-ranges: bytes
content-type: text/javascript;charset=utf-8
content-length: 3391
cache-control: private, max-age=3600
date: Sun, 29 Jan 2023 07:35:19 GMT
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
ced.sascdn.com/tag/1097/smart.js
200 OK 33 kB URL HTTP/1.1 ced.sascdn.com/tag/1097/smart.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash ab5d7bcba6f9bbe86e71d3f75061efc8
bf137eb7dc8285e29d986f6b8f3272f6f979bc0e
a973cdadddcd9ba18f6e262f602d39e091090e4a94ac036b3fc4f7428e5b84e6
GET /tag/1097/smart.js HTTP/1.1
Host: ced.sascdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 32964
Cache-Control: public, max-age=7200
Expires: Sun, 29 Jan 2023 09:35:19 GMT
Date: Sun, 29 Jan 2023 07:35:19 GMT
Connection: keep-alive
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
200 OK 26 kB URL HTTP/1.1 d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
IP
File type ASCII text, with very long lines (16085)
Hash 8703fc9eead243fe2f47380e962d7fa2
3d9f707259112fa9ccdd1e676f00eadcff71906c
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
GET /a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js HTTP/1.1
Host: d2zur9cc2gf1tx.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 25704
Connection: keep-alive
Accept-Ranges: bytes
Date: Sun, 29 Jan 2023 02:21:24 GMT
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
X-Cache: Hit from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MQkisRFj9p7saquKaf5nCNK0o6glyzJtDn-oaw0FruXApYZP_PTInA==
Age: 18835
app.audiopulsar.com/css/app-748942c6.d656da67.css
200 OK 1.3 kB URL HTTP/2 app.audiopulsar.com/css/app-748942c6.d656da67.css
IP
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (4598), with no line terminators
Hash 4954968dca9f027bbe521b9e012836dd
11f8905c7f70135612979bccd4b0609062d91497
74cd27a4c16e195e95dfcd612faf0d98ab90c55be4f423d3d2a53d650eb39891
GET /css/app-748942c6.d656da67.css HTTP/1.1
Host: app.audiopulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:17 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 173797
cdn-uid: 54876772-1b75-4d80-bae5-e278cce146bd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=10800
etag: W/"63c98e1d-11f6"
last-modified: Thu, 19 Jan 2023 18:38:21 GMT
cdn-storageserver: DE-168
cdn-fileserver: 502
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/29/2023 06:48:39
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 80bc1f3baee5305f6f893720353d13e8
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
play.adtonos.com/ptr/GPJApFZhQsAzzJZzn/px.gif
200 OK 42 B URL HTTP/1.1 play.adtonos.com/ptr/GPJApFZhQsAzzJZzn/px.gif
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ptr/GPJApFZhQsAzzJZzn/px.gif HTTP/1.1
Host: play.adtonos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 07:35:19 GMT
Content-Type: image/gif
Content-Length: 42
Connection: close
X-Powered-By: Express
Set-Cookie: ulid=01GQY77DDG7YKGPW4DW61ZYC52; Max-Age=31536000; Domain=.adtonos.com; Path=/; Expires=Mon, 29 Jan 2024 07:35:19 GMT; HttpOnly; Secure; SameSite=None
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Cache-Control: no-cache, no-store, must-revalidate, no-transform
js.genieessp.com/t/495/170/a1495170.js
200 OK 3.7 kB URL HTTP/2 js.genieessp.com/t/495/170/a1495170.js
IP
ASN #10010 TOKAI Communications Corporation
Hash fe8d41296b341212f1838f3fb0cf5c53
ef86afb4890afac38484b975565f4c2e09445cbf
2930d5548678ce21d1d925feb74fea8be750010f703f9a1d3cd77cf54580a02e
GET /t/495/170/a1495170.js HTTP/1.1
Host: js.genieessp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 07:35:16 GMT
content-type: application/javascript
last-modified: Thu, 10 Nov 2022 06:30:29 GMT
etag: W/"636c9a85-200e"
cross-origin-resource-policy: cross-origin
expires: Sun, 29 Jan 2023 07:50:16 GMT
cache-control: max-age=900, private
content-encoding: gzip
X-Firefox-Spdy: h2
app.audiopulsar.com/css/chunk-vendors-0f485567.decf96ad.css
200 OK 14 kB URL HTTP/2 app.audiopulsar.com/css/chunk-vendors-0f485567.decf96ad.css
IP
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (58849)
Hash fe69b3ae064a1065a00869479631ca5f
98b822bb21b70124b485e5b77c05726982b343fb
59c8033260805269cb71e438790f09e93c62ac64f199e1524f9a708130bea98a
GET /css/chunk-vendors-0f485567.decf96ad.css HTTP/1.1
Host: app.audiopulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:17 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 173797
cdn-uid: 54876772-1b75-4d80-bae5-e278cce146bd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=10800
etag: W/"61fcbd22-e697"
last-modified: Fri, 04 Feb 2022 05:44:02 GMT
cdn-storageserver: DE-200
cdn-fileserver: 247
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/29/2023 06:48:39
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 4f0e6fe6c6dfd111d74b5963c89e928a
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash aadfbc8f576d94ec450a29424aaae366
08a5718386f99984658ab778d9d13538c8945de7
0e5e81a010f6df4591da74a157eba03589e0fc00ecaf982cc55af035c4be3433
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2846
Cache-Control: max-age=127139
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:19 GMT
Etag: "63d5643c-1d7"
Expires: Mon, 30 Jan 2023 18:54:18 GMT
Last-Modified: Sat, 28 Jan 2023 18:06:52 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ps.eyeota.net/pixel?pid=4o6efvu&t=ajs&cat=858
200 OK 0 B URL HTTP/1.1 ps.eyeota.net/pixel?pid=4o6efvu&t=ajs&cat=858
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?pid=4o6efvu&t=ajs&cat=858 HTTP/1.1
Host: ps.eyeota.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Set-Cookie: SERVERID=17298~DM; Domain=eyeota.net; Path=/; Expires=Sun, 29 Jan 2023 07:45:19 GMT; Secure; SameSite=None;
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Content-Length: 0
Date: Sun, 29 Jan 2023 07:35:19 GMT
playerservices.live.streamtheworld.com/api/idsync.js?stationId=438633
200 OK 1.2 kB URL HTTP/1.1 playerservices.live.streamtheworld.com/api/idsync.js?stationId=438633
IP
Hash 55772961cb9c9e9092f85d3c094e2481
48a05e6b814d7b2c3f5a8d3f64a5d4330ad7690f
92ee8b25f791e6d59771b3475e0138cb33c52911d535ed9fc49764aa98bc0a70
GET /api/idsync.js?stationId=438633 HTTP/1.1
Host: playerservices.live.streamtheworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Cookie: uuid-s=b4fd65c2-a7ba-4eea-ab34-1053817d694d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sun, 29 Jan 2023 07:35:19 GMT
p3p: policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=ISO-8859-1
content-language: en-US
x-stw-server: par-strc-docker03_8082
x-stw-site: PAR
access-control-allow-origin: *
connection: close
ocsp.sectigo.com/
200 OK 471 B IP
Hash 5c00a6b71849e1f63887d38333830003
274723ffd4a062e1997a213ceeeab8a56ac83141
5e15ea6950fd4aa51af37519ac391c2c95cfd74ded6ac6e35432ccf68c70cb23
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 07:35:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 01:56:49 GMT
Expires: Sat, 04 Feb 2023 01:56:48 GMT
Etag: "274723ffd4a062e1997a213ceeeab8a56ac83141"
Cache-Control: max-age=497488,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79104a5d2de8b524-OSL
app.audiopulsar.com/js/app-4faec1a7.fd2b4571.js
200 OK 9.7 kB URL HTTP/2 app.audiopulsar.com/js/app-4faec1a7.fd2b4571.js
IP
ASN #34989 ServeTheWorld AS
File type Unicode text, UTF-8 text, with very long lines (65486), with no line terminators
Hash bf7cab53e3a63119e40c2f65c61843ce
d6104ee720476b2830c1a4611b3737870ea0d247
737fdb93969e035958c45df35bafb7773961734dde53a935e577d76ce97671e4
GET /js/app-4faec1a7.fd2b4571.js HTTP/1.1
Host: app.audiopulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:17 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 173797
cdn-uid: 54876772-1b75-4d80-bae5-e278cce146bd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=10800
etag: W/"6364f091-147be"
last-modified: Fri, 04 Nov 2022 10:59:29 GMT
cdn-storageserver: DE-164
cdn-fileserver: 287
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/29/2023 06:48:39
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 048ab2f2ecc8ec092e01161f7e51f415
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
mc.yandex.ru/watch/64815175?wmode=7&page-url=https%3A%2F%2Fsblongvu.com%2Fe%2F8d2mivg2ncd4.html&page-ref=https%3A%2F%2Fkimcartoon.li%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1050%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1389414264197%3Ahid%3A552474721%3Az%3A0%3Ai%3A20230129073524%3Aet%3A1674977725%3Arn%3A966816509%3Arqn%3A1%3Au%3A16749777221041428871%3Aw%3A706x505%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C146%2C0%2C%2C414%2C2%2C1483%2C1483%2C0%2C1067%3Aco%3A0%3Ans%3A1674977720117%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674977725%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
302 Found 43 B URL HTTP/2 mc.yandex.ru/watch/64815175?wmode=7&page-url=https%3A%2F%2Fsblongvu.com%2Fe%2F8d2mivg2ncd4.html&page-ref=https%3A%2F%2Fkimcartoon.li%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1050%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1389414264197%3Ahid%3A552474721%3Az%3A0%3Ai%3A20230129073524%3Aet%3A1674977725%3Arn%3A966816509%3Arqn%3A1%3Au%3A16749777221041428871%3Aw%3A706x505%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C146%2C0%2C%2C414%2C2%2C1483%2C1483%2C0%2C1067%3Aco%3A0%3Ans%3A1674977720117%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674977725%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /watch/64815175?wmode=7&page-url=https%3A%2F%2Fsblongvu.com%2Fe%2F8d2mivg2ncd4.html&page-ref=https%3A%2F%2Fkimcartoon.li%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1050%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1389414264197%3Ahid%3A552474721%3Az%3A0%3Ai%3A20230129073524%3Aet%3A1674977725%3Arn%3A966816509%3Arqn%3A1%3Au%3A16749777221041428871%3Aw%3A706x505%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C146%2C0%2C%2C414%2C2%2C1483%2C1483%2C0%2C1067%3Aco%3A0%3Ans%3A1674977720117%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674977725%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sblongvu.com
Connection: keep-alive
Referer: https://sblongvu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/64815175/1?wmode=7&page-url=https%3A%2F%2Fsblongvu.com%2Fe%2F8d2mivg2ncd4.html&page-ref=https%3A%2F%2Fkimcartoon.li%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1050%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1389414264197%3Ahid%3A552474721%3Az%3A0%3Ai%3A20230129073524%3Aet%3A1674977725%3Arn%3A966816509%3Arqn%3A1%3Au%3A16749777221041428871%3Aw%3A706x505%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C146%2C0%2C%2C414%2C2%2C1483%2C1483%2C0%2C1067%3Aco%3A0%3Ans%3A1674977720117%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674977725%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Sun, 29 Jan 2023 07:35:18 GMT
access-control-allow-origin: https://sblongvu.com
set-cookie: yabs-sid=2031680281674977718; Path=/; SameSite=None; Secure
i=GViH3j6Zem93+Xa/ssaGMQ3C55GP6q2a1sCZtTkWaB9ZxSGfwqwbL4539+XPqJq50M+1bcIpaKCDbQa6sZW/4valmRE=; Expires=Wed, 26-Jan-2033 07:35:17 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=1549942481674977718; Expires=Mon, 29-Jan-2024 07:35:18 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1549942481674977718; Expires=Mon, 29-Jan-2024 07:35:18 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706513718.yc.1674977718#1706513718.yrts.1674977718#1706513718.yrtsi.1674977718; Expires=Mon, 29-Jan-2024 07:35:18 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 29-Jan-2023 07:35:18 GMT
last-modified: Sun, 29-Jan-2023 07:35:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
yield-op-idsync.live.streamtheworld.com/idsync.js?stn=INSTREAMATIC
200 OK 2.2 kB URL HTTP/2 yield-op-idsync.live.streamtheworld.com/idsync.js?stn=INSTREAMATIC
IP
Hash f47beacdd0ec1f3b0ba5d6b9ab4b6ce6
4d59d0408c5642fd9a1322492b9e19f8c769230e
e7a87472642324bd5133b27fff99ec21e0eaed621b12369198c510b44167d741
GET /idsync.js?stn=INSTREAMATIC HTTP/1.1
Host: yield-op-idsync.live.streamtheworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Cookie: uuid-s=b4fd65c2-a7ba-4eea-ab34-1053817d694d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 2168
content-type: application/javascript; charset=UTF-8
date: Sun, 29 Jan 2023 07:35:19 GMT
p3p: policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-Firefox-Spdy: h2
podiums.link/widget/context/?h=970ac124a8427374029dc13a19f4a4f4d0fbe07a4d3144c36a4df0cb87e1636f&mode=keywords&blockedg=1
200 OK 4.2 kB URL HTTP/2 podiums.link/widget/context/?h=970ac124a8427374029dc13a19f4a4f4d0fbe07a4d3144c36a4df0cb87e1636f&mode=keywords&blockedg=1
IP
Hash b29c2bdc38a73fbb005297507d904445
1f8fc022f58a23c3ed7a5cc1afa2c2f9d807362b
440706d0cf1a54232496ba3afe841e347917f518cc18fda7f3ae0cd7129882b0
POST /widget/context/?h=970ac124a8427374029dc13a19f4a4f4d0fbe07a4d3144c36a4df0cb87e1636f&mode=keywords&blockedg=1 HTTP/1.1
Host: podiums.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 92
Origin: https://app.audiopulsar.com
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:19 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-origin: https://app.audiopulsar.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: public, max-age=43200
etag: W/"2748-KRrWpALZxM7xfk9aWiZrsSk76CI"
content-encoding: gzip
X-Firefox-Spdy: h2
yield-op-idsync.live.streamtheworld.com/idsync.js?stn=PODIUM_AUDIO
200 OK 2.9 kB URL HTTP/2 yield-op-idsync.live.streamtheworld.com/idsync.js?stn=PODIUM_AUDIO
IP
Hash 6a044b929d8e6ee7a5b3dbee4768d943
0d3250765ea58afbd6454bd29f24409767cd958d
4b99e0ac372cce42f494312b6ca8b50e1e0d256a04186204210aef9991a40f05
GET /idsync.js?stn=PODIUM_AUDIO HTTP/1.1
Host: yield-op-idsync.live.streamtheworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Cookie: uuid-s=b4fd65c2-a7ba-4eea-ab34-1053817d694d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 2887
content-type: application/javascript; charset=UTF-8
date: Sun, 29 Jan 2023 07:35:19 GMT
p3p: policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash e2d4d6ce7f7429d82966d6d9dc16356b
fcd4edfef113db414c102864a1a4e3a38c23e9c9
97f329ca52876a991e1bd435d8841a0a0f7b657e5c6312390421f236d6cd3b90
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 07:35:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 20:45:24 GMT
Expires: Wed, 01 Feb 2023 20:45:23 GMT
Etag: "fcd4edfef113db414c102864a1a4e3a38c23e9c9"
Cache-Control: max-age=306003,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79104a5aec23b529-OSL
x.bidswitch.net/sync?ssp=triton&stn=INSTREAMATIC
302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?ssp=triton&stn=INSTREAMATIC
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=triton&stn=INSTREAMATIC HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 29 Jan 2023 07:35:19 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?ssp=triton&stn=INSTREAMATIC
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=1504a021-df2d-4399-9cac-f0b63ff86812; path=/; expires=Mon, 29-Jan-2024 07:35:19 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674977719; path=/; expires=Mon, 29-Jan-2024 07:35:19 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1674977719; path=/; expires=Mon, 29-Jan-2024 07:35:19 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674977719; path=/; expires=Mon, 29-Jan-2024 07:35:19 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
x.bidswitch.net/sync?ssp=triton&stn=PODIUM_AUDIO
302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?ssp=triton&stn=PODIUM_AUDIO
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=triton&stn=PODIUM_AUDIO HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 29 Jan 2023 07:35:19 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?ssp=triton&stn=PODIUM_AUDIO
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=c1402026-44b2-49f7-a5b0-25c30a217a57; path=/; expires=Mon, 29-Jan-2024 07:35:19 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674977719; path=/; expires=Mon, 29-Jan-2024 07:35:19 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1674977719; path=/; expires=Mon, 29-Jan-2024 07:35:19 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674977719; path=/; expires=Mon, 29-Jan-2024 07:35:19 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3e863faa386be5424a5d4a452860ccbd
ceee8a9b940473ca6678375d68b2989c074d5175
678aa5fb1efcb394a85ca175ef644b9585d8cb5dc1c55a2331a8af0f3a601571
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "678AA5FB1EFCB394A85CA175EF644B9585D8CB5DC1C55A2331A8AF0F3A601571"
Last-Modified: Sat, 28 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8713
Expires: Sun, 29 Jan 2023 10:00:32 GMT
Date: Sun, 29 Jan 2023 07:35:19 GMT
Connection: keep-alive
ib.adnxs.com/getuid?https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=$UID&pubId=28003
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=$UID&pubId=28003
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=$UID&pubId=28003 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 07:35:19 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dan%26uid%3D%24UID%26pubId%3D28003
AN-X-Request-Uuid: d1aa29e2-ede2-4c05-89d9-588a6b239665
Set-Cookie: uuid2=6358148631226702134; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 29-Apr-2023 07:35:19 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
app.audiopulsar.com/js/chunk-vendors-7d359b94.d6d8123e.js
200 OK 17 kB URL HTTP/2 app.audiopulsar.com/js/chunk-vendors-7d359b94.d6d8123e.js
IP
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (36731)
Hash afc7ee16a2d6fc43fb87f0cfe18dcb1f
8cb71c27b20efe4f00e2ec7cef991219e0c6d50a
4feaa144ac69e069918e7236e7cf1ce1e1765a2bbff015bcc3db07bf9aacbda6
GET /js/chunk-vendors-7d359b94.d6d8123e.js HTTP/1.1
Host: app.audiopulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:17 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 173797
cdn-uid: 54876772-1b75-4d80-bae5-e278cce146bd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=10800
etag: W/"61ff8793-d698"
last-modified: Sun, 06 Feb 2022 08:32:19 GMT
cdn-storageserver: DE-167
cdn-fileserver: 192
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/29/2023 06:48:39
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 0ba74353613a2b9e6d3f3987b5f6e5fa
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fkimcartoon.li%2FAds%2Fgeniee728.aspx&id=MTIZ
200 OK 0 B URL HTTP/1.1 tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fkimcartoon.li%2FAds%2Fgeniee728.aspx&id=MTIZ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wckr.php?ref=https%3A%2F%2Fkimcartoon.li%2FAds%2Fgeniee728.aspx&id=MTIZ HTTP/1.1
Host: tag.leadplace.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 29 Jan 2023 07:35:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Request-ID: 5B5A2A9A:259B_91EFC0A6:01BB_63D621B7_6601D04B:237B7
X-IPLB-Instance: 30195
p.cpx.to/p/12763/px.js
200 OK 2.0 kB IP
File type ASCII text, with very long lines (1990), with no line terminators
Hash 040d580a48229902c683623ac1d066a1
be6ca2aa413481fd7350c5c6cf5658c65dccb513
6e7ec1538f64f09356d095457fa3387b84619a8f32db7708a4a21957e7d33a3d
GET /p/12763/px.js HTTP/1.1
Host: p.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2419200, public
Content-Type: application/javascript; charset=UTF-8
Date: Sun, 29 Jan 2023 07:35:19 GMT
Content-Length: 1990
Connection: keep-alive
id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
200 43 B URL HTTP/1.1 id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /i/12/9.gif?gdpr=&gdpr_consent= HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Sun, 29-Jan-2023 07:40:20 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Sun, 29-Jan-2023 07:40:20 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Sun, 29-Jan-2023 07:40:20 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Sun, 29-Jan-2023 07:40:20 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Sun, 29-Jan-2023 07:40:20 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Sun, 29-Jan-2023 07:40:20 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Sun, 29 Jan 2023 07:35:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
200 OK 32 kB URL HTTP/2 gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP
Hash 37c86d0a015ad78aff0a5454ddfc4634
201a22a182cdc1db2f7e888e7b3ddf54c9301dc2
57785c5cdf210890e5e37dc2cb54ea967c8239889f33a9e9fab8d39cc5d95d73
GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:19 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 1046754
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
rtb.adentifi.com/CookieSyncTriton?redirect=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dadt%26uid%3D%24UID%26pubId%3D65843
204 No Content 0 B URL HTTP/2 rtb.adentifi.com/CookieSyncTriton?redirect=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dadt%26uid%3D%24UID%26pubId%3D65843
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /CookieSyncTriton?redirect=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dadt%26uid%3D%24UID%26pubId%3D65843 HTTP/1.1
Host: rtb.adentifi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 29 Jan 2023 07:35:20 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash beca1c13250ab9e129a471e617b892ee
23ca6b11b737cec8184747192a356cd919de6b7a
22020092ea6145831e550e3f5311043a8ee0e2bef26259b5711cace3c8ca0197
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3115
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:20 GMT
Last-Modified: Sun, 29 Jan 2023 06:43:26 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dan%26uid%3D%24UID%26pubId%3D65843
302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dan%26uid%3D%24UID%26pubId%3D65843
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dan%26uid%3D%24UID%26pubId%3D65843 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 07:35:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=0&pubId=65843
AN-X-Request-Uuid: ab33fd2f-7622-400f-b725-dd80d3945b73
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x.bidswitch.net/ul_cb/sync?ssp=triton&stn=INSTREAMATIC
200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?ssp=triton&stn=INSTREAMATIC
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?ssp=triton&stn=INSTREAMATIC HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:20 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
id5-sync.com/api/config/prebid
200 134 B URL HTTP/1.1 id5-sync.com/api/config/prebid
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 99be75395b3c89cdd6781761e5a85ad2
225a8b587c3545be2581aa9ac2b630b51679d7be
559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1
POST /api/config/prebid HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 95
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://kimcartoon.li
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 29 Jan 2023 07:35:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x.bidswitch.net/ul_cb/sync?ssp=triton&stn=PODIUM_AUDIO
200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?ssp=triton&stn=PODIUM_AUDIO
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?ssp=triton&stn=PODIUM_AUDIO HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:20 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 86575c83908f7c72450d5cc58f30d5dc
57205b3cc68e97f42e8e23cc6422c311721f586c
8a64934e13ddd424c6dfdfb3f794095b299660d35bd978e0070db2af33cf19b4
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 29 Jan 2023 07:35:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 28 Jan 2023 22:01:43 GMT
Expires: Sun, 29 Jan 2023 22:01:43 GMT
ETag: "57205b3cc68e97f42e8e23cc6422c311721f586c"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dan%26uid%3D%24UID%26pubId%3D28003
302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dan%26uid%3D%24UID%26pubId%3D28003
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dan%26uid%3D%24UID%26pubId%3D28003 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 07:35:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=0&pubId=28003
AN-X-Request-Uuid: 29303f3e-a0d2-4b0d-9089-39453816781e
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
cm.g.doubleclick.net/pixel?google_nid=triton&google_sc&google_cm&stn=PODIUM_AUDIO
302 Found 315 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=triton&google_sc&google_cm&stn=PODIUM_AUDIO
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 19871bc4aafb8b9a9074a3568ff9ec1f
5fdcb7a71bbe06a0d6b2c8731db105c52dc0bff7
2332f339356bf150f0ac329ed1af6f5c0dc04ff2c67444922cba3e4091e60cca
GET /pixel?google_nid=triton&google_sc&google_cm&stn=PODIUM_AUDIO HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=triton&google_sc=&google_cm=&stn=PODIUM_AUDIO&google_tc=
date: Sun, 29 Jan 2023 07:35:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 315
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 29-Jan-2023 07:50:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gu.dyntrk.com/adx/trtn/us.php?dynk=tr26t81n&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Ddyn%26uid%3D%5BDYNADMIC_UID%5D%26pubId%3D65843
302 Found 0 B URL HTTP/1.1 gu.dyntrk.com/adx/trtn/us.php?dynk=tr26t81n&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Ddyn%26uid%3D%5BDYNADMIC_UID%5D%26pubId%3D65843
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adx/trtn/us.php?dynk=tr26t81n&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Ddyn%26uid%3D%5BDYNADMIC_UID%5D%26pubId%3D65843 HTTP/1.1
Host: gu.dyntrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
server: nginx
date: Sun, 29 Jan 2023 07:35:20 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
keep-alive: timeout=10
p3p: CP="NOI DEV OUR BUS UNI"
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Origin
location: https://gu.dyntrk.com/adx/trtn/us.php?dynk=tr26t81n&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Ddyn%26uid%3D%5BDYNADMIC_UID%5D%26pubId%3D65843&prevuid=&knw=
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash c8ef2f08d8cb1fdfe14087ca355acf37
5fbd3629fd2e9a144f35f02f80bea1318ce3be05
51b74a1fdad1833b1328d12b9173748e576bdfcfedd51c1db02acc9998f5ec0e
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1414
Server: nginx
Content-Type: application/ocsp-response
Expires: Thu, 02 Feb 2023 05:46:13 GMT
ETag: "5fbd3629fd2e9a144f35f02f80bea1318ce3be05"
Last-Modified: Sun, 29 Jan 2023 05:46:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 29 Jan 2023 07:35:20 GMT
Age: 2944
X-Served-By: cache-qpg1235-QPG, cache-bma1678-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 29, 57
X-Timer: S1674977720.098364,VS0,VE0
ad.turn.com/r/cs?pid=58&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Damb%26uid%3D%23USER_ID%23%26pubId%3D65843
302 Found 0 B URL HTTP/2 ad.turn.com/r/cs?pid=58&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Damb%26uid%3D%23USER_ID%23%26pubId%3D65843
IP
ASN #56396 Amobee EMEA Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/cs?pid=58&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Damb%26uid%3D%23USER_ID%23%26pubId%3D65843 HTTP/1.1
Host: ad.turn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=7834810838853453645; Domain=.turn.com; Expires=Fri, 28-Jul-2023 07:35:20 GMT; Path=/; Secure; SameSite=None
location: https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=amb&uid=7834810838853453645&pubId=65843
content-length: 0
date: Sun, 29 Jan 2023 07:35:20 GMT
X-Firefox-Spdy: h2
ums.acuityplatform.com/tum?umid=133&uid=b4fd65c2-a7ba-4eea-ab34-1053817d694d&rurl=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dacu%26uid%3D___AUID___%26pubId%3D65843
302 Found 0 B URL HTTP/1.1 ums.acuityplatform.com/tum?umid=133&uid=b4fd65c2-a7ba-4eea-ab34-1053817d694d&rurl=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dacu%26uid%3D___AUID___%26pubId%3D65843
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tum?umid=133&uid=b4fd65c2-a7ba-4eea-ab34-1053817d694d&rurl=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dacu%26uid%3D___AUID___%26pubId%3D65843 HTTP/1.1
Host: ums.acuityplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
content-length: 0
access-control-allow-origin: *
set-cookie: auid=736944347509; Domain=.acuityplatform.com; Expires=Mon, 29-Jan-2024 07:35:20 GMT; Path=/; SameSite=None; Secure
aum="OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqCMTMz+o11c2VyTWF0Y2hpbmdJZCQEipFsYXN0RHJvcFRpbWVNaWxsaXMlAUJ/Djs5sJhsYXN0U3VjY2Vzc2Z1bE1hdGNoTWlsbGlzJQFCfw47ObCPdGhpcmRQYXJ0eVVzZXJJZGNiNGZkNjVjMi1hN2JhLTRlZWEtYWIzNC0xMDUzODE3ZDY5NGT7+4Z2ZXJzaW9uwvs="; Version=1; Domain=.acuityplatform.com; Max-Age=31536000; Expires=Mon, 29-Jan-2024 07:35:20 GMT; Path=/; SameSite=None; Secure
location: https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=acu&uid=736944347509&pubId=65843
ocsp.digicert.com/
200 OK 471 B IP
Hash 25f12130557ea6f831df520a7236ce66
f314ad01216aee770c101781cbb21eeee2e40375
1b45c6270fb3b7c5ccf2edcfd4fdf6d47a91853627865b4612e5e16c7dcc31dc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4238
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:20 GMT
Last-Modified: Sun, 29 Jan 2023 06:24:43 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 90507b429faaecc38390979f21c66b2a
237b420f997ffa97b104d03e8fc1e2871f58ca9f
72fd3af0d870e2352cf8912753759bf487b15335deb8af5a8f936a495a4baa38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72FD3AF0D870E2352CF8912753759BF487B15335DEB8AF5A8F936A495A4BAA38"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9684
Expires: Sun, 29 Jan 2023 10:16:44 GMT
Date: Sun, 29 Jan 2023 07:35:20 GMT
Connection: keep-alive
ums.acuityplatform.com/tum?umid=133&uid=b4fd65c2-a7ba-4eea-ab34-1053817d694d&rurl=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dacu%26uid%3D___AUID___%26pubId%3D28003
302 Found 0 B URL HTTP/1.1 ums.acuityplatform.com/tum?umid=133&uid=b4fd65c2-a7ba-4eea-ab34-1053817d694d&rurl=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dacu%26uid%3D___AUID___%26pubId%3D28003
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tum?umid=133&uid=b4fd65c2-a7ba-4eea-ab34-1053817d694d&rurl=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dacu%26uid%3D___AUID___%26pubId%3D28003 HTTP/1.1
Host: ums.acuityplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
content-length: 0
access-control-allow-origin: *
set-cookie: auid=736944347509; Domain=.acuityplatform.com; Expires=Mon, 29-Jan-2024 07:35:20 GMT; Path=/; SameSite=None; Secure
aum="OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqCMTMz+o11c2VyTWF0Y2hpbmdJZCQEipFsYXN0RHJvcFRpbWVNaWxsaXMlAUJ/Djs6oJhsYXN0U3VjY2Vzc2Z1bE1hdGNoTWlsbGlzJQFCfw47OqCPdGhpcmRQYXJ0eVVzZXJJZGNiNGZkNjVjMi1hN2JhLTRlZWEtYWIzNC0xMDUzODE3ZDY5NGT7+4Z2ZXJzaW9uwvs="; Version=1; Domain=.acuityplatform.com; Max-Age=31536000; Expires=Mon, 29-Jan-2024 07:35:20 GMT; Path=/; SameSite=None; Secure
location: https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=acu&uid=736944347509&pubId=28003
cm.g.doubleclick.net/pixel?google_nid=triton&google_sc=&google_cm=&stn=PODIUM_AUDIO&google_tc=
200 OK 170 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=triton&google_sc=&google_cm=&stn=PODIUM_AUDIO&google_tc=
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e7673c60af825466f83d46da72ca1635
fc0fcbee0835709ba2d28798a612bfd687903fb5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
GET /pixel?google_nid=triton&google_sc=&google_cm=&stn=PODIUM_AUDIO&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Sun, 29 Jan 2023 07:35:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash ea1067c5b75855f09ff0332134ad005d
ad6418c8c6282a72a7cb8baf08b860c8cdcbdd94
737a4c3a2c8ffeaa2c00e2c623af29170035620a5d6c5c896ef686ddc57fe8d8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=120782
Date: Sun, 29 Jan 2023 07:35:20 GMT
Etag: "63d546d3-1d7"
Expires: Mon, 30 Jan 2023 17:08:22 GMT
Last-Modified: Sat, 28 Jan 2023 16:01:23 GMT
Server: ECS (nyb/1D22)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9N1mKDVlKwjnRgf6DI_4L6PTWfSsENaAECuEeX0-vznjKGLZuB5aDg==
Age: 4019
match.adsrvr.org/track/cmf/generic?ttd_pid=tpqk5an&ttd_puid=PODIUM_AUDIO
200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=tpqk5an&ttd_puid=PODIUM_AUDIO
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=tpqk5an&ttd_puid=PODIUM_AUDIO HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:20 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
play.adtonos.com/onaudience/redir?redir=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D163%26mapped%3D%40UUID%40
302 Found 97 B URL HTTP/1.1 play.adtonos.com/onaudience/redir?redir=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D163%26mapped%3D%40UUID%40
IP
File type ASCII text, with no line terminators
Hash 0a4a82feadb70bf15785ca84557a71a4
0764fb28da972830540e8c6bd02f4844a5f928f8
74b8cf70c38ffb9f71b64b9496ff39d9a824544002211e8c51d1ee30fd93ff53
GET /onaudience/redir?redir=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D163%26mapped%3D%40UUID%40 HTTP/1.1
Host: play.adtonos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Cookie: ulid=01GQY77DDG7YKGPW4DW61ZYC52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 29 Jan 2023 07:35:20 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 97
Connection: close
X-Powered-By: Express
Set-Cookie: ulid=01GQY77DDG7YKGPW4DW61ZYC52; Max-Age=31536000; Domain=.adtonos.com; Path=/; Expires=Mon, 29 Jan 2024 07:35:20 GMT; HttpOnly; Secure; SameSite=None
Location: https://pixel.onaudience.com/?partner=163&mapped=01GQY77DDG7YKGPW4DW61ZYC52
Vary: Accept
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Cache-Control: no-cache, no-store, must-revalidate, no-transform
storageaudiobursts.azureedge.net/site/images/stationIcons/11647.png
200 OK 2.8 kB URL HTTP/2 storageaudiobursts.azureedge.net/site/images/stationIcons/11647.png
IP
ASN #20940 Akamai International B.V.
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 39d25407878f21e887c6c5808c8a9433
0024e36bf1dfc99c39f645e3adf49de9b91a2637
9eb3f7050e8477a613036ae6c7b0ea5b43f0782ee8e7e31bd281cc0b10d26b99
GET /site/images/stationIcons/11647.png HTTP/1.1
Host: storageaudiobursts.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-md5: kkNZVmr1RB970xHYJJQPHQ==
last-modified: Mon, 12 Nov 2018 12:56:33 GMT
accept-ranges: bytes
etag: "0x8D6489E46233F98"
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d6235d43-001e-00be-1513-33f827000000
x-ms-version: 2014-02-14
x-ms-meta-cbmodifiedtime: Mon, 12 Nov 2018 11:49:17 GMT
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
content-length: 2825
cache-control: max-age=31466923
date: Sun, 29 Jan 2023 07:35:20 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 727 B IP
Hash dd417f5ce7b600dcecbaa1af98caf6d0
8122554a31d9eab8b25e201f733bb65300a12ece
b511534e3a3c18c81331c41ab759f00eba8e00218a4a457672788190e02e5832
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4899
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:20 GMT
Etag: "63d5e450-2d7"
Last-Modified: Sun, 29 Jan 2023 06:13:41 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 727
ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybA5450DyLOW5pNcjyGp937PEEoF1rMxj4dc3_FObhQusVjCKCeLYStzCq5TxCvgPHEA&format=gif
200 OK 43 B URL HTTP/2 ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybA5450DyLOW5pNcjyGp937PEEoF1rMxj4dc3_FObhQusVjCKCeLYStzCq5TxCvgPHEA&format=gif
IP
ASN #10010 TOKAI Communications Corporation
File type GIF image data, version 89a, 1 x 1\012- data
Hash 2de852656da1e9d7b33fbc20c6239a70
78f42f9de352cd219ac1bf4c72f44abea5dd66cc
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e
GET /yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybA5450DyLOW5pNcjyGp937PEEoF1rMxj4dc3_FObhQusVjCKCeLYStzCq5TxCvgPHEA&format=gif HTTP/1.1
Host: ialaddin.genieesspv.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kimcartoon.li/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 07:35:20 GMT
content-type: image/gif
set-cookie: rtbhouse=0; expires=Mon, 30 Jan 2023 07:35:20 GMT; path=/; domain=.genieesspv.jp; SameSite=None; Secure
gid=a409199d049706059e7ecd1423341ded; expires=Wed, 28 Jan 2026 07:35:20 GMT; path=/; domain=.genieesspv.jp; SameSite=None; Secure
p3p: CUR ADM OUR NOR STA NID
content-length: 43
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
play.adtonos.com/nielsen/redir?redir=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D123%26buid%3D%40UUID%40
302 Found 99 B URL HTTP/1.1 play.adtonos.com/nielsen/redir?redir=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D123%26buid%3D%40UUID%40
IP
File type ASCII text, with no line terminators
Hash d4b763e4a37ef3d4242ae0cc910d554b
408a5a9da1cfde6746e3609b69667b85f7100835
8b25c7c22d0ae4cb3306478354c2ec761402103fcc61f1a17c59bb2e06c55c57
GET /nielsen/redir?redir=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D123%26buid%3D%40UUID%40 HTTP/1.1
Host: play.adtonos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Cookie: ulid=01GQY77DDG7YKGPW4DW61ZYC52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 29 Jan 2023 07:35:20 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 99
Connection: close
X-Powered-By: Express
Set-Cookie: ulid=01GQY77DDG7YKGPW4DW61ZYC52; Max-Age=31536000; Domain=.adtonos.com; Path=/; Expires=Mon, 29 Jan 2024 07:35:20 GMT; HttpOnly; Secure; SameSite=None
Location: https://loadus.exelator.com/load/?p=204&g=123&buid=01GQY77DDG7YKGPW4DW61ZYC52
Vary: Accept
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Cache-Control: no-cache, no-store, must-revalidate, no-transform
ocsp.digicert.com/
200 OK 314 B IP
Hash 4d08df7a08aba618dc2931e09c2a9c9a
5c0e0ea828f5c769eb45c3c499fad469f20b6d7d
a4fba084caab6f397be9161b8fdf281cc7aafd588fb32d55b6ae50cc44e6b0bc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5055
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:20 GMT
Last-Modified: Sun, 29 Jan 2023 06:11:05 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 314
cm.g.doubleclick.net/pixel?google_nid=triton&google_sc&google_cm&stn=INSTREAMATIC
302 Found 315 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=triton&google_sc&google_cm&stn=INSTREAMATIC
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 2df86c47d731d12dfd5c2b2fb9484671
fa16337cff590009459e9abdac9d9c1b2c416374
b9ba43dd56ee8b4d662988e21ad9e5f318f357879f5ca90ee51ab2e2a47d063c
GET /pixel?google_nid=triton&google_sc&google_cm&stn=INSTREAMATIC HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=triton&google_sc=&google_cm=&stn=INSTREAMATIC&google_tc=
date: Sun, 29 Jan 2023 07:35:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 315
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 29-Jan-2023 07:50:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sync.mathtag.com/sync/img?mt_exid=70&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dmm%26uid%3D%5BMM_UUID%5D%26pubId%3D28003
302 Moved Temporarily 0 B URL HTTP/1.1 sync.mathtag.com/sync/img?mt_exid=70&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dmm%26uid%3D%5BMM_UUID%5D%26pubId%3D28003
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/img?mt_exid=70&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dmm%26uid%3D%5BMM_UUID%5D%26pubId%3D28003 HTTP/1.1
Host: sync.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Sun, 29 Jan 2023 07:35:20 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 404 ce67235 master zrh-pixel-x29 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=213563d6-21b9-4200-95c0-e3854eac5095; domain=.mathtag.com; path=/; expires=Mon, 26-Feb-2024 07:35:21 GMT; SameSite=None; Secure
location: https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=mm&uid=213563d6-21b9-4200-95c0-e3854eac5095&pubId=28003
Expires: Sun, 29 Jan 2023 07:35:19 GMT
ocsp.digicert.com/
200 OK 471 B IP
Hash 25f12130557ea6f831df520a7236ce66
f314ad01216aee770c101781cbb21eeee2e40375
1b45c6270fb3b7c5ccf2edcfd4fdf6d47a91853627865b4612e5e16c7dcc31dc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4238
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:20 GMT
Last-Modified: Sun, 29 Jan 2023 06:24:43 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
gu.dyntrk.com/adx/trtn/us.php?dynk=tr26t81n&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Ddyn%26uid%3D%5BDYNADMIC_UID%5D%26pubId%3D65843&prevuid=&knw=
302 Found 0 B URL HTTP/1.1 gu.dyntrk.com/adx/trtn/us.php?dynk=tr26t81n&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Ddyn%26uid%3D%5BDYNADMIC_UID%5D%26pubId%3D65843&prevuid=&knw=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adx/trtn/us.php?dynk=tr26t81n&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Ddyn%26uid%3D%5BDYNADMIC_UID%5D%26pubId%3D65843&prevuid=&knw= HTTP/1.1
Host: gu.dyntrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
server: nginx
date: Sun, 29 Jan 2023 07:35:20 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
keep-alive: timeout=10
p3p: CP="NOI DEV OUR BUS UNI"
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Origin
location: https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=dyn&uid=&pubId=65843
kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420
200 OK 234 B URL HTTP/1.1 kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420
IP
File type JSON data\012- , ASCII text, with very long lines (687), with no line terminators
Hash 8805f20bb153d6bce621b38e77ce34ff
76c5cfa5040fddec6d1bb813ae40e5d373ae8d9a
b7f96956d437c03f72c5a967ae38d1a8975b3e3ac06151670d543ed42603a0c5
GET /api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420 HTTP/1.1
Host: kvt.sddan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 29 Jan 2023 07:35:20 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://kimcartoon.li
Cache-Control: private, max-age=60
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
pixel-sync.sitescout.com/dmp/pixelSync?nid=107&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dcto%26uid%3D%7BuserId%7D%26pubId%3D28003
302 Found 0 B URL HTTP/2 pixel-sync.sitescout.com/dmp/pixelSync?nid=107&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dcto%26uid%3D%7BuserId%7D%26pubId%3D28003
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dmp/pixelSync?nid=107&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dcto%26uid%3D%7BuserId%7D%26pubId%3D28003 HTTP/1.1
Host: pixel-sync.sitescout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
set-cookie: ssi=4d24b856-94d2-43db-a60f-d40c863349ba#1674977720254; Domain=.sitescout.com; Expires=Mon, 29-Jan-2024 07:35:20 GMT; Path=/; Secure; SameSite=None
location: https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=107&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dcto%26uid%3D%7BuserId%7D%26pubId%3D28003
content-length: 0
date: Sun, 29 Jan 2023 07:35:19 GMT
server: AC1.1
X-Firefox-Spdy: h2
ad.turn.com/r/cs?pid=58&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Damb%26uid%3D%23USER_ID%23%26pubId%3D28003
302 Found 0 B URL HTTP/2 ad.turn.com/r/cs?pid=58&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Damb%26uid%3D%23USER_ID%23%26pubId%3D28003
IP
ASN #56396 Amobee EMEA Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/cs?pid=58&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Damb%26uid%3D%23USER_ID%23%26pubId%3D28003 HTTP/1.1
Host: ad.turn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=4088660373811332941; Domain=.turn.com; Expires=Fri, 28-Jul-2023 07:35:20 GMT; Path=/; Secure; SameSite=None
location: https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=amb&uid=4088660373811332941&pubId=28003
content-length: 0
date: Sun, 29 Jan 2023 07:35:20 GMT
X-Firefox-Spdy: h2
synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Daw%26uid%3D%24%7BUID%7D%26pubId%3D65843
302 0 B URL HTTP/1.1 synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Daw%26uid%3D%24%7BUID%7D%26pubId%3D65843
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getUID?curl=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Daw%26uid%3D%24%7BUID%7D%26pubId%3D65843 HTTP/1.1
Host: synchroscript.deliveryengine.adswizz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Sun, 29 Jan 2023 07:35:19 GMT
Instance-id: i-0e82f0abaeb7d71c8
Location: https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=aw&uid=68df3430ac2b84811edf391e6f03daf0&pubId=65843
Set-Cookie: OAID=68df3430ac2b84811edf391e6f03daf0; Domain=.adswizz.com; Expires=Tue, 28-Feb-2023 07:35:20 GMT; Path=/
X-Adswizz-request-id: 7bb97560-9fa7-11ed-bc6d-0697be2fbdeb
X-Application-Context: application:production
X-Clacks-Overhead: GNU Terry Pratchett
Content-Length: 0
Connection: keep-alive
ocsp.sectigo.com/
200 OK 471 B IP
Hash aa79f831fbade48affa43928694677db
ddb17e61adc783e7a0fb0ae60c2f049e082c5097
abcc206a3c1727354a2371f825b9640133e8617f2a47f84a8cdcc9300357d654
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 07:35:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 19:14:51 GMT
Expires: Thu, 02 Feb 2023 19:14:50 GMT
Etag: "ddb17e61adc783e7a0fb0ae60c2f049e082c5097"
Cache-Control: max-age=386969,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79104a5f8fe0b524-OSL
yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=0&pubId=65843
200 OK 43 B URL HTTP/2 yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=0&pubId=65843
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /pixel.gif?partner=an&uid=0&pubId=65843 HTTP/1.1
Host: yield-op-idsync.live.streamtheworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Cookie: uuid-s=b4fd65c2-a7ba-4eea-ab34-1053817d694d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
content-type: image/gif
date: Sun, 29 Jan 2023 07:35:20 GMT
set-cookie: idsync-an-uid=0; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:20 GMT; Path=/; Domain=.live.streamtheworld.com
idsync-an-uid-s=0; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:20 GMT; SameSite=None; Path=/; Domain=.live.streamtheworld.com; Secure
X-Firefox-Spdy: h2
pixel-sync.sitescout.com/dmp/pixelSync?nid=107&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dcto%26uid%3D%7BuserId%7D%26pubId%3D65843
302 Found 0 B URL HTTP/2 pixel-sync.sitescout.com/dmp/pixelSync?nid=107&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dcto%26uid%3D%7BuserId%7D%26pubId%3D65843
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dmp/pixelSync?nid=107&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dcto%26uid%3D%7BuserId%7D%26pubId%3D65843 HTTP/1.1
Host: pixel-sync.sitescout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
set-cookie: ssi=9cbc8a61-490f-4086-94f8-717b36fb482b#1674977720276; Domain=.sitescout.com; Expires=Mon, 29-Jan-2024 07:35:20 GMT; Path=/; Secure; SameSite=None
location: https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=107&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dcto%26uid%3D%7BuserId%7D%26pubId%3D65843
content-length: 0
date: Sun, 29 Jan 2023 07:35:19 GMT
server: AC1.1
X-Firefox-Spdy: h2
yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=0&pubId=28003
200 OK 43 B URL HTTP/2 yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=0&pubId=28003
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /pixel.gif?partner=an&uid=0&pubId=28003 HTTP/1.1
Host: yield-op-idsync.live.streamtheworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Cookie: uuid-s=b4fd65c2-a7ba-4eea-ab34-1053817d694d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
content-type: image/gif
date: Sun, 29 Jan 2023 07:35:20 GMT
set-cookie: idsync-an-uid=0; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:20 GMT; Path=/; Domain=.live.streamtheworld.com
idsync-an-uid-s=0; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:20 GMT; SameSite=None; Path=/; Domain=.live.streamtheworld.com; Secure
X-Firefox-Spdy: h2
dnacdn.net/dna
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:19 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=H9MKhl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czZUcURPJTJGenRjZ2FIQVBpa001eUJwamVtJTJCYlJJaDR1QmY5ekJ2cG9HVm9o; expires=Fri, 23 Feb 2024 07:35:20 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://kimcartoon.li
server-processing-duration-in-ticks: 339958
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=amb&uid=7834810838853453645&pubId=65843
200 OK 43 B URL HTTP/2 yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=amb&uid=7834810838853453645&pubId=65843
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /pixel.gif?partner=amb&uid=7834810838853453645&pubId=65843 HTTP/1.1
Host: yield-op-idsync.live.streamtheworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Cookie: uuid-s=b4fd65c2-a7ba-4eea-ab34-1053817d694d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
content-type: image/gif
date: Sun, 29 Jan 2023 07:35:20 GMT
set-cookie: idsync-amb-uid=7834810838853453645; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:20 GMT; Path=/; Domain=.live.streamtheworld.com
idsync-amb-uid-s=7834810838853453645; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:20 GMT; SameSite=None; Path=/; Domain=.live.streamtheworld.com; Secure
X-Firefox-Spdy: h2
sync.mathtag.com/sync/img?mt_exid=70&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dmm%26uid%3D%5BMM_UUID%5D%26pubId%3D65843
302 Moved Temporarily 0 B URL HTTP/1.1 sync.mathtag.com/sync/img?mt_exid=70&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dmm%26uid%3D%5BMM_UUID%5D%26pubId%3D65843
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/img?mt_exid=70&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dmm%26uid%3D%5BMM_UUID%5D%26pubId%3D65843 HTTP/1.1
Host: sync.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Sun, 29 Jan 2023 07:35:20 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 404 ce67235 master zrh-pixel-x15 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=444763d6-21b8-4800-b919-9cdc2d66ea07; domain=.mathtag.com; path=/; expires=Mon, 26-Feb-2024 07:35:20 GMT; SameSite=None; Secure
location: https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=mm&uid=444763d6-21b8-4800-b919-9cdc2d66ea07&pubId=65843
Expires: Sun, 29 Jan 2023 07:35:19 GMT
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b279d00e3fe506fa55ae410fca0c901
c88d705cf5d6d692ec6104dcc4690c8817afebab
11f31abefac6551a99c0d4fc1fcb303b678cc50b7616d5cdb53c0a6382f024a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "11F31ABEFAC6551A99C0D4FC1FCB303B678CC50B7616D5CDB53C0A6382F024A5"
Last-Modified: Sat, 28 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8860
Expires: Sun, 29 Jan 2023 10:03:00 GMT
Date: Sun, 29 Jan 2023 07:35:20 GMT
Connection: keep-alive
s.cpx.to/fire.js?pid=12763&ref=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&url=https%3A%2F%2Fkimcartoon.li%2FAds%2Fgeniee728.aspx&hn_ver=40&fid=1fe293c3-188d-4789-beb1-9f41ecfa3f62&dsp=pub_common&dsp_uid=a7c3876e-a0f5-4546-8621-f393238b7360
200 OK 854 B URL HTTP/1.1 s.cpx.to/fire.js?pid=12763&ref=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&url=https%3A%2F%2Fkimcartoon.li%2FAds%2Fgeniee728.aspx&hn_ver=40&fid=1fe293c3-188d-4789-beb1-9f41ecfa3f62&dsp=pub_common&dsp_uid=a7c3876e-a0f5-4546-8621-f393238b7360
IP
File type ASCII text, with very long lines (854), with no line terminators
Hash 85a0375aed096c7114a7ecfdc9e1af27
a2285a4c6715b7cb6697b274f27c0d371d3c9192
5234fa5c8debe684bf8af2e2258df83d5833935b155f07eea9dcee0607c5c4ba
GET /fire.js?pid=12763&ref=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&url=https%3A%2F%2Fkimcartoon.li%2FAds%2Fgeniee728.aspx&hn_ver=40&fid=1fe293c3-188d-4789-beb1-9f41ecfa3f62&dsp=pub_common&dsp_uid=a7c3876e-a0f5-4546-8621-f393238b7360 HTTP/1.1
Host: s.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 07:35:20 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 854
Connection: keep-alive
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: none
cache-control: no-store, must-revalidate, private, max-age=0
pragma: no-cache
p3p: CP="NOI DEV ADM"
expires: Wed, 18 Jan 2023 19:28:40 UTC
set-cookie: cpSess=9caa389542dce4b; Expires=Mon, 29 Jan 2024 07:35:20 GMT; Domain=.cpx.to; Path=/; Secure; HttpOnly; SameSite=None
yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=acu&uid=736944347509&pubId=65843
200 OK 43 B URL HTTP/2 yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=acu&uid=736944347509&pubId=65843
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /pixel.gif?partner=acu&uid=736944347509&pubId=65843 HTTP/1.1
Host: yield-op-idsync.live.streamtheworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Cookie: uuid-s=b4fd65c2-a7ba-4eea-ab34-1053817d694d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
content-type: image/gif
date: Sun, 29 Jan 2023 07:35:20 GMT
set-cookie: idsync-acu-uid=736944347509; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:20 GMT; Path=/; Domain=.live.streamtheworld.com
idsync-acu-uid-s=736944347509; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:20 GMT; SameSite=None; Path=/; Domain=.live.streamtheworld.com; Secure
X-Firefox-Spdy: h2
yield-op-idsync.live.streamtheworld.com/idsync.js?stn=ADTONOS
200 OK 2.6 kB URL HTTP/2 yield-op-idsync.live.streamtheworld.com/idsync.js?stn=ADTONOS
IP
Hash ed74d2825c02c4c9204391e9f10eae51
0d4bb81d7a03bfcdd926be244a8b46da41911274
af4003e36e4555e38da53a11cb928ef0ae542f4b92796ac8eda85bc637677234
GET /idsync.js?stn=ADTONOS HTTP/1.1
Host: yield-op-idsync.live.streamtheworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Cookie: uuid-s=b4fd65c2-a7ba-4eea-ab34-1053817d694d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 2561
content-type: application/javascript; charset=UTF-8
date: Sun, 29 Jan 2023 07:35:20 GMT
p3p: policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-Firefox-Spdy: h2
yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=acu&uid=736944347509&pubId=28003
200 OK 43 B URL HTTP/2 yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=acu&uid=736944347509&pubId=28003
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /pixel.gif?partner=acu&uid=736944347509&pubId=28003 HTTP/1.1
Host: yield-op-idsync.live.streamtheworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Cookie: uuid-s=b4fd65c2-a7ba-4eea-ab34-1053817d694d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
content-type: image/gif
date: Sun, 29 Jan 2023 07:35:20 GMT
set-cookie: idsync-acu-uid=736944347509; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:20 GMT; Path=/; Domain=.live.streamtheworld.com
idsync-acu-uid-s=736944347509; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:20 GMT; SameSite=None; Path=/; Domain=.live.streamtheworld.com; Secure
X-Firefox-Spdy: h2
lb.eu-1-id5-sync.com/lb/v1
200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash e183d43dda30d9e35d2aaf4e7799f3db
23b2bb5e025d4fb9b52df8dfb1e8184e09322df2
906138e1826f6d6bdd02edf0646e7a7b821319486b86055685aac88e3732b9ee
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://kimcartoon.li
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 29 Jan 2023 07:35:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
id5-sync.com/g/v2/102.json
200 215 B URL HTTP/1.1 id5-sync.com/g/v2/102.json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash d6816929d2b5a213cf8ab2099cb82545
2a68dfc6b7085053029580cd31eabd321a8d86e3
302bb2b4a6c7bfbd90fe313f08a0777787365b6334173e30de6d517a5c57e9ce
POST /g/v2/102.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 279
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://kimcartoon.li
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 29 Jan 2023 07:35:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
s8t.teads.tv/logs/publishers/interface?%7B%22source%22%3A%22script-analytics-tag%22%2C%22errorMessage%22%3A%22not%20top%20window%22%2C%22exception%22%3A%22https%3A%2F%2Fkimcartoon.li%2FAds%2Fgeniee728.aspx%22%2C%22analyticsTagId%22%3A%22PUB_11398%22%2C%22scriptVersion%22%3A%228480ba3%22%7D
200 OK 0 B URL HTTP/2 s8t.teads.tv/logs/publishers/interface?%7B%22source%22%3A%22script-analytics-tag%22%2C%22errorMessage%22%3A%22not%20top%20window%22%2C%22exception%22%3A%22https%3A%2F%2Fkimcartoon.li%2FAds%2Fgeniee728.aspx%22%2C%22analyticsTagId%22%3A%22PUB_11398%22%2C%22scriptVersion%22%3A%228480ba3%22%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/publishers/interface?%7B%22source%22%3A%22script-analytics-tag%22%2C%22errorMessage%22%3A%22not%20top%20window%22%2C%22exception%22%3A%22https%3A%2F%2Fkimcartoon.li%2FAds%2Fgeniee728.aspx%22%2C%22analyticsTagId%22%3A%22PUB_11398%22%2C%22scriptVersion%22%3A%228480ba3%22%7D HTTP/1.1
Host: s8t.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
content-length: 0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000
expires: Sun, 29 Jan 2023 07:35:20 GMT
cache-control: max-age=0, no-cache
pragma: no-cache
date: Sun, 29 Jan 2023 07:35:20 GMT
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:20 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 7acf5bfa2f5b571e24dcd314dcfac7e3
77f68063a6133a8e7d9cc6119f7ed4141da84ff1
a2f9c9abd30ad0600ceb60fc0426098a24eaf8b8c5ca680086cb1780e19c5710
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3583
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:20 GMT
Etag: "63d53746-1d7"
Last-Modified: Sun, 29 Jan 2023 06:35:37 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=107&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dcto%26uid%3D%7BuserId%7D%26pubId%3D28003
204 No Content 0 B URL HTTP/2 pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=107&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dcto%26uid%3D%7BuserId%7D%26pubId%3D28003
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dmp/pixelSync?cookieQ=1&nid=107&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dcto%26uid%3D%7BuserId%7D%26pubId%3D28003 HTTP/1.1
Host: pixel-sync.sitescout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date: Sun, 29 Jan 2023 07:35:20 GMT
server: AC1.1
X-Firefox-Spdy: h2
pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=107&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dcto%26uid%3D%7BuserId%7D%26pubId%3D65843
204 No Content 0 B URL HTTP/2 pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=107&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dcto%26uid%3D%7BuserId%7D%26pubId%3D65843
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dmp/pixelSync?cookieQ=1&nid=107&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dcto%26uid%3D%7BuserId%7D%26pubId%3D65843 HTTP/1.1
Host: pixel-sync.sitescout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date: Sun, 29 Jan 2023 07:35:19 GMT
server: AC1.1
X-Firefox-Spdy: h2
rtb.adentifi.com/CookieSyncTriton?redirect=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dadt%26uid%3D%24UID%26pubId%3D38083
204 No Content 0 B URL HTTP/2 rtb.adentifi.com/CookieSyncTriton?redirect=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dadt%26uid%3D%24UID%26pubId%3D38083
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /CookieSyncTriton?redirect=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dadt%26uid%3D%24UID%26pubId%3D38083 HTTP/1.1
Host: rtb.adentifi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 29 Jan 2023 07:35:20 GMT
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash f223968e559db39dc12d2d7cdf63c50a
be893c462b8207df1fb71ce765efe5fcfe949d1e
3e7e51ffccb32ac6477940efc9de84892dd88ac1ff64e2ee912546368a7e394f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 29 Jan 2023 07:35:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 28 Jan 2023 21:52:04 GMT
Expires: Sun, 29 Jan 2023 21:52:04 GMT
ETag: "be893c462b8207df1fb71ce765efe5fcfe949d1e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12763%26ref%3Dhttps%253A%252F%252Fkimcartoon.li%252FCartoon%252FDaria-Version-2%252FSeason-1-Episode-1-Esteemers%253Fid%253D74420%26url%3Dhttps%253A%252F%252Fkimcartoon.li%252FAds%252Fgeniee728.aspx%26hn_ver%3D40%26fid%3D1fe293c3-188d-4789-beb1-9f41ecfa3f62%26dsp%3Dpub_common%26dsp_uid%3Da7c3876e-a0f5-4546-8621-f393238b7360
307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12763%26ref%3Dhttps%253A%252F%252Fkimcartoon.li%252FCartoon%252FDaria-Version-2%252FSeason-1-Episode-1-Esteemers%253Fid%253D74420%26url%3Dhttps%253A%252F%252Fkimcartoon.li%252FAds%252Fgeniee728.aspx%26hn_ver%3D40%26fid%3D1fe293c3-188d-4789-beb1-9f41ecfa3f62%26dsp%3Dpub_common%26dsp_uid%3Da7c3876e-a0f5-4546-8621-f393238b7360
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12763%26ref%3Dhttps%253A%252F%252Fkimcartoon.li%252FCartoon%252FDaria-Version-2%252FSeason-1-Episode-1-Esteemers%253Fid%253D74420%26url%3Dhttps%253A%252F%252Fkimcartoon.li%252FAds%252Fgeniee728.aspx%26hn_ver%3D40%26fid%3D1fe293c3-188d-4789-beb1-9f41ecfa3f62%26dsp%3Dpub_common%26dsp_uid%3Da7c3876e-a0f5-4546-8621-f393238b7360 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 07:35:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12763%2526ref%253Dhttps%25253A%25252F%25252Fkimcartoon.li%25252FCartoon%25252FDaria-Version-2%25252FSeason-1-Episode-1-Esteemers%25253Fid%25253D74420%2526url%253Dhttps%25253A%25252F%25252Fkimcartoon.li%25252FAds%25252Fgeniee728.aspx%2526hn_ver%253D40%2526fid%253D1fe293c3-188d-4789-beb1-9f41ecfa3f62%2526dsp%253Dpub_common%2526dsp_uid%253Da7c3876e-a0f5-4546-8621-f393238b7360
AN-X-Request-Uuid: ed654695-f88c-466f-aefe-1fc3d34c3434
Set-Cookie: uuid2=3667578084974356690; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 29-Apr-2023 07:35:20 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
onetag-sys.com/prebid-request
200 OK 41 B URL HTTP/2 onetag-sys.com/prebid-request
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 1c15203d1319c02fe2a06d78bc45eccf
40386992654bdda331c8f6eb21ac79de396119ee
cc81a9c5e7147dba347b0ffd34f64e9a7c40f25782569fec5c3fc68b4017badb
POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 4415
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://kimcartoon.li
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
pixel.onaudience.com/?partner=163&mapped=01GQY77DDG7YKGPW4DW61ZYC52
302 Found 0 B URL HTTP/1.1 pixel.onaudience.com/?partner=163&mapped=01GQY77DDG7YKGPW4DW61ZYC52
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?partner=163&mapped=01GQY77DDG7YKGPW4DW61ZYC52 HTTP/1.1
Host: pixel.onaudience.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
set-cookie: cookie=8771c3a8c3a5fe1a; Max-Age=31536000; Expires=Mon, 29 Jan 2024 07:35:20 GMT; Path=/; Domain=.onaudience.com; Secure; SameSite=None
done_redirects147=1; Max-Age=86400; Expires=Mon, 30 Jan 2023 07:35:20 GMT; Path=/; Domain=.onaudience.com; Secure; SameSite=None
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length: 0
ocsp.digicert.com/
200 OK 471 B IP
Hash 8fa29731c1d0c17b16b6722e790fbd30
355726ce18b332ba206caed871e6a72aa43f32a8
a45f60676c60538b85579828acc6247f6de576f869a73b3bb58501ccc5b0a172
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4343
Cache-Control: max-age=98009
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:20 GMT
Etag: "63d4ec9a-1d7"
Expires: Mon, 30 Jan 2023 10:48:49 GMT
Last-Modified: Sat, 28 Jan 2023 09:36:26 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=mm&uid=213563d6-21b9-4200-95c0-e3854eac5095&pubId=28003
200 OK 43 B URL HTTP/2 yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=mm&uid=213563d6-21b9-4200-95c0-e3854eac5095&pubId=28003
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /pixel.gif?partner=mm&uid=213563d6-21b9-4200-95c0-e3854eac5095&pubId=28003 HTTP/1.1
Host: yield-op-idsync.live.streamtheworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Cookie: uuid-s=b4fd65c2-a7ba-4eea-ab34-1053817d694d; idsync-an-uid-s=0; idsync-amb-uid-s=7834810838853453645; idsync-acu-uid-s=736944347509
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
content-type: image/gif
date: Sun, 29 Jan 2023 07:35:20 GMT
set-cookie: idsync-mm-uid=213563d6-21b9-4200-95c0-e3854eac5095; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:20 GMT; Path=/; Domain=.live.streamtheworld.com
idsync-mm-uid-s=213563d6-21b9-4200-95c0-e3854eac5095; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:20 GMT; SameSite=None; Path=/; Domain=.live.streamtheworld.com; Secure
X-Firefox-Spdy: h2
yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=dyn&uid=&pubId=65843
200 OK 43 B URL HTTP/2 yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=dyn&uid=&pubId=65843
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /pixel.gif?partner=dyn&uid=&pubId=65843 HTTP/1.1
Host: yield-op-idsync.live.streamtheworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Cookie: uuid-s=b4fd65c2-a7ba-4eea-ab34-1053817d694d; idsync-an-uid-s=0; idsync-amb-uid-s=7834810838853453645; idsync-acu-uid-s=736944347509
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
content-type: image/gif
date: Sun, 29 Jan 2023 07:35:20 GMT
set-cookie: idsync-dyn-uid=; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:20 GMT; Path=/; Domain=.live.streamtheworld.com
idsync-dyn-uid-s=; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:20 GMT; SameSite=None; Path=/; Domain=.live.streamtheworld.com; Secure
X-Firefox-Spdy: h2
playerservices.live.streamtheworld.com/api/idsync.js?stationId=258373
200 OK 1.2 kB URL HTTP/1.1 playerservices.live.streamtheworld.com/api/idsync.js?stationId=258373
IP
Hash b2f13a16684394f01dd8c730ec0f0e9d
f7b30c71da5da2528f063289c442a3953312695b
1bfdeb8446e89c58648f1c9a13fd1407cba23dd90c3e23c2b9a11fb8e7fa8e1b
GET /api/idsync.js?stationId=258373 HTTP/1.1
Host: playerservices.live.streamtheworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Cookie: uuid-s=b4fd65c2-a7ba-4eea-ab34-1053817d694d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sun, 29 Jan 2023 07:35:20 GMT
p3p: policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=ISO-8859-1
content-language: en-US
x-stw-server: par-strc-docker01_8082
x-stw-site: PAR
access-control-allow-origin: *
connection: close
yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=amb&uid=4088660373811332941&pubId=28003
200 OK 43 B URL HTTP/2 yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=amb&uid=4088660373811332941&pubId=28003
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /pixel.gif?partner=amb&uid=4088660373811332941&pubId=28003 HTTP/1.1
Host: yield-op-idsync.live.streamtheworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Cookie: uuid-s=b4fd65c2-a7ba-4eea-ab34-1053817d694d; idsync-an-uid-s=0; idsync-amb-uid-s=7834810838853453645; idsync-acu-uid-s=736944347509
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
content-type: image/gif
date: Sun, 29 Jan 2023 07:35:20 GMT
set-cookie: idsync-amb-uid=4088660373811332941; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:20 GMT; Path=/; Domain=.live.streamtheworld.com
idsync-amb-uid-s=4088660373811332941; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:20 GMT; SameSite=None; Path=/; Domain=.live.streamtheworld.com; Secure
X-Firefox-Spdy: h2
yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=aw&uid=68df3430ac2b84811edf391e6f03daf0&pubId=65843
200 OK 43 B URL HTTP/2 yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=aw&uid=68df3430ac2b84811edf391e6f03daf0&pubId=65843
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /pixel.gif?partner=aw&uid=68df3430ac2b84811edf391e6f03daf0&pubId=65843 HTTP/1.1
Host: yield-op-idsync.live.streamtheworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Cookie: uuid-s=b4fd65c2-a7ba-4eea-ab34-1053817d694d; idsync-an-uid-s=0; idsync-amb-uid-s=7834810838853453645; idsync-acu-uid-s=736944347509
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
content-type: image/gif
date: Sun, 29 Jan 2023 07:35:20 GMT
set-cookie: idsync-aw-uid=68df3430ac2b84811edf391e6f03daf0; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:20 GMT; Path=/; Domain=.live.streamtheworld.com
idsync-aw-uid-s=68df3430ac2b84811edf391e6f03daf0; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:20 GMT; SameSite=None; Path=/; Domain=.live.streamtheworld.com; Secure
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b9d508de98e51789a3ea6e49b118f066
9b91ec49f818c75034b4255199a26ef2a0035bf9
2901a6f825b805c2e5968b9960759dfc161e6d2e0beadce1cfb7120e2cb7c5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2901A6F825B805C2E5968B9960759DFC161E6D2E0BEADCE1CFB7120E2CB7C5CF"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11019
Expires: Sun, 29 Jan 2023 10:38:59 GMT
Date: Sun, 29 Jan 2023 07:35:20 GMT
Connection: keep-alive
ib.adnxs.com/getuid?https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=$UID&pubId=38083
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=$UID&pubId=38083
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=$UID&pubId=38083 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 07:35:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dan%26uid%3D%24UID%26pubId%3D38083
AN-X-Request-Uuid: 47bcc3ff-280c-44d9-986d-52f7667ee2a6
Set-Cookie: uuid2=4079096349206527793; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 29-Apr-2023 07:35:20 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x.bidswitch.net/sync?ssp=triton&stn=ADTONOS
200 OK 43 B URL HTTP/2 x.bidswitch.net/sync?ssp=triton&stn=ADTONOS
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?ssp=triton&stn=ADTONOS HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:20 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ums.acuityplatform.com/tum?umid=133&uid=b4fd65c2-a7ba-4eea-ab34-1053817d694d&rurl=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dacu%26uid%3D___AUID___%26pubId%3D38083
302 Found 0 B URL HTTP/1.1 ums.acuityplatform.com/tum?umid=133&uid=b4fd65c2-a7ba-4eea-ab34-1053817d694d&rurl=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dacu%26uid%3D___AUID___%26pubId%3D38083
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tum?umid=133&uid=b4fd65c2-a7ba-4eea-ab34-1053817d694d&rurl=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dacu%26uid%3D___AUID___%26pubId%3D38083 HTTP/1.1
Host: ums.acuityplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
content-length: 0
access-control-allow-origin: *
set-cookie: auid=736944347509; Domain=.acuityplatform.com; Expires=Mon, 29-Jan-2024 07:35:20 GMT; Path=/; SameSite=None; Secure
aum="OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqCMTMz+o11c2VyTWF0Y2hpbmdJZCQEipFsYXN0RHJvcFRpbWVNaWxsaXMlAUJ/DjtLpJhsYXN0U3VjY2Vzc2Z1bE1hdGNoTWlsbGlzJQFCfw47S6SPdGhpcmRQYXJ0eVVzZXJJZGNiNGZkNjVjMi1hN2JhLTRlZWEtYWIzNC0xMDUzODE3ZDY5NGT7+4Z2ZXJzaW9uwvs="; Version=1; Domain=.acuityplatform.com; Max-Age=31536000; Expires=Mon, 29-Jan-2024 07:35:20 GMT; Path=/; SameSite=None; Secure
location: https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=acu&uid=736944347509&pubId=38083
js.genieessp.com/j/rtct_adp_lib.20200515.min.js?GenieeDeliveryZoneName=gpb_1495180
200 OK 5.7 kB URL HTTP/2 js.genieessp.com/j/rtct_adp_lib.20200515.min.js?GenieeDeliveryZoneName=gpb_1495180
IP
ASN #10010 TOKAI Communications Corporation
Hash cec1e25760c2d609cc10239d814f646a
0a02ed6f800b106fd6ed0f6643eb4cc7be84c535
d03955fad92ee269792532f5aacd671f8be8133ca19977f8d72052549c95c1f0
GET /j/rtct_adp_lib.20200515.min.js?GenieeDeliveryZoneName=gpb_1495180 HTTP/1.1
Host: js.genieessp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 07:35:19 GMT
content-type: application/javascript
last-modified: Wed, 04 Jan 2023 04:12:06 GMT
etag: W/"63b4fc96-411a"
cross-origin-resource-policy: cross-origin
expires: Mon, 29 Jan 2024 07:35:19 GMT
cache-control: max-age=31536000, private
content-encoding: gzip
X-Firefox-Spdy: h2
ad.turn.com/r/cs?pid=58&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Damb%26uid%3D%23USER_ID%23%26pubId%3D38083
302 Found 0 B URL HTTP/2 ad.turn.com/r/cs?pid=58&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Damb%26uid%3D%23USER_ID%23%26pubId%3D38083
IP
ASN #56396 Amobee EMEA Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/cs?pid=58&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Damb%26uid%3D%23USER_ID%23%26pubId%3D38083 HTTP/1.1
Host: ad.turn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=4390683023821866829; Domain=.turn.com; Expires=Fri, 28-Jul-2023 07:35:20 GMT; Path=/; Secure; SameSite=None
location: https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=amb&uid=4390683023821866829&pubId=38083
content-length: 0
date: Sun, 29 Jan 2023 07:35:20 GMT
X-Firefox-Spdy: h2
pixel-sync.sitescout.com/dmp/pixelSync?nid=107&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dcto%26uid%3D%7BuserId%7D%26pubId%3D38083
302 Found 0 B URL HTTP/2 pixel-sync.sitescout.com/dmp/pixelSync?nid=107&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dcto%26uid%3D%7BuserId%7D%26pubId%3D38083
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dmp/pixelSync?nid=107&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dcto%26uid%3D%7BuserId%7D%26pubId%3D38083 HTTP/1.1
Host: pixel-sync.sitescout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
set-cookie: ssi=bcf94418-9658-4e8d-aeb8-e9acf38a1fd5#1674977720684; Domain=.sitescout.com; Expires=Mon, 29-Jan-2024 07:35:20 GMT; Path=/; Secure; SameSite=None
location: https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=107&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dcto%26uid%3D%7BuserId%7D%26pubId%3D38083
content-length: 0
date: Sun, 29 Jan 2023 07:35:19 GMT
server: AC1.1
X-Firefox-Spdy: h2
sync.mathtag.com/sync/img?mt_exid=70&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dmm%26uid%3D%5BMM_UUID%5D%26pubId%3D38083
302 Moved Temporarily 0 B URL HTTP/1.1 sync.mathtag.com/sync/img?mt_exid=70&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dmm%26uid%3D%5BMM_UUID%5D%26pubId%3D38083
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/img?mt_exid=70&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dmm%26uid%3D%5BMM_UUID%5D%26pubId%3D38083 HTTP/1.1
Host: sync.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Sun, 29 Jan 2023 07:35:20 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 404 ce67235 master zrh-pixel-x30 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=315a63d6-21b9-4f00-8fc0-d7df64d2adf3; domain=.mathtag.com; path=/; expires=Mon, 26-Feb-2024 07:35:21 GMT; SameSite=None; Secure
location: https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=mm&uid=315a63d6-21b9-4f00-8fc0-d7df64d2adf3&pubId=38083
Expires: Sun, 29 Jan 2023 07:35:19 GMT
pbjs.e-planning.net/pbjs/1/2a156/1/kimcartoon.li/ROS?rnd=0.22583689108251837&e=26322%3A320x50%2C300x50%2C728x90%2C320x100%2C300x100%2B26706%3A160x600%2B26711%3A300x250%2C300x168%2B26300%3A300x250%2C300x168&ur=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&pbv=7.28.0&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&e_criteoId=EaGlfl9RU29qQmFOUjNlblB2d0JURERXYnBDRzNFcDY2WERDODIwc0pMQ1l5WGNKcmp6bHklMkZuTTJUaUljd1pQOHVKdW5kTU8lMkJYcTRkUlcxYlRoOE9FaUEwVXclM0QlM0Q&e_pubcid=b9f2fcfb-5a77-4fda-8b34-218281b48ebc
200 OK 101 B URL HTTP/2 pbjs.e-planning.net/pbjs/1/2a156/1/kimcartoon.li/ROS?rnd=0.22583689108251837&e=26322%3A320x50%2C300x50%2C728x90%2C320x100%2C300x100%2B26706%3A160x600%2B26711%3A300x250%2C300x168%2B26300%3A300x250%2C300x168&ur=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&pbv=7.28.0&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&e_criteoId=EaGlfl9RU29qQmFOUjNlblB2d0JURERXYnBDRzNFcDY2WERDODIwc0pMQ1l5WGNKcmp6bHklMkZuTTJUaUljd1pQOHVKdW5kTU8lMkJYcTRkUlcxYlRoOE9FaUEwVXclM0QlM0Q&e_pubcid=b9f2fcfb-5a77-4fda-8b34-218281b48ebc
IP
ASN #49981 WorldStream B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 104cd683c57fadd1dc9ba4ff6956527a
bf81d0ca6704ec4ce5ab8a4a06e0afb8054ef068
c0ea996757746dd05c8be591db0673c1a9d1d1be5925e84c7fe7b6072b032c68
GET /pbjs/1/2a156/1/kimcartoon.li/ROS?rnd=0.22583689108251837&e=26322%3A320x50%2C300x50%2C728x90%2C320x100%2C300x100%2B26706%3A160x600%2B26711%3A300x250%2C300x168%2B26300%3A300x250%2C300x168&ur=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&pbv=7.28.0&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&e_criteoId=EaGlfl9RU29qQmFOUjNlblB2d0JURERXYnBDRzNFcDY2WERDODIwc0pMQ1l5WGNKcmp6bHklMkZuTTJUaUljd1pQOHVKdW5kTU8lMkJYcTRkUlcxYlRoOE9FaUEwVXclM0QlM0Q&e_pubcid=b9f2fcfb-5a77-4fda-8b34-218281b48ebc HTTP/1.1
Host: pbjs.e-planning.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Sun, 29 Jan 2023 07:35:20 GMT
content-type: application/json
cache-control: max-age=0, no-cache
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials: true
access-control-allow-origin: https://kimcartoon.li
expires: Sun, 29 Jan 2023 07:35:20 GMT
content-length: 101
x-sid: AMS-928
X-Firefox-Spdy: h2
id5-sync.com/g/v2/12.json
200 216 B URL HTTP/1.1 id5-sync.com/g/v2/12.json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 7a21fa465e9d5093eb5ff18daa5c49d6
6fd6f3f5150ea73990944e53f17f6a55f3ea77e5
78e2aff7fc9ae88286819e59992a8a78bdba40c202de5199b34bc0677b7b5466
POST /g/v2/12.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 349
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://kimcartoon.li
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 29 Jan 2023 07:35:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:20 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkimcartoon.li%2F&domain=kimcartoon.li&cw=1&lsw=1
200 OK 398 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkimcartoon.li%2F&domain=kimcartoon.li&cw=1&lsw=1
IP
File type JSON data\012- , ASCII text, with very long lines (481), with no line terminators
Hash db9a3d6aa0ddf55850126f644f609312
800356e9501df75f8c17c648a5f7e2b02d6141e9
c207621e9189bc2220ad0ac4599fde48de3fbfba3a0b248ff5ec1e2f72ad0f0c
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fkimcartoon.li%2F&domain=kimcartoon.li&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:19 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://kimcartoon.li
server-processing-duration-in-ticks: 1480870
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 6bab2540b2a5bdc9d88f9d5f7da3531f
d043642fbb45c3c7110216deb7f4aa8e58f49f3f
8eca96a047ac3baff970cd6a37accba530d17ec3837c1f5e11c375a2baad79b3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 29 Jan 2023 07:35:20 GMT
Last-Modified: Sun, 29 Jan 2023 06:09:26 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LOWizqY3Mqv-y32Z33dvri6Omcz1fbQFdJaLkIkPSCMI7slhZVLVAQ==
Age: 5154
pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=107&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dcto%26uid%3D%7BuserId%7D%26pubId%3D38083
204 No Content 0 B URL HTTP/2 pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=107&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dcto%26uid%3D%7BuserId%7D%26pubId%3D38083
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dmp/pixelSync?cookieQ=1&nid=107&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dcto%26uid%3D%7BuserId%7D%26pubId%3D38083 HTTP/1.1
Host: pixel-sync.sitescout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date: Sun, 29 Jan 2023 07:35:20 GMT
server: AC1.1
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash efb4169177a74924e499d444ba151fbf
13543c77c41c997caab4314e39a3c5bdb30cb974
38e57dd50d837b352b9df3c47863369ba093bf57efefa14e5ec19f1ea2dfbae4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=151165
Date: Sun, 29 Jan 2023 07:35:20 GMT
Etag: "63d5bfba-1d7"
Expires: Tue, 31 Jan 2023 01:34:45 GMT
Last-Modified: Sun, 29 Jan 2023 00:37:14 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: aEBGmcXKBkV11euw10teUe-jXIKhEzioRze8f5o43AbQRxp9_vNGmg==
Age: 3451
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dan%26uid%3D%24UID%26pubId%3D38083
302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dan%26uid%3D%24UID%26pubId%3D38083
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dan%26uid%3D%24UID%26pubId%3D38083 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 07:35:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=0&pubId=38083
AN-X-Request-Uuid: 7b280628-0235-4ee6-9671-58308cc34337
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.sectigo.com/
200 OK 471 B IP
Hash 673b3376c8d09e8b7b6559f118c9c8a9
7c9bbb4dd4a5b36424e357a64734c27698898e63
c8185d7be91fd2aec27ef692ad62581187d99f8d80249f48c096171e4fa0f2f5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 07:35:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 14:03:28 GMT
Expires: Sat, 04 Feb 2023 14:03:27 GMT
Etag: "7c9bbb4dd4a5b36424e357a64734c27698898e63"
Cache-Control: max-age=541086,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79104a63bb33b524-OSL
adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
200 OK 20 B URL HTTP/1.1 adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
IP
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7 HTTP/1.1
Host: adtrack.adleadevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://kimcartoon.li
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Encoding: gzip
Content-Type: application/x-javascript
Date: Sun, 29 Jan 2023 07:35:20 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sun, 29 Jan 2023 07:35:20 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Length: 20
Connection: keep-alive
ad.360yield.com/pb
400 Bad Request 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pb HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1907
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
date: Sun, 29 Jan 2023 07:35:20 GMT
content-type: text/html; charset=UTF-8
content-length: 0
access-control-allow-origin: https://kimcartoon.li
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-credentials: true
X-Firefox-Spdy: h2
prebid.smilewanted.com/
403 Forbidden 2.7 kB IP
Hash 9f6d937edbcf27bbe3c473eb1cb942a9
413919efe660592ed81f2d6ea91b4b25993a3fd0
638dd7d70535fdb90db58a331ece415229592e7a4eef1cd5c0d3bebcbb56cb5b
POST / HTTP/1.1
Host: prebid.smilewanted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 375
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Sun, 29 Jan 2023 07:35:20 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a638fd21c0a-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 33c70933b0cd866a9f4fe4d8329fbb28
d775c612f4422bb2cb80ba48441d2d065bbc3d97
2ac64bbd3905b2c4519990ea9c02f7451d1049f6e39728db0389b89d9f6167aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4647
Cache-Control: max-age=158489
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:20 GMT
Etag: "63d5d7aa-1d7"
Expires: Tue, 31 Jan 2023 03:36:49 GMT
Last-Modified: Sun, 29 Jan 2023 02:19:22 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
zerossl.ocsp.sectigo.com/
200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash 20c5670dd6aae3827ed01704a13fc773
41fcba103f305ff770e5d75cf201c5c216314e44
6402af104f6c1ac53244eb99f3305866918270be93a8bb6a90277d98c677fad7
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 07:35:20 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 18:42:37 GMT
Expires: Sat, 04 Feb 2023 18:42:36 GMT
Etag: "41fcba103f305ff770e5d75cf201c5c216314e44"
Cache-Control: max-age=557835,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79104a63f93ab51d-OSL
image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D1fe293c3-188d-4789-beb1-9f41ecfa3f62
302 Found 513 B URL HTTP/2 image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D1fe293c3-188d-4789-beb1-9f41ecfa3f62
IP
Hash a9c18f543ec909ea15b17493e2621c04
d8b897b8b6d6d7e13a9887e873f8638ac910ee2a
1f43f223d82a428b4d8b4fe93b2419b30527d5a21b97861a54f07c96e07a6878
GET /AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D1fe293c3-188d-4789-beb1-9f41ecfa3f62 HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sun, 29 Jan 2023 07:35:20 GMT
set-cookie: KTPCACOOKIE=true; domain=pubmatic.com; secure; expires=Sat, 29-Apr-2023 07:35:20 GMT; path=/
location: https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D1fe293c3-188d-4789-beb1-9f41ecfa3f62
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https%3A%2F%2Fplay.adtonos.com%2Fxandr%2Fpixel.gif%3Fid%3D%24UID
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https%3A%2F%2Fplay.adtonos.com%2Fxandr%2Fpixel.gif%3Fid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Fplay.adtonos.com%2Fxandr%2Fpixel.gif%3Fid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 07:35:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fplay.adtonos.com%252Fxandr%252Fpixel.gif%253Fid%253D%2524UID
AN-X-Request-Uuid: 72f4ce6b-b04c-41d4-9dbc-d275d713fb67
Set-Cookie: uuid2=6325471921625635750; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 29-Apr-2023 07:35:20 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ad.360yield.com/server_match?partner_id=2146&r=https%3A%2F%2Fplay.adtonos.com%2Fazerion%2Fpixel.gif%3Fid%3D%7BPUB_USER_ID%7D
302 Found 0 B URL HTTP/2 ad.360yield.com/server_match?partner_id=2146&r=https%3A%2F%2Fplay.adtonos.com%2Fazerion%2Fpixel.gif%3Fid%3D%7BPUB_USER_ID%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /server_match?partner_id=2146&r=https%3A%2F%2Fplay.adtonos.com%2Fazerion%2Fpixel.gif%3Fid%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 29 Jan 2023 07:35:21 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/server_match?partner_id=2146&r=https%3A%2F%2Fplay.adtonos.com%2Fazerion%2Fpixel.gif%3Fid%3D%7BPUB_USER_ID%7D
set-cookie: tuuid=e5e3373e-d780-4363-92dd-cbdfa7d750e3; Expires=Sat, 29 Apr 2023 07:35:21 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1674977721; Expires=Sat, 29 Apr 2023 07:35:21 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
loadus.exelator.com/load/?p=204&g=123&buid=01GQY77DDG7YKGPW4DW61ZYC52
200 OK 124 B URL HTTP/2 loadus.exelator.com/load/?p=204&g=123&buid=01GQY77DDG7YKGPW4DW61ZYC52
IP
File type ASCII text, with no line terminators
Hash b8cdbd16f69c2000a0c27465129c6c80
8cdf83c99f28762ffe196da393825a9ad2342b99
1934199df51551755f77a59d6993a98e332ad57c09ab22d30fafb727d92e4eb0
GET /load/?p=204&g=123&buid=01GQY77DDG7YKGPW4DW61ZYC52 HTTP/1.1
Host: loadus.exelator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 07:35:20 GMT
content-type: application/x-javascript;charset=UTF-8
cache-control: no-cache
x-powered-by: Undertow/1
access-control-allow-credentials: true
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
X-Firefox-Spdy: h2
gu.dyntrk.com/adx/trtn/us.php?dynk=tr26t81n&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Ddyn%26uid%3D%5BDYNADMIC_UID%5D%26pubId%3D38083&prevuid=&knw=
302 Found 0 B URL HTTP/1.1 gu.dyntrk.com/adx/trtn/us.php?dynk=tr26t81n&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Ddyn%26uid%3D%5BDYNADMIC_UID%5D%26pubId%3D38083&prevuid=&knw=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adx/trtn/us.php?dynk=tr26t81n&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Ddyn%26uid%3D%5BDYNADMIC_UID%5D%26pubId%3D38083&prevuid=&knw= HTTP/1.1
Host: gu.dyntrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
server: nginx
date: Sun, 29 Jan 2023 07:35:21 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
keep-alive: timeout=10
p3p: CP="NOI DEV OUR BUS UNI"
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Origin
location: https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=dyn&uid=&pubId=38083
ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybAzomuGYdokDX8VbvPzRG1YLANWGRARiQ2uPt4E8W-ATyNyBsBa0tSLHyCe_gVlvPHg&format=gif
200 OK 43 B URL HTTP/2 ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybAzomuGYdokDX8VbvPzRG1YLANWGRARiQ2uPt4E8W-ATyNyBsBa0tSLHyCe_gVlvPHg&format=gif
IP
ASN #10010 TOKAI Communications Corporation
File type GIF image data, version 89a, 1 x 1\012- data
Hash 2de852656da1e9d7b33fbc20c6239a70
78f42f9de352cd219ac1bf4c72f44abea5dd66cc
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e
GET /yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybAzomuGYdokDX8VbvPzRG1YLANWGRARiQ2uPt4E8W-ATyNyBsBa0tSLHyCe_gVlvPHg&format=gif HTTP/1.1
Host: ialaddin.genieesspv.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kimcartoon.li/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 07:35:20 GMT
content-type: image/gif
set-cookie: yeahtargeter=0; expires=Mon, 30 Jan 2023 07:35:20 GMT; path=/; domain=.genieesspv.jp; SameSite=None; Secure
gid=9fc31f83053c864f2c75a73b6c7c2276; expires=Wed, 28 Jan 2026 07:35:20 GMT; path=/; domain=.genieesspv.jp; SameSite=None; Secure
p3p: CUR ADM OUR NOR STA NID
content-length: 43
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&PageUrl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&PageReferrer=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420
200 OK 715 B URL HTTP/2 hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&PageUrl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&PageReferrer=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420
IP
ASN #200271 Iguane Solutions SAS
File type JSON data\012- , ASCII text, with very long lines (714)
Hash 52c516972f63d50fc80431bab86366f1
1d932acff0f14a7828072d8bf3fc961e897b3169
3b302db63ab471ac49a84e675dff3337b78686ffae847aee6d594d931821390b
POST /hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&PageUrl=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&PageReferrer=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420 HTTP/1.1
Host: hb-api.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1219
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding, Content-Type
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://kimcartoon.li
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
content-type: application/json; charset=utf-8
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=8762a8679b016f5bcc1c231c0616f056; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Sun, 29 Jan 2023 07:35:20 GMT
content-length: 715
x-envoy-upstream-service-time: 11
server: ayl-lb-fra02
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fplay.adtonos.com%252Fxandr%252Fpixel.gif%253Fid%253D%2524UID
302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fplay.adtonos.com%252Fxandr%252Fpixel.gif%253Fid%253D%2524UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fplay.adtonos.com%252Fxandr%252Fpixel.gif%253Fid%253D%2524UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 07:35:21 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://play.adtonos.com/xandr/pixel.gif?id=0
AN-X-Request-Uuid: 5ba3cd9b-d2cf-4b3b-a65b-b829811fc2a4
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ad.360yield.com/ul_cb/server_match?partner_id=2146&r=https%3A%2F%2Fplay.adtonos.com%2Fazerion%2Fpixel.gif%3Fid%3D%7BPUB_USER_ID%7D
200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/server_match?partner_id=2146&r=https%3A%2F%2Fplay.adtonos.com%2Fazerion%2Fpixel.gif%3Fid%3D%7BPUB_USER_ID%7D
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/server_match?partner_id=2146&r=https%3A%2F%2Fplay.adtonos.com%2Fazerion%2Fpixel.gif%3Fid%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:21 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash b621329ff2c3dd5af0d472b5e9dbcaec
c4f63bf0f7505f642290af76003721d29c7100fc
77e6539d857736304814a44cb10399e7b83e4370f970dd5a101f44f82431565e
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 29 Jan 2023 07:35:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 28 Jan 2023 23:34:30 GMT
Expires: Sun, 29 Jan 2023 23:34:30 GMT
ETag: "c4f63bf0f7505f642290af76003721d29c7100fc"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
200 OK 727 B IP
Hash fa69dce56c593dfab98c56e18011f344
5ce5a85a743dedd38892890b4fc88ea0ab86bae8
d7a343e248f7eb646ca579a25e789ca199371819ec164b8f7f3d5d29d54e215d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3686
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:35:21 GMT
Last-Modified: Sun, 29 Jan 2023 06:33:55 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 727
ialaddin.genieesspv.jp/yie/ld/cic?cik=R8EEDBHwNDxUMuwwHOdiYsMuNlBBu-Nmnt4-MyiFQy1fHkLIKB5jNwbnU6jQOcAirlxuVf_v-776E0rJW98BC4Ibtk4&noas=10286371
200 OK 43 B URL HTTP/2 ialaddin.genieesspv.jp/yie/ld/cic?cik=R8EEDBHwNDxUMuwwHOdiYsMuNlBBu-Nmnt4-MyiFQy1fHkLIKB5jNwbnU6jQOcAirlxuVf_v-776E0rJW98BC4Ibtk4&noas=10286371
IP
ASN #10010 TOKAI Communications Corporation
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /yie/ld/cic?cik=R8EEDBHwNDxUMuwwHOdiYsMuNlBBu-Nmnt4-MyiFQy1fHkLIKB5jNwbnU6jQOcAirlxuVf_v-776E0rJW98BC4Ibtk4&noas=10286371 HTTP/1.1
Host: ialaddin.genieesspv.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Cookie: rtbhouse=0; gid=a409199d049706059e7ecd1423341ded
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:20 GMT
content-type: image/gif
content-length: 43
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
ialaddin.genieesspv.jp/yie/ld/cic?cik=4q2F3rScte7LkGav9UEfoyE1TSru4Kk_k5aKsb0J191DwcZXOsYhj5s-IohKJXgXk6IKTP3iKectV7CIhc6nCy8VuPg&asid=10261742
200 OK 43 B URL HTTP/2 ialaddin.genieesspv.jp/yie/ld/cic?cik=4q2F3rScte7LkGav9UEfoyE1TSru4Kk_k5aKsb0J191DwcZXOsYhj5s-IohKJXgXk6IKTP3iKectV7CIhc6nCy8VuPg&asid=10261742
IP
ASN #10010 TOKAI Communications Corporation
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /yie/ld/cic?cik=4q2F3rScte7LkGav9UEfoyE1TSru4Kk_k5aKsb0J191DwcZXOsYhj5s-IohKJXgXk6IKTP3iKectV7CIhc6nCy8VuPg&asid=10261742 HTTP/1.1
Host: ialaddin.genieesspv.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Cookie: rtbhouse=0; gid=a409199d049706059e7ecd1423341ded
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:20 GMT
content-type: image/gif
content-length: 43
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
prebid.smilewanted.com/
403 Forbidden 2.5 kB IP
Hash 9489850b747b68552b026ff82931f71a
747960df5efcf9f7fa717b712283299ceb576917
e3629a274007528136c93d522ae884db7382c3d5284e4e978419539ecb009cce
POST / HTTP/1.1
Host: prebid.smilewanted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 374
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Sun, 29 Jan 2023 07:35:20 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a63afd81c0a-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=mm&uid=444763d6-21b8-4800-b919-9cdc2d66ea07&pubId=65843
200 OK 43 B URL HTTP/2 yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=mm&uid=444763d6-21b8-4800-b919-9cdc2d66ea07&pubId=65843
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /pixel.gif?partner=mm&uid=444763d6-21b8-4800-b919-9cdc2d66ea07&pubId=65843 HTTP/1.1
Host: yield-op-idsync.live.streamtheworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Cookie: uuid-s=b4fd65c2-a7ba-4eea-ab34-1053817d694d; idsync-an-uid-s=0; idsync-amb-uid-s=7834810838853453645; idsync-acu-uid-s=736944347509
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
content-type: image/gif
date: Sun, 29 Jan 2023 07:35:20 GMT
set-cookie: idsync-mm-uid=444763d6-21b8-4800-b919-9cdc2d66ea07; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:20 GMT; Path=/; Domain=.live.streamtheworld.com
idsync-mm-uid-s=444763d6-21b8-4800-b919-9cdc2d66ea07; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:20 GMT; SameSite=None; Path=/; Domain=.live.streamtheworld.com; Secure
X-Firefox-Spdy: h2
yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=acu&uid=736944347509&pubId=38083
200 OK 43 B URL HTTP/2 yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=acu&uid=736944347509&pubId=38083
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /pixel.gif?partner=acu&uid=736944347509&pubId=38083 HTTP/1.1
Host: yield-op-idsync.live.streamtheworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Cookie: uuid-s=b4fd65c2-a7ba-4eea-ab34-1053817d694d; idsync-an-uid-s=0; idsync-amb-uid-s=4088660373811332941; idsync-acu-uid-s=736944347509; idsync-mm-uid-s=213563d6-21b9-4200-95c0-e3854eac5095; idsync-dyn-uid-s=; idsync-aw-uid-s=68df3430ac2b84811edf391e6f03daf0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
content-type: image/gif
date: Sun, 29 Jan 2023 07:35:20 GMT
set-cookie: idsync-acu-uid=736944347509; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:20 GMT; Path=/; Domain=.live.streamtheworld.com
idsync-acu-uid-s=736944347509; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:20 GMT; SameSite=None; Path=/; Domain=.live.streamtheworld.com; Secure
X-Firefox-Spdy: h2
yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=amb&uid=4390683023821866829&pubId=38083
200 OK 43 B URL HTTP/2 yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=amb&uid=4390683023821866829&pubId=38083
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /pixel.gif?partner=amb&uid=4390683023821866829&pubId=38083 HTTP/1.1
Host: yield-op-idsync.live.streamtheworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Cookie: uuid-s=b4fd65c2-a7ba-4eea-ab34-1053817d694d; idsync-an-uid-s=0; idsync-amb-uid-s=4088660373811332941; idsync-acu-uid-s=736944347509; idsync-mm-uid-s=213563d6-21b9-4200-95c0-e3854eac5095; idsync-dyn-uid-s=; idsync-aw-uid-s=68df3430ac2b84811edf391e6f03daf0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
content-type: image/gif
date: Sun, 29 Jan 2023 07:35:20 GMT
set-cookie: idsync-amb-uid=4390683023821866829; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:20 GMT; Path=/; Domain=.live.streamtheworld.com
idsync-amb-uid-s=4390683023821866829; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:20 GMT; SameSite=None; Path=/; Domain=.live.streamtheworld.com; Secure
X-Firefox-Spdy: h2
yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=mm&uid=315a63d6-21b9-4f00-8fc0-d7df64d2adf3&pubId=38083
200 OK 43 B URL HTTP/2 yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=mm&uid=315a63d6-21b9-4f00-8fc0-d7df64d2adf3&pubId=38083
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /pixel.gif?partner=mm&uid=315a63d6-21b9-4f00-8fc0-d7df64d2adf3&pubId=38083 HTTP/1.1
Host: yield-op-idsync.live.streamtheworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Cookie: uuid-s=b4fd65c2-a7ba-4eea-ab34-1053817d694d; idsync-an-uid-s=0; idsync-amb-uid-s=4088660373811332941; idsync-acu-uid-s=736944347509; idsync-mm-uid-s=213563d6-21b9-4200-95c0-e3854eac5095; idsync-dyn-uid-s=; idsync-aw-uid-s=68df3430ac2b84811edf391e6f03daf0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
content-type: image/gif
date: Sun, 29 Jan 2023 07:35:20 GMT
set-cookie: idsync-mm-uid=315a63d6-21b9-4f00-8fc0-d7df64d2adf3; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:20 GMT; Path=/; Domain=.live.streamtheworld.com
idsync-mm-uid-s=315a63d6-21b9-4f00-8fc0-d7df64d2adf3; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:20 GMT; SameSite=None; Path=/; Domain=.live.streamtheworld.com; Secure
X-Firefox-Spdy: h2
podiums.link/widget/context/?h=970ac124a8427374029dc13a19f4a4f4d0fbe07a4d3144c36a4df0cb87e1636f&mode=keywords&blockedg=1
200 OK 4.1 kB URL HTTP/2 podiums.link/widget/context/?h=970ac124a8427374029dc13a19f4a4f4d0fbe07a4d3144c36a4df0cb87e1636f&mode=keywords&blockedg=1
IP
Hash f0e9f9317a283cbc1ba9563983c8814b
59795844e28256fe2dcb7e9a54ce11ab223e6056
e5ac7c67539a47841ca8d4ee9168d1df66d80463bc319383f2f0e3e4f2d501a9
POST /widget/context/?h=970ac124a8427374029dc13a19f4a4f4d0fbe07a4d3144c36a4df0cb87e1636f&mode=keywords&blockedg=1 HTTP/1.1
Host: podiums.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 92
Origin: https://app.audiopulsar.com
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:20 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-origin: https://app.audiopulsar.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: public, max-age=43200
etag: W/"26fa-D+jVW97m+XXI1EbSUfUUlfBYAL4"
content-encoding: gzip
X-Firefox-Spdy: h2
play.adtonos.com/xandr/pixel.gif?id=0
200 OK 42 B URL HTTP/1.1 play.adtonos.com/xandr/pixel.gif?id=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /xandr/pixel.gif?id=0 HTTP/1.1
Host: play.adtonos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Cookie: ulid=01GQY77DDG7YKGPW4DW61ZYC52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 07:35:21 GMT
Content-Type: image/gif
Content-Length: 42
Connection: close
X-Powered-By: Express
Set-Cookie: ulid=01GQY77DDG7YKGPW4DW61ZYC52; Max-Age=31536000; Domain=.adtonos.com; Path=/; Expires=Mon, 29 Jan 2024 07:35:21 GMT; HttpOnly; Secure; SameSite=None
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Cache-Control: no-cache, no-store, must-revalidate, no-transform
b1h.zemanta.com/api/bidder/prebid/bid/
204 No Content 0 B URL HTTP/1.1 b1h.zemanta.com/api/bidder/prebid/bid/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/bidder/prebid/bid/ HTTP/1.1
Host: b1h.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 928
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://kimcartoon.li
ghb.adtelligent.com/v2/auction/
200 OK 861 B URL HTTP/1.1 ghb.adtelligent.com/v2/auction/
IP
File type JSON data\012- , ASCII text, with very long lines (6692), with no line terminators
Hash d94b1959ee5b98f0a83166aeab9ef2c6
dd1baee7f19b78d07fed2ddb4dec6c0ab4381014
e938d940ac75138cf693bd632eeb39459f2917cf1f9ac8acf543fb3c3b5e942f
POST /v2/auction/ HTTP/1.1
Host: ghb.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 833
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Sun, 29 Jan 2023 07:35:20 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 861
Access-Control-Allow-Origin: https://kimcartoon.li
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Encoding: gzip
yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=dyn&uid=&pubId=38083
200 OK 43 B URL HTTP/2 yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=dyn&uid=&pubId=38083
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /pixel.gif?partner=dyn&uid=&pubId=38083 HTTP/1.1
Host: yield-op-idsync.live.streamtheworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Cookie: uuid-s=b4fd65c2-a7ba-4eea-ab34-1053817d694d; idsync-an-uid-s=0; idsync-amb-uid-s=4088660373811332941; idsync-acu-uid-s=736944347509; idsync-mm-uid-s=213563d6-21b9-4200-95c0-e3854eac5095; idsync-dyn-uid-s=; idsync-aw-uid-s=68df3430ac2b84811edf391e6f03daf0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
content-type: image/gif
date: Sun, 29 Jan 2023 07:35:21 GMT
set-cookie: idsync-dyn-uid=; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:21 GMT; Path=/; Domain=.live.streamtheworld.com
idsync-dyn-uid-s=; Max-Age=604800; Expires=Sun, 05 Feb 2023 07:35:21 GMT; SameSite=None; Path=/; Domain=.live.streamtheworld.com; Secure
X-Firefox-Spdy: h2
play.adtonos.com/triton/pixel.gif?id=b4fd65c2-a7ba-4eea-ab34-1053817d694d
200 OK 42 B URL HTTP/1.1 play.adtonos.com/triton/pixel.gif?id=b4fd65c2-a7ba-4eea-ab34-1053817d694d
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /triton/pixel.gif?id=b4fd65c2-a7ba-4eea-ab34-1053817d694d HTTP/1.1
Host: play.adtonos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.audiopulsar.com/
Connection: keep-alive
Cookie: ulid=01GQY77DDG7YKGPW4DW61ZYC52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 07:35:21 GMT
Content-Type: image/gif
Content-Length: 42
Connection: close
X-Powered-By: Express
Set-Cookie: ulid=01GQY77DDG7YKGPW4DW61ZYC52; Max-Age=31536000; Domain=.adtonos.com; Path=/; Expires=Mon, 29 Jan 2024 07:35:21 GMT; HttpOnly; Secure; SameSite=None
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Cache-Control: no-cache, no-store, must-revalidate, no-transform
pixel.quantserve.com/pixel;r=1731302884;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fkimcartoon.li%2FAds%2Fgeniee728.aspx;ref=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420;uht=2;fpan=1;fpa=P0-1023484979-1674977726185;pbc=;ns=1;ce=1;qjs=1;qv=8508733c-20230116145555;cm=;gdpr=0;d=kimcartoon.li;dst=0;et=1674977726903;tzo=0;ogl=;ses=cea25524-d2eb-4ea9-87af-f41504079a0a
200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=1731302884;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fkimcartoon.li%2FAds%2Fgeniee728.aspx;ref=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420;uht=2;fpan=1;fpa=P0-1023484979-1674977726185;pbc=;ns=1;ce=1;qjs=1;qv=8508733c-20230116145555;cm=;gdpr=0;d=kimcartoon.li;dst=0;et=1674977726903;tzo=0;ogl=;ses=cea25524-d2eb-4ea9-87af-f41504079a0a
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=1731302884;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fkimcartoon.li%2FAds%2Fgeniee728.aspx;ref=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420;uht=2;fpan=1;fpa=P0-1023484979-1674977726185;pbc=;ns=1;ce=1;qjs=1;qv=8508733c-20230116145555;cm=;gdpr=0;d=kimcartoon.li;dst=0;et=1674977726903;tzo=0;ogl=;ses=cea25524-d2eb-4ea9-87af-f41504079a0a HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:21 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=63d621b9-33f8f-15181-4ecf8; expires=Thu, 29-Feb-2024 07:35:21 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
app.audiopulsar.com/js/chunk-vendors-0f485567.100d2e27.js
200 OK 2.8 kB URL HTTP/2 app.audiopulsar.com/js/chunk-vendors-0f485567.100d2e27.js
IP
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (1429), with no line terminators
Hash 9d278caa7edfd490c9c04c3d512e4e21
f2aafd5f11d8b14dd2e02a2c29d280ca8befcf02
debfdbba4c266e50e9a5157092c7d2a495f220a0027e551cb6938cbd019c5ce8
GET /js/chunk-vendors-0f485567.100d2e27.js HTTP/1.1
Host: app.audiopulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:17 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 173797
cdn-uid: 54876772-1b75-4d80-bae5-e278cce146bd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=10800
etag: W/"61fcbd8d-595"
last-modified: Fri, 04 Feb 2022 05:45:49 GMT
cdn-storageserver: DE-198
cdn-fileserver: 287
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/29/2023 06:48:39
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 79368a8b1d8482f44534ae614dc1f9f4
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
s.cpx.to/ca.png?dsp=dbm&fid=1fe293c3-188d-4789-beb1-9f41ecfa3f62&google_error=3
200 OK 95 B URL HTTP/1.1 s.cpx.to/ca.png?dsp=dbm&fid=1fe293c3-188d-4789-beb1-9f41ecfa3f62&google_error=3
IP
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9606fa62df0ffe87253f3baf418f0e42
fe8520ab0bf1622350513d685ece5faf70b4e8c1
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
GET /ca.png?dsp=dbm&fid=1fe293c3-188d-4789-beb1-9f41ecfa3f62&google_error=3 HTTP/1.1
Host: s.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kimcartoon.li/
Connection: keep-alive
Cookie: cpSess=9caa389542dce4b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 07:35:21 GMT
Content-Type: image/png
Content-Length: 95
Connection: keep-alive
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: none
cache-control: no-store, must-revalidate, private, max-age=0
pragma: no-cache
set-cookie: cpSess=9caa389542dce4b; Expires=Mon, 29 Jan 2024 07:35:21 GMT; Domain=.cpx.to; Path=/; Secure; HttpOnly; SameSite=None
vast.adtonos.com/xml/gXS9uhQEnpiNTEAav/vast.xml
200 OK 159 B URL HTTP/1.1 vast.adtonos.com/xml/gXS9uhQEnpiNTEAav/vast.xml
IP
Hash a8c8c40b78bec2ce8dfd5085fe2f9c47
d628429a2e7831651b6fbe47726bcb193adcf17b
f278cf7d891b7c2b85b232fd2fa0dd5a37b4a94edb90c1793a1343505c8543ba
GET /xml/gXS9uhQEnpiNTEAav/vast.xml HTTP/1.1
Host: vast.adtonos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app.audiopulsar.com
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Cookie: ulid=01GQY77DDG7YKGPW4DW61ZYC52
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 07:35:21 GMT
Content-Type: text/xml; charset=utf-8
Content-Length: 159
Connection: close
X-Powered-By: Express
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://app.audiopulsar.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Cache-Control: no-cache, no-store, must-revalidate, no-transform
mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=8cf885ab-cb84-4249-5792-9b4dbfee6b32&reqId=a6da4563-d6bb-4c10-48dc-4865d5fa12d5&zdid=1258&google_error=3
200 OK 95 B URL HTTP/2 mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=8cf885ab-cb84-4249-5792-9b4dbfee6b32&reqId=a6da4563-d6bb-4c10-48dc-4865d5fa12d5&zdid=1258&google_error=3
IP
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=8cf885ab-cb84-4249-5792-9b4dbfee6b32&reqId=a6da4563-d6bb-4c10-48dc-4865d5fa12d5&zdid=1258&google_error=3 HTTP/1.1
Host: mwzeom.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kimcartoon.li/
Connection: keep-alive
Cookie: zc=8cf885ab-cb84-4249-5792-9b4dbfee6b32; zsc=y-%97Oj3%A8%86%0Fv%B2%00%E1%F0h%9E8%7BB%EF%E6r%AAaT%F0Q%D9%5E%13%03%5B%0CZ2%FD%13%3E7oe%F2%FDU%22%D3d%AC%92%1E%99%B9%93E%8B%8E%23%FF4%04%3B%E1%40KH%0E%E5.%3C%E4%3D%08%11%BA%DC%05%7D%97%7B%E6a%B7%9E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:21 GMT
content-type: image/png
content-length: 95
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://kimcartoon.li
set-cookie: zc=8cf885ab-cb84-4249-5792-9b4dbfee6b32; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79104a658806b509-OSL
X-Firefox-Spdy: h2
js.genieessp.com/t/495/180/a1495180.js
200 OK 18 kB URL HTTP/2 js.genieessp.com/t/495/180/a1495180.js
IP
ASN #10010 TOKAI Communications Corporation
Hash b6842976bbffe331f32057fd0cbf2296
78492708322620d59ae705a3d6f5f54a84c55c20
fb6e0ef6df95bee5220d0ae84aa632a8bc10847a3ea3428b5a9c0450b9a9c7e4
GET /t/495/180/a1495180.js HTTP/1.1
Host: js.genieessp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 07:35:15 GMT
content-type: application/javascript
last-modified: Thu, 10 Nov 2022 06:30:27 GMT
etag: W/"636c9a83-200e"
cross-origin-resource-policy: cross-origin
expires: Sun, 29 Jan 2023 07:50:15 GMT
cache-control: max-age=900, private
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 8bdc9dbbd7108b2d731ff5752df84dd1
95df7931727c4fcee275e6a0e223b81d4992ae04
79ec17fc631d4eee1dd664898fa7993e994c7928c61204fb81f2816915bc15f3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 07:35:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 23:20:24 GMT
Expires: Sat, 04 Feb 2023 23:20:23 GMT
Etag: "95df7931727c4fcee275e6a0e223b81d4992ae04"
Cache-Control: max-age=574501,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79104a64ac0db524-OSL
storageaudiobursts.azureedge.net/site/images/stationIcons/12494.png
200 OK 17 kB URL HTTP/2 storageaudiobursts.azureedge.net/site/images/stationIcons/12494.png
IP
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x600, components 3\012- data
Hash d2031037a1eaf04c8b584a68b6ade1c8
24f8873671880ab52ef0db89f67f2ce84e0feeda
2038702af0dcb43042856f47650e43a29c48c3d7770007550626159286ff1dfc
GET /site/images/stationIcons/12494.png HTTP/1.1
Host: storageaudiobursts.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-md5: otH5wGEwJcxjGUSUocCAhA==
last-modified: Wed, 20 May 2020 12:34:39 GMT
accept-ranges: bytes
etag: "0x8D7FCBA29E80149"
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 04ab4d09-601e-00d3-591a-7dc0be000000
x-ms-version: 2014-02-14
x-ms-meta-cbmodifiedtime: Wed, 20 May 2020 12:31:00 GMT
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
content-length: 17356
cache-control: max-age=31412183
date: Sun, 29 Jan 2023 07:35:21 GMT
X-Firefox-Spdy: h2
s.cpx.to/an_fire?app_nexus_uid=0&pid=12763&ref=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&url=https%3A%2F%2Fkimcartoon.li%2FAds%2Fgeniee728.aspx&hn_ver=40&fid=1fe293c3-188d-4789-beb1-9f41ecfa3f62&dsp=pub_common&dsp_uid=a7c3876e-a0f5-4546-8621-f393238b7360
200 OK 95 B URL HTTP/1.1 s.cpx.to/an_fire?app_nexus_uid=0&pid=12763&ref=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&url=https%3A%2F%2Fkimcartoon.li%2FAds%2Fgeniee728.aspx&hn_ver=40&fid=1fe293c3-188d-4789-beb1-9f41ecfa3f62&dsp=pub_common&dsp_uid=a7c3876e-a0f5-4546-8621-f393238b7360
IP
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9606fa62df0ffe87253f3baf418f0e42
fe8520ab0bf1622350513d685ece5faf70b4e8c1
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
GET /an_fire?app_nexus_uid=0&pid=12763&ref=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&url=https%3A%2F%2Fkimcartoon.li%2FAds%2Fgeniee728.aspx&hn_ver=40&fid=1fe293c3-188d-4789-beb1-9f41ecfa3f62&dsp=pub_common&dsp_uid=a7c3876e-a0f5-4546-8621-f393238b7360 HTTP/1.1
Host: s.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kimcartoon.li/
Connection: keep-alive
Cookie: cpSess=9caa389542dce4b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 07:35:21 GMT
Content-Type: image/png
Content-Length: 95
Connection: keep-alive
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: none
cache-control: no-store, must-revalidate, private, max-age=0
pragma: no-cache
set-cookie: cpSess=9caa389542dce4b; Expires=Mon, 29 Jan 2024 07:35:21 GMT; Domain=.cpx.to; Path=/; Secure; HttpOnly; SameSite=None
p3p: CP="NOI DEV ADM"
expires: Sun, 29 Jan 2023 07:35:21 UTC
ads.themoneytizer.com/moneybile.js
200 OK 0 B URL HTTP/2 ads.themoneytizer.com/moneybile.js
IP
ASN #60068 Datacamp Limited
GET /moneybile.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:19 GMT
content-type: application/javascript
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
expires: Sat, 28 Jan 2023 05:04:08 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1675055050
server: CDN77-Turbo
x-77-nzt: AblMCRT7PTL/bSMAAA
x-77-nzt-ray: af5856309710f2d6b721d663640b4605
x-cache: HIT
x-age: 9069
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
sblongvu.com/css/app.v1.5.css
200 OK 0 B URL HTTP/2 sblongvu.com/css/app.v1.5.css
IP
GET /css/app.v1.5.css HTTP/1.1
Host: sblongvu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sblongvu.com/e/8d2mivg2ncd4.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:14 GMT
content-type: text/css
last-modified: Sat, 23 Oct 2021 03:04:46 GMT
etag: W/"61737bce-2d43"
expires: Sun, 05 Feb 2023 01:55:48 GMT
cache-control: max-age=604800
access-control-allow-origin: *
cf-cache-status: HIT
age: 20365
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZhrYB%2Fb28d8XXtHhFRA6YFtTTReScpGN4wHFf37rcPMoV4aQV0xu%2BCvq77kEN2iVYnfuSsLNNPHMgLDbIpH1LGvATHY34S9cuo0JVh5yO4SGVXV4RkUNOBRSQ6WdSLI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a3b48f635de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
app.audiopulsar.com/js/chunk-vendors-4a7e9e0b.cc7989bd.js
200 OK 0 B URL HTTP/2 app.audiopulsar.com/js/chunk-vendors-4a7e9e0b.cc7989bd.js
IP
ASN #34989 ServeTheWorld AS
GET /js/chunk-vendors-4a7e9e0b.cc7989bd.js HTTP/1.1
Host: app.audiopulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:17 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 173797
cdn-uid: 54876772-1b75-4d80-bae5-e278cce146bd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=10800
etag: W/"61ff8791-12e53"
last-modified: Sun, 06 Feb 2022 08:32:17 GMT
cdn-storageserver: DE-51
cdn-fileserver: 192
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/29/2023 06:48:39
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 764f4d47c7e88d8ded7e10445a34fc7a
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
app.audiopulsar.com/js/chunk-vendors-f74e1153.04d62d9d.js
200 OK 0 B URL HTTP/2 app.audiopulsar.com/js/chunk-vendors-f74e1153.04d62d9d.js
IP
ASN #34989 ServeTheWorld AS
GET /js/chunk-vendors-f74e1153.04d62d9d.js HTTP/1.1
Host: app.audiopulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:17 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 173797
cdn-uid: 54876772-1b75-4d80-bae5-e278cce146bd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=10800
etag: W/"61fcbdaf-101c0"
last-modified: Fri, 04 Feb 2022 05:46:23 GMT
cdn-storageserver: DE-164
cdn-fileserver: 246
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/29/2023 06:48:39
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: fb0281911555ee8a9ebdd8fe1e47fddc
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
prebid.smilewanted.com/
403 Forbidden 0 B IP
POST / HTTP/1.1
Host: prebid.smilewanted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 356
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Sun, 29 Jan 2023 07:35:20 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a63bfdf1c0a-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
kimcartoon.li/Scripts/jquery.scrollTo-1.4.2-min.js
200 OK 0 B URL HTTP/2 kimcartoon.li/Scripts/jquery.scrollTo-1.4.2-min.js
IP
GET /Scripts/jquery.scrollTo-1.4.2-min.js HTTP/1.1
Host: kimcartoon.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/Cartoon/Daria-Version-2/Season-1-Episode-1-Esteemers?id=74420
Cookie: ASP.NET_SessionId=g2zrp1gd5duqn0u3cipbzlbf; k_token=eNgwOUqpuJyZILUOWxqNsde%2bc%2fPvLR1U3vN7ozFIoX1XgwaXEIEpaLZVdnLWDWOqTOGlp1ry5V8He5TFUmMk6bcPoTU3Uah%2fnswVyFEj2JiQDKgcNuItmEduE%2f6u9RYwo7W%2buCku85XW%2bt2Xs64SSFtAnghr0kYXhDETQS8Pu0w%3d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:13 GMT
content-type: application/javascript
last-modified: Thu, 12 Mar 2015 15:28:38 GMT
etag: W/"f06a5236d95cd01:0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5065
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2ySZmMrASKAe%2BUDl8BMpiVOXsni3S%2BvLsWvZtmYnrPbz1yeUpprJNPG%2B32utoT%2FhrPBf7%2BWbcw5BLQxj9glGztgHqBxPrvBm2mNlm8OPgCImnvwEfCAiBOJcsgrc0g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a3469acb4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
playerservices.live.streamtheworld.com/api/idsync.js?stationId=438633
302 Found 0 B URL HTTP/1.1 playerservices.live.streamtheworld.com/api/idsync.js?stationId=438633
IP
GET /api/idsync.js?stationId=438633 HTTP/1.1
Host: playerservices.live.streamtheworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
date: Sun, 29 Jan 2023 07:35:17 GMT
p3p: policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=ISO-8859-1
set-cookie: uuid=b4fd65c2-a7ba-4eea-ab34-1053817d694d; Domain=live.streamtheworld.com; Max-Age=2592000; Path=/
uuid-s=b4fd65c2-a7ba-4eea-ab34-1053817d694d; Domain=live.streamtheworld.com; Max-Age=2592000; Path=/; Secure; SameSite=None
content-language: en-US
location: https://playerservices.live.streamtheworld.com/api/idsync.js?stationId=438633&bounce=true
x-stw-server: par-strc-docker03_8082
x-stw-site: PAR
access-control-allow-origin: *
connection: close
ads.themoneytizer.com/moneybid7_28/build_noconsent/dist/prebid.js
200 OK 0 B URL HTTP/2 ads.themoneytizer.com/moneybid7_28/build_noconsent/dist/prebid.js
IP
ASN #60068 Datacamp Limited
GET /moneybid7_28/build_noconsent/dist/prebid.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:19 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 21:13:59 GMT
expires: Sat, 28 Jan 2023 05:04:14 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1675055064
server: CDN77-Turbo
x-77-nzt: AblMCRQ/5jv/XyMAAA
x-77-nzt-ray: af5856309710f2d6b721d66391019616
x-cache: HIT
x-age: 9055
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
app.audiopulsar.com/js/app-e2550e02.7a3b9222.js
200 OK 0 B URL HTTP/2 app.audiopulsar.com/js/app-e2550e02.7a3b9222.js
IP
ASN #34989 ServeTheWorld AS
GET /js/app-e2550e02.7a3b9222.js HTTP/1.1
Host: app.audiopulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:17 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 173797
cdn-uid: 54876772-1b75-4d80-bae5-e278cce146bd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=10800
etag: W/"6395cc86-7a0f"
last-modified: Sun, 11 Dec 2022 12:26:46 GMT
cdn-storageserver: DE-164
cdn-fileserver: 340
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/29/2023 06:48:39
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 051560d91d024d6f4e996d7daaf3a275
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
IP
GET /css?family=Roboto:100,300,400,500,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 07:35:17 GMT
date: Sun, 29 Jan 2023 07:35:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
playerservices.live.streamtheworld.com/api/idsync.js?stationId=170713
302 Found 0 B URL HTTP/1.1 playerservices.live.streamtheworld.com/api/idsync.js?stationId=170713
IP
GET /api/idsync.js?stationId=170713 HTTP/1.1
Host: playerservices.live.streamtheworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
date: Sun, 29 Jan 2023 07:35:17 GMT
p3p: policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=ISO-8859-1
set-cookie: uuid=fa65982d-b767-4c46-8408-1273dd8b0cf0; Domain=live.streamtheworld.com; Max-Age=2592000; Path=/
uuid-s=fa65982d-b767-4c46-8408-1273dd8b0cf0; Domain=live.streamtheworld.com; Max-Age=2592000; Path=/; Secure; SameSite=None
content-language: en-US
location: https://playerservices.live.streamtheworld.com/api/idsync.js?stationId=170713&bounce=true
x-stw-server: par-strc-docker03_8082
x-stw-site: PAR
access-control-allow-origin: *
connection: close
ads.themoneytizer.com/bidder1/moneybid.js?siteid=92736&adid=1&formatid=26322&size=desktop
200 OK 0 B URL HTTP/2 ads.themoneytizer.com/bidder1/moneybid.js?siteid=92736&adid=1&formatid=26322&size=desktop
IP
ASN #60068 Datacamp Limited
GET /bidder1/moneybid.js?siteid=92736&adid=1&formatid=26322&size=desktop HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:20 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://kimcartoon.li
cache-control: max-age=604800
x-accel-expires: @1675400827
server: CDN77-Turbo
vary: Origin
x-77-nzt: AblMCRQdLJnvvcUCAA
x-77-nzt-ray: af5856309710f2d6b821d663dbfba625
x-cache: HIT
x-age: 181693
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
js.genieessp.com/j/rtct_adp_lib.20200515.min.js?GenieeDeliveryZoneName=gpb_1495170
200 OK 0 B URL HTTP/2 js.genieessp.com/j/rtct_adp_lib.20200515.min.js?GenieeDeliveryZoneName=gpb_1495170
IP
ASN #10010 TOKAI Communications Corporation
GET /j/rtct_adp_lib.20200515.min.js?GenieeDeliveryZoneName=gpb_1495170 HTTP/1.1
Host: js.genieessp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 07:35:20 GMT
content-type: application/javascript
last-modified: Wed, 04 Jan 2023 04:12:06 GMT
etag: W/"63b4fc96-411a"
cross-origin-resource-policy: cross-origin
expires: Mon, 29 Jan 2024 07:35:20 GMT
cache-control: max-age=31536000, private
content-encoding: gzip
X-Firefox-Spdy: h2
playerservices.live.streamtheworld.com/api/getuuid?redir=https%3A%2F%2Fplay.adtonos.com%2Ftriton%2Fpixel.gif%3Fid%3D%40UUID%40
302 Found 0 B URL HTTP/1.1 playerservices.live.streamtheworld.com/api/getuuid?redir=https%3A%2F%2Fplay.adtonos.com%2Ftriton%2Fpixel.gif%3Fid%3D%40UUID%40
IP
GET /api/getuuid?redir=https%3A%2F%2Fplay.adtonos.com%2Ftriton%2Fpixel.gif%3Fid%3D%40UUID%40 HTTP/1.1
Host: playerservices.live.streamtheworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Cookie: uuid-s=b4fd65c2-a7ba-4eea-ab34-1053817d694d; idsync-an-uid-s=0; idsync-amb-uid-s=4088660373811332941; idsync-acu-uid-s=736944347509; idsync-mm-uid-s=213563d6-21b9-4200-95c0-e3854eac5095; idsync-dyn-uid-s=; idsync-aw-uid-s=68df3430ac2b84811edf391e6f03daf0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
date: Sun, 29 Jan 2023 07:35:21 GMT
p3p: policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: uuid=b4fd65c2-a7ba-4eea-ab34-1053817d694d; Domain=live.streamtheworld.com; Max-Age=2592000; Path=/
uuid-s=b4fd65c2-a7ba-4eea-ab34-1053817d694d; Domain=live.streamtheworld.com; Max-Age=2592000; Path=/; Secure; SameSite=None
gu-uuid=b4fd65c2-a7ba-4eea-ab34-1053817d694d; Domain=live.streamtheworld.com; Max-Age=-1; Path=/
gu-uuid-s=b4fd65c2-a7ba-4eea-ab34-1053817d694d; Domain=live.streamtheworld.com; Max-Age=-1; Path=/; Secure; SameSite=None
gu-ts=1674977721060; Domain=live.streamtheworld.com; Max-Age=-1; Path=/
gu-ts-s=1674977721060; Domain=live.streamtheworld.com; Max-Age=-1; Path=/; Secure; SameSite=None
gu-qs=redir%3Dhttps%253A%252F%252Fplay.adtonos.com%252Ftriton%252Fpixel.gif%253Fid%253D%2540UUID%2540; Domain=live.streamtheworld.com; Max-Age=-1; Path=/
gu-qs-s=redir%3Dhttps%253A%252F%252Fplay.adtonos.com%252Ftriton%252Fpixel.gif%253Fid%253D%2540UUID%2540; Domain=live.streamtheworld.com; Max-Age=-1; Path=/; Secure; SameSite=None
content-language: en-US
location: https://play.adtonos.com/triton/pixel.gif?id=b4fd65c2-a7ba-4eea-ab34-1053817d694d
x-stw-server: par-strc-docker01_8082
x-stw-site: PAR
access-control-allow-origin: *
connection: close
kimcartoon.li/Scripts/oran.min.js?v=3.19
200 OK 0 B URL HTTP/2 kimcartoon.li/Scripts/oran.min.js?v=3.19
IP
GET /Scripts/oran.min.js?v=3.19 HTTP/1.1
Host: kimcartoon.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/Cartoon/Daria-Version-2/Season-1-Episode-1-Esteemers?id=74420
Cookie: ASP.NET_SessionId=g2zrp1gd5duqn0u3cipbzlbf; k_token=eNgwOUqpuJyZILUOWxqNsde%2bc%2fPvLR1U3vN7ozFIoX1XgwaXEIEpaLZVdnLWDWOqTOGlp1ry5V8He5TFUmMk6bcPoTU3Uah%2fnswVyFEj2JiQDKgcNuItmEduE%2f6u9RYwo7W%2buCku85XW%2bt2Xs64SSFtAnghr0kYXhDETQS8Pu0w%3d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:13 GMT
content-type: application/javascript
last-modified: Sun, 19 Mar 2017 11:18:17 GMT
etag: W/"85d6d681a2a0d21:0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5065
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ODVoPnIF4i6uTE%2BEh087ukQV5w%2B9PLphEQLvoPwGcACotrXCHmAKQSSvOv2aNja1VHx6yiIyHghGcEOYMwv6nFWKMtUPqMNe%2Bh8%2FnScez%2B%2B3Q5bfihefeO1g2PjkDQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a3469a7b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
kimcartoon.li/Ads/geniee728.aspx
200 OK 0 B URL HTTP/2 kimcartoon.li/Ads/geniee728.aspx
IP
GET /Ads/geniee728.aspx HTTP/1.1
Host: kimcartoon.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/Cartoon/Daria-Version-2/Season-1-Episode-1-Esteemers?id=74420
Cookie: ASP.NET_SessionId=g2zrp1gd5duqn0u3cipbzlbf; k_token=eNgwOUqpuJyZILUOWxqNsde%2bc%2fPvLR1U3vN7ozFIoX1XgwaXEIEpaLZVdnLWDWOqTOGlp1ry5V8He5TFUmMk6bcPoTU3Uah%2fnswVyFEj2JiQDKgcNuItmEduE%2f6u9RYwo7W%2buCku85XW%2bt2Xs64SSFtAnghr0kYXhDETQS8Pu0w%3d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:14 GMT
content-type: text/html; charset=utf-8
cache-control: private
access-control-allow-origin: http://kimcartoon.li
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fn8c6l2LhCx2ENfVhFncu7d2%2B069lrUzUpmkPRNWEpqN5BbxRvDBHlI6NJAXMBpDP0fnVGdSHu4wQP74BXj1q2mSUJb2HACS3T2w3woAXq3CnqRMXttx1ySc63T0teE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79104a374be9b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
js.genieessp.com/j/inview.20190130.min.js
200 OK 0 B URL HTTP/2 js.genieessp.com/j/inview.20190130.min.js
IP
ASN #10010 TOKAI Communications Corporation
GET /j/inview.20190130.min.js HTTP/1.1
Host: js.genieessp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 07:35:17 GMT
content-type: application/javascript
last-modified: Thu, 14 Feb 2019 06:15:01 GMT
etag: W/"5c650765-13cd"
cross-origin-resource-policy: cross-origin
expires: Mon, 29 Jan 2024 07:35:17 GMT
cache-control: max-age=31536000, private
content-encoding: gzip
X-Firefox-Spdy: h2
www.cloudflare.com/cdn-cgi/trace
200 OK 0 B URL HTTP/2 www.cloudflare.com/cdn-cgi/trace
IP
GET /cdn-cgi/trace HTTP/1.1
Host: www.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app.audiopulsar.com
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:18 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 79104a55a86f0b51-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
app.audiopulsar.com/ce.json
200 OK 0 B URL HTTP/2 app.audiopulsar.com/ce.json
IP
ASN #34989 ServeTheWorld AS
GET /ce.json HTTP/1.1
Host: app.audiopulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:17 GMT
content-type: application/json
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 173797
cdn-uid: 54876772-1b75-4d80-bae5-e278cce146bd
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=10800
last-modified: Sun, 29 Jan 2023 06:32:48 GMT
cdn-storageserver: DE-164
cdn-fileserver: 190
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 01/29/2023 06:48:40
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 82789cd683eb7935a304b49b67788df7
cdn-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
app.audiopulsar.com/js/app-8a399aca.5e5258bf.js
200 OK 0 B URL HTTP/2 app.audiopulsar.com/js/app-8a399aca.5e5258bf.js
IP
ASN #34989 ServeTheWorld AS
GET /js/app-8a399aca.5e5258bf.js HTTP/1.1
Host: app.audiopulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:17 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 173797
cdn-uid: 54876772-1b75-4d80-bae5-e278cce146bd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=10800
etag: W/"6364f092-5609"
last-modified: Fri, 04 Nov 2022 10:59:30 GMT
cdn-storageserver: DE-199
cdn-fileserver: 246
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/29/2023 06:48:39
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 78a7c63761588456228cbf7bb01ef9d0
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ads.betweendigital.com/adjson?t=prebid
200 OK 0 B URL HTTP/2 ads.betweendigital.com/adjson?t=prebid
IP
POST /adjson?t=prebid HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2322
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-origin: https://kimcartoon.li
access-control-allow-credentials: true
set-cookie: dc=lux1; Max-Age=31536000; Expires=Mon, 29 Jan 2024 07:35:22 GMT; Path=/; Domain=.betweendigital.com
tuuid=b8cfb055-a472-521d-bd94-2e1fde420fa5; Max-Age=31536000; Expires=Mon, 29 Jan 2024 07:35:22 GMT; Path=/; Domain=.betweendigital.com
ut=Y9YhugADDUBl_0ZCyKNOLXjS4LNv-vecfzlE4w==; Max-Age=31536000; Expires=Mon, 29 Jan 2024 07:35:22 GMT; Path=/; Domain=.betweendigital.com
unm=1; Max-Age=31536000; Expires=Mon, 29 Jan 2024 07:35:22 GMT; Path=/; Domain=.betweendigital.com
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
kimcartoon.li/External/RSK
200 OK 0 B URL HTTP/2 kimcartoon.li/External/RSK
IP
POST /External/RSK HTTP/1.1
Host: kimcartoon.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 9
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/Cartoon/Daria-Version-2/Season-1-Episode-1-Esteemers?id=74420
Cookie: ASP.NET_SessionId=g2zrp1gd5duqn0u3cipbzlbf; k_token=eNgwOUqpuJyZILUOWxqNsde%2bc%2fPvLR1U3vN7ozFIoX1XgwaXEIEpaLZVdnLWDWOqTOGlp1ry5V8He5TFUmMk6bcPoTU3Uah%2fnswVyFEj2JiQDKgcNuItmEduE%2f6u9RYwo7W%2buCku85XW%2bt2Xs64SSFtAnghr0kYXhDETQS8Pu0w%3d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:13 GMT
content-type: text/html; charset=utf-8
cache-control: private
access-control-allow-origin: http://kimcartoon.li
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxoFxIRzsth5WBRiNMi9B8IRS9vWey9MbljIj1OQc6BiPhbarGQxyYDK70AD8IoGBvoCQLs0jymXYnNaQn7Av24faOUC0gxoHV9GeVmtdKcPWEsaXoFy%2FlOQzcxujyE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79104a353a58b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
200 OK 0 B URL HTTP/2 kimcartoon.li/Content/css/tpl_style.css?v=10.14.2
IP
GET /Content/css/tpl_style.css?v=10.14.2 HTTP/1.1
Host: kimcartoon.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/Cartoon/Daria-Version-2/Season-1-Episode-1-Esteemers?id=74420
Cookie: ASP.NET_SessionId=g2zrp1gd5duqn0u3cipbzlbf; k_token=eNgwOUqpuJyZILUOWxqNsde%2bc%2fPvLR1U3vN7ozFIoX1XgwaXEIEpaLZVdnLWDWOqTOGlp1ry5V8He5TFUmMk6bcPoTU3Uah%2fnswVyFEj2JiQDKgcNuItmEduE%2f6u9RYwo7W%2buCku85XW%2bt2Xs64SSFtAnghr0kYXhDETQS8Pu0w%3d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:13 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=29409
last-modified: Thu, 18 Apr 2019 03:33:23 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 173
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3Fk83b1FTOnseEPXY1IQUGqumu6t6XMnLSylDHzKjlB4EbbzASNxlhGYqq%2FoWoLi%2FKsMD4obSYC3t7yrGar02QcVk2Oz58lIDZfS7afAxTr7aMVOjJ6qVdVZXYkDoc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a34599fb4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
200 OK 0 B URL HTTP/2 rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
IP
GET /rules-p-6Fv0cGNfc_bw8.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 13 Oct 2022 22:35:53 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
date: Sun, 29 Jan 2023 06:37:59 GMT
cache-control: max-age=3600
etag: W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 98-YQ_qscnP9mGWkWKvB8_hV-YSdfQmwuBJQp31LpiWjx6ZAdIHy7w==
age: 3441
X-Firefox-Spdy: h2
sblongvu.com/js/app.min.50.js
200 OK 0 B URL HTTP/2 sblongvu.com/js/app.min.50.js
IP
Analyzer Verdict Alert fortinet Malware
GET /js/app.min.50.js HTTP/1.1
Host: sblongvu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sblongvu.com/e/8d2mivg2ncd4.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:14 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 14 Jan 2023 03:28:35 GMT
etag: W/"63c22163-549de"
expires: Sun, 05 Feb 2023 01:55:49 GMT
cache-control: max-age=604800
access-control-allow-origin: *
cf-cache-status: HIT
age: 20365
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PvJkroPvPLgbUwu3cDfYtMgbPMOFSo9bTxrFjtQTcVRYeXp%2Bsnc%2BPRb3AyomoFQ9tEVEJ8yca7eOPYfyiBZOjK9mO5qwbAtEI%2BuidoQfg6Ucvqn9E3xk6ed98WUxrJw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a3b894735de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
app.audiopulsar.com/css/chunk-vendors-d939e436.4b00ca38.css
200 OK 0 B URL HTTP/2 app.audiopulsar.com/css/chunk-vendors-d939e436.4b00ca38.css
IP
ASN #34989 ServeTheWorld AS
GET /css/chunk-vendors-d939e436.4b00ca38.css HTTP/1.1
Host: app.audiopulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:17 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 173797
cdn-uid: 54876772-1b75-4d80-bae5-e278cce146bd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=10800
etag: W/"61fcbd34-8957"
last-modified: Fri, 04 Feb 2022 05:44:20 GMT
cdn-storageserver: DE-51
cdn-fileserver: 269
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/29/2023 06:48:39
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 827c7309d4587de629f8ed5dd2669ddb
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
app.audiopulsar.com/js/app-748942c6.c4c18d1d.js
200 OK 0 B URL HTTP/2 app.audiopulsar.com/js/app-748942c6.c4c18d1d.js
IP
ASN #34989 ServeTheWorld AS
GET /js/app-748942c6.c4c18d1d.js HTTP/1.1
Host: app.audiopulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:17 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 173797
cdn-uid: 54876772-1b75-4d80-bae5-e278cce146bd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=10800
etag: W/"63c98e29-b6b7"
last-modified: Thu, 19 Jan 2023 18:38:33 GMT
cdn-storageserver: DE-164
cdn-fileserver: 528
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/29/2023 06:48:39
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 8a8df1e03ded21e9585a041790bf41d6
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
mp.4dex.io/prebid
200 OK 0 B IP
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 7384
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:20 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://kimcartoon.li
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
x-warn: Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: 26711, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: 26300, Process Seats Booster. unable to get the seat booster engine for organization: 1015
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79104a622ecb0b06-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
app.audiopulsar.com/js/chunk-vendors-ec8c427e.1a4ce1a5.js
200 OK 0 B URL HTTP/2 app.audiopulsar.com/js/chunk-vendors-ec8c427e.1a4ce1a5.js
IP
ASN #34989 ServeTheWorld AS
GET /js/chunk-vendors-ec8c427e.1a4ce1a5.js HTTP/1.1
Host: app.audiopulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:17 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 173797
cdn-uid: 54876772-1b75-4d80-bae5-e278cce146bd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=10800
etag: W/"61ff8798-384f"
last-modified: Sun, 06 Feb 2022 08:32:24 GMT
cdn-storageserver: DE-169
cdn-fileserver: 292
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/29/2023 06:48:39
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: bcc2c127177f71bdbd40f9b1e89bab21
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
sblongvu.com/player8/jwplayer.8.9.5.js
200 OK 0 B URL HTTP/2 sblongvu.com/player8/jwplayer.8.9.5.js
IP
Analyzer Verdict Alert fortinet Malware
GET /player8/jwplayer.8.9.5.js HTTP/1.1
Host: sblongvu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sblongvu.com/e/8d2mivg2ncd4.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:14 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 22 Oct 2021 21:22:58 GMT
etag: W/"61732bb2-1a859"
expires: Sun, 05 Feb 2023 01:55:41 GMT
cache-control: max-age=604800
access-control-allow-origin: *
cf-cache-status: HIT
age: 20373
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2VJmeDZSd%2BC0aihIM64UEqbnT0eg2NgVZoBScIEijxz%2FFmscFMf%2F1029hIxvPMjVm5LD8hg0KHHdDFsCrPwx4MugIBjbtjM0Fh1McKGenUey9wLWjVRJQ2LjC0pQBk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a3b893d35de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP
Analyzer Verdict Alert fortinet Malware
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sblongvu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:17 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: d2b0b9f51a49f6191b651b1d2ecc05ba
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 29 Jan 2023 07:35:16 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7e2Hb3dZsBsx0IOH6M9t0lckHLYD%2F9aeV9W9u98ISYPuKYVe45wz2BaPo5ZHTpRrxMHJqQv7uohni94r0MQkJMvNmK2foyHe%2BteTtM0H1U%2BJf1OMdWYHQWF7e4V0q9motdCqbKs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a4a2a7324ec-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rndskittytor.com/400/5374683
200 OK 0 B URL HTTP/2 rndskittytor.com/400/5374683
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /400/5374683 HTTP/1.1
Host: rndskittytor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 07:35:13 GMT
content-type: application/javascript
x-trace-id: 08046c9ef55ab2e4b73272fe667fd82b
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=f1d02aa3556f4e378a61f270a947478e; expires=Mon, 29 Jan 2024 07:35:13 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
www.cloudflare.com/cdn-cgi/trace
200 OK 0 B URL HTTP/2 www.cloudflare.com/cdn-cgi/trace
IP
GET /cdn-cgi/trace HTTP/1.1
Host: www.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app.audiopulsar.com
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:20 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 79104a600e8e0b51-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D1fe293c3-188d-4789-beb1-9f41ecfa3f62
200 OK 0 B URL HTTP/2 image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D1fe293c3-188d-4789-beb1-9f41ecfa3f62
IP
GET /AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D1fe293c3-188d-4789-beb1-9f41ecfa3f62 HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kimcartoon.li/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 07:35:21 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
app.audiopulsar.com/js/chunk-vendors-fdc6512a.fb35ff3c.js
200 OK 0 B URL HTTP/2 app.audiopulsar.com/js/chunk-vendors-fdc6512a.fb35ff3c.js
IP
ASN #34989 ServeTheWorld AS
GET /js/chunk-vendors-fdc6512a.fb35ff3c.js HTTP/1.1
Host: app.audiopulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:17 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 173797
cdn-uid: 54876772-1b75-4d80-bae5-e278cce146bd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=10800
etag: W/"61fcbdb1-292a"
last-modified: Fri, 04 Feb 2022 05:46:25 GMT
cdn-storageserver: DE-200
cdn-fileserver: 292
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/29/2023 06:48:39
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 8db2f87518391569ac9de2263ac5a900
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ads.themoneytizer.com/bidder1/moneybid.js?siteid=92736&adid=2&formatid=26300&size=desktop
200 OK 0 B URL HTTP/2 ads.themoneytizer.com/bidder1/moneybid.js?siteid=92736&adid=2&formatid=26300&size=desktop
IP
ASN #60068 Datacamp Limited
GET /bidder1/moneybid.js?siteid=92736&adid=2&formatid=26300&size=desktop HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:20 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://kimcartoon.li
cache-control: max-age=604800
x-accel-expires: @1675400827
server: CDN77-Turbo
vary: Origin
x-77-nzt: AblMCRTPf9LvvcUCAA
x-77-nzt-ray: af5856309710f2d6b821d663ddaef026
x-cache: HIT
x-age: 181693
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
kimcartoon.li/Content/css/upload-progress.css
200 OK 0 B URL HTTP/2 kimcartoon.li/Content/css/upload-progress.css
IP
GET /Content/css/upload-progress.css HTTP/1.1
Host: kimcartoon.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/Cartoon/Daria-Version-2/Season-1-Episode-1-Esteemers?id=74420
Cookie: ASP.NET_SessionId=g2zrp1gd5duqn0u3cipbzlbf; k_token=eNgwOUqpuJyZILUOWxqNsde%2bc%2fPvLR1U3vN7ozFIoX1XgwaXEIEpaLZVdnLWDWOqTOGlp1ry5V8He5TFUmMk6bcPoTU3Uah%2fnswVyFEj2JiQDKgcNuItmEduE%2f6u9RYwo7W%2buCku85XW%2bt2Xs64SSFtAnghr0kYXhDETQS8Pu0w%3d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:13 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=669
etag: W/"70968e30d95cd01:0"
last-modified: Thu, 12 Mar 2015 15:28:28 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 173
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U14Fr45OrtrLdd59V2JYPYwDrexWkdqaBNK2f3umOWZxGdUo4P3vtAbZgK4Su3PAU3xvQVgEKck6NL5jJxm3H%2FYfY6klUgJzGAo2tuUVtYxKD9NcrACVOJaNAX4G%2FCY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a3459a0b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
kimcartoon.li/Scripts/aes.js
200 OK 0 B URL HTTP/2 kimcartoon.li/Scripts/aes.js
IP
GET /Scripts/aes.js HTTP/1.1
Host: kimcartoon.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/Cartoon/Daria-Version-2/Season-1-Episode-1-Esteemers?id=74420
Cookie: ASP.NET_SessionId=g2zrp1gd5duqn0u3cipbzlbf; k_token=eNgwOUqpuJyZILUOWxqNsde%2bc%2fPvLR1U3vN7ozFIoX1XgwaXEIEpaLZVdnLWDWOqTOGlp1ry5V8He5TFUmMk6bcPoTU3Uah%2fnswVyFEj2JiQDKgcNuItmEduE%2f6u9RYwo7W%2buCku85XW%2bt2Xs64SSFtAnghr0kYXhDETQS8Pu0w%3d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:13 GMT
content-type: application/javascript
access-control-allow-origin: http://kimcartoon.li
cf-bgj: minify
cf-polished: origSize=13360
etag: W/"905ba1dac9ad11:0"
last-modified: Wed, 20 Apr 2016 02:26:32 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5065
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=grbZymfPPz3CQO41QWPTN1EE5mulsxQPlX%2FoLHrU%2BjGksKheIPSLcNhopnRNx19bXYU8jt4XfrKyo%2BCH2w4E7oxIa%2F4b3ZZ78wd0GjlgjETZAmvS%2Fc3FY%2FwdlfaSanU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a3459a3b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
200 OK 0 B IP
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:14 GMT
content-type: application/javascript
last-modified: Thu, 29 Dec 2022 16:01:28 GMT
etag: W/"63adb9d8-3341"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 118
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V99KOH%2FT9fwbOYP%2BhB3tC4OfPaSfpRm6O88Sw5tJSmHgV%2FtwUAB3yMxrKtJ%2Bsp%2B39nkV3Lqc20lzQP8lf6vSm4I%2BGyGu2mhaA50oP1zRwh%2F9GVTF5ZOsJWfmgXB8sA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a396a9cfab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
200 OK 0 B URL HTTP/2 secure.quantserve.com/quant.js
IP
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:19 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "OVi4z6W4qM+KoQEZlRgh5w=="
expires: Sun, 05 Feb 2023 07:35:19 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.themoneytizer.com/bidder1/moneybid.js?siteid=92736&adid=20&formatid=26706&size=desktop
200 OK 0 B URL HTTP/2 ads.themoneytizer.com/bidder1/moneybid.js?siteid=92736&adid=20&formatid=26706&size=desktop
IP
ASN #60068 Datacamp Limited
GET /bidder1/moneybid.js?siteid=92736&adid=20&formatid=26706&size=desktop HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:20 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://kimcartoon.li
cache-control: max-age=604800
x-accel-expires: @1675400827
server: CDN77-Turbo
vary: Origin
x-77-nzt: AblMCRTMnIXvvcUCAA
x-77-nzt-ray: af5856309710f2d6b821d6639cdfb425
x-cache: HIT
x-age: 181693
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
200 OK 0 B URL HTTP/2 spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
IP
GET /mapper.js?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:19 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://kimcartoon.li
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79104a5a6da2b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
ads.themoneytizer.com/bidder1/moneybid.js?siteid=92736&adid=19&formatid=26711&size=desktop
200 OK 0 B URL HTTP/2 ads.themoneytizer.com/bidder1/moneybid.js?siteid=92736&adid=19&formatid=26711&size=desktop
IP
ASN #60068 Datacamp Limited
GET /bidder1/moneybid.js?siteid=92736&adid=19&formatid=26711&size=desktop HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://kimcartoon.li
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:20 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://kimcartoon.li
cache-control: max-age=604800
x-accel-expires: @1675400827
server: CDN77-Turbo
vary: Origin
x-77-nzt: AblMCRTZ443vvcUCAA
x-77-nzt-ray: af5856309710f2d6b821d66371244926
x-cache: HIT
x-age: 181693
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
kimcartoon.li/Scripts/sha256.min.js
200 OK 0 B URL HTTP/2 kimcartoon.li/Scripts/sha256.min.js
IP
GET /Scripts/sha256.min.js HTTP/1.1
Host: kimcartoon.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/Cartoon/Daria-Version-2/Season-1-Episode-1-Esteemers?id=74420
Cookie: ASP.NET_SessionId=g2zrp1gd5duqn0u3cipbzlbf; k_token=eNgwOUqpuJyZILUOWxqNsde%2bc%2fPvLR1U3vN7ozFIoX1XgwaXEIEpaLZVdnLWDWOqTOGlp1ry5V8He5TFUmMk6bcPoTU3Uah%2fnswVyFEj2JiQDKgcNuItmEduE%2f6u9RYwo7W%2buCku85XW%2bt2Xs64SSFtAnghr0kYXhDETQS8Pu0w%3d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:13 GMT
content-type: application/javascript
last-modified: Thu, 02 Jun 2016 01:56:16 GMT
etag: W/"b03f25f371bcd11:0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5065
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6H2L07zE37NN23rP0OCdI5Ul%2F84%2BddVoJ%2BnodmJEEnMxybttQC57CT%2FsmFz9BBf%2B0YVwpexG8OrA5D8ZBowQVf8pNj2Tb9NE1PdrgXVuf%2ByJ6bbJNvYeT29PMm2vOSA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a3469a6b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
kimcartoon.li/Ads/geniee300b.aspx
200 OK 0 B URL HTTP/2 kimcartoon.li/Ads/geniee300b.aspx
IP
GET /Ads/geniee300b.aspx HTTP/1.1
Host: kimcartoon.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/Cartoon/Daria-Version-2/Season-1-Episode-1-Esteemers?id=74420
Cookie: ASP.NET_SessionId=g2zrp1gd5duqn0u3cipbzlbf; k_token=eNgwOUqpuJyZILUOWxqNsde%2bc%2fPvLR1U3vN7ozFIoX1XgwaXEIEpaLZVdnLWDWOqTOGlp1ry5V8He5TFUmMk6bcPoTU3Uah%2fnswVyFEj2JiQDKgcNuItmEduE%2f6u9RYwo7W%2buCku85XW%2bt2Xs64SSFtAnghr0kYXhDETQS8Pu0w%3d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:14 GMT
content-type: text/html; charset=utf-8
cache-control: private
access-control-allow-origin: http://kimcartoon.li
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2Bgts1cGJkwG2xSdFNDrzOCzl0G2t59SkRO%2B9NKudd%2FaRlPQsTelZv%2FaYdwdu7%2Fk4YWWch1yrl9Xll85SVb1qo7II%2Fuq9%2FZdqFY69uLOLLUXUL79Xgl8VT%2BF%2BCapsl4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79104a374bf2b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
ssl.p.jwpcdn.com/player/v/8.9.5/jwpsrv.js
307 Temporary Redirect 0 B URL HTTP/2 ssl.p.jwpcdn.com/player/v/8.9.5/jwpsrv.js
IP
GET /player/v/8.9.5/jwpsrv.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sblongvu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Sun, 29 Jan 2023 07:35:15 GMT
content-type: text/html; charset=UTF-8
location: https://widgets.amung.us/draw/?w=small&n=54900&c=ffc20e000000&p=left
cache-control: max-age=295
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79104a4358f99900-ARN
X-Firefox-Spdy: h2
ads.themoneytizer.com/IIQUniversalID.js
200 OK 0 B URL HTTP/2 ads.themoneytizer.com/IIQUniversalID.js
IP
ASN #60068 Datacamp Limited
GET /IIQUniversalID.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:19 GMT
content-type: application/javascript
last-modified: Wed, 12 Oct 2022 18:48:43 GMT
expires: Sat, 28 Jan 2023 05:04:08 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1675055050
server: CDN77-Turbo
x-77-nzt: AblMCRRGtQj/bSMAAA
x-77-nzt-ray: af5856309710f2d6b721d663883a3305
x-cache: HIT
x-age: 9069
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ialaddin.genieesspv.jp/yie/ld/jsk?zoneid=1495179&cb=47833772090&charset=UTF-8&loc=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&sw=1024&sh=1280&topframe=0
200 OK 0 B URL HTTP/2 ialaddin.genieesspv.jp/yie/ld/jsk?zoneid=1495179&cb=47833772090&charset=UTF-8&loc=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&sw=1024&sh=1280&topframe=0
IP
ASN #10010 TOKAI Communications Corporation
GET /yie/ld/jsk?zoneid=1495179&cb=47833772090&charset=UTF-8&loc=https%3A%2F%2Fkimcartoon.li%2FCartoon%2FDaria-Version-2%2FSeason-1-Episode-1-Esteemers%3Fid%3D74420&sw=1024&sh=1280&topframe=0 HTTP/1.1
Host: ialaddin.genieesspv.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kimcartoon.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:18 GMT
content-type: text/javascript; charset=UTF-8
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
content-encoding: gzip
X-Firefox-Spdy: h2
kimcartoon.li/Cartoon/Daria-Version-2/Season-1-Episode-1-Esteemers?id=74420
200 OK 0 B URL HTTP/2 kimcartoon.li/Cartoon/Daria-Version-2/Season-1-Episode-1-Esteemers?id=74420
IP
GET /Cartoon/Daria-Version-2/Season-1-Episode-1-Esteemers?id=74420 HTTP/1.1
Host: kimcartoon.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:13 GMT
content-type: text/html; charset=utf-8
cache-control: private
set-cookie: ASP.NET_SessionId=g2zrp1gd5duqn0u3cipbzlbf; path=/; HttpOnly; SameSite=Lax
k_token=eNgwOUqpuJyZILUOWxqNsde%2bc%2fPvLR1U3vN7ozFIoX1XgwaXEIEpaLZVdnLWDWOqTOGlp1ry5V8He5TFUmMk6bcPoTU3Uah%2fnswVyFEj2JiQDKgcNuItmEduE%2f6u9RYwo7W%2buCku85XW%2bt2Xs64SSFtAnghr0kYXhDETQS8Pu0w%3d; path=/
access-control-allow-origin: http://kimcartoon.li
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RxFba6bxF5uf4QmgNhO0vJmJft1x6U8LuTfI8yNqd2kwEZPg38lOPvruvSrDASg3tBBO6MRaJDadgn4H8X%2BnmvWZfoDNePPc%2FKgQW3B%2Br7AvDkY10NM2C7PLWK9%2FRrM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79104a304e87b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
sblongvu.com/js/jquery.min.js
200 OK 0 B URL HTTP/2 sblongvu.com/js/jquery.min.js
IP
Analyzer Verdict Alert fortinet Malware
GET /js/jquery.min.js HTTP/1.1
Host: sblongvu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sblongvu.com/e/8d2mivg2ncd4.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:14 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 05 May 2020 04:02:38 GMT
etag: W/"5eb0e55e-15d84"
expires: Sun, 05 Feb 2023 01:55:41 GMT
cache-control: max-age=604800
access-control-allow-origin: *
cf-cache-status: HIT
age: 20373
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQ%2BekcQNFUJctPTxKv5xH8nL6LHHRcjI5tsL9btU3d3FP559CP4ayXqwtVhOADMzb%2FTyNxj%2BdwOglkpB8Y%2FcDSEQmmxu0T1rJJA1BNb8HxeYvO8YaoLXXBj1%2BZLLWO0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79104a3b792b35de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
app.audiopulsar.com/js/chunk-vendors-f5586520.35ff7895.js
200 OK 0 B URL HTTP/2 app.audiopulsar.com/js/chunk-vendors-f5586520.35ff7895.js
IP
ASN #34989 ServeTheWorld AS
GET /js/chunk-vendors-f5586520.35ff7895.js HTTP/1.1
Host: app.audiopulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.audiopulsar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:35:17 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 173797
cdn-uid: 54876772-1b75-4d80-bae5-e278cce146bd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=10800
etag: W/"61fcbdab-d286"
last-modified: Fri, 04 Feb 2022 05:46:19 GMT
cdn-storageserver: DE-51
cdn-fileserver: 292
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/29/2023 06:48:39
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 93c59f02a7d4e5a2ca18bb2954aca338
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
172.67.75.118
139.45.197.238
54.38.64.100
54.73.141.92
35.156.167.37
185.76.9.25
184.24.45.54
77.88.21.119
192.173.31.109
104.22.75.171
188.42.191.196
133.186.12.14
172.255.6.128
188.114.99.234
157.240.200.14
185.104.210.16