Report - anchira.to

Report Overview

Visited public
2024-01-23 06:41:37
Tags
Submit Tags
URL
anchira.to
Finishing URL
anchira.to/
IP / ASN
172.67.158.132
#13335 CLOUDFLARENET
Title
Browse - Anchira

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
anchira.to	unknown	unknown	2023-10-18 19:57:25	2024-01-21 05:04:44	7.8 kB	1.2 MB	104.21.33.38
img.vmmcdn.com	36292	2019-11-26	2019-11-26 11:59:17	2024-01-23 01:03:36	806 B	116 kB	138.201.51.142
js.wpadmngr.com	25762	2021-06-02	2021-06-02 16:43:46	2024-01-21 05:34:24	814 B	107 kB	45.133.44.53
js.wpushsdk.com	36947	2021-05-07	2021-05-07 14:03:12	2024-01-21 08:41:39	812 B	644 kB	45.133.44.52
accounts.google.com	81	1997-09-15	2016-03-20 13:44:49	2024-01-22 23:48:34	1.7 kB	4.9 kB	64.233.161.84
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2024-01-22 18:12:41	1.3 kB	59 kB	151.101.65.229
09a1201bdf.202a02210a.com	unknown	unknown	No data	No data	8.4 kB	7.3 kB	94.130.198.6
static.bookmsg.com	47495	2020-09-15	2020-11-24 15:56:32	2024-01-22 02:20:16	1.1 kB	1.8 kB	45.133.44.25
mcpuwpsh.com	unknown	2022-08-12	2022-08-12 18:58:44	2024-01-21 15:07:41	472 B	8.5 kB	94.130.197.240
na.nawpush.com	38563	2020-12-21	2020-12-23 09:18:12	2024-01-21 15:22:22	436 B	2.4 kB	45.133.44.24
js.capndr.com	316718	2021-08-30	2021-08-30 14:51:01	2024-01-22 06:06:25	813 B	93 kB	45.133.44.52
storage.multstorage.com	unknown	2023-09-22	2023-09-22 14:56:00	2024-01-22 08:34:44	522 B	1.6 kB	172.67.174.51
kisakisexo.xyz	unknown	2023-10-19	2023-10-19 06:11:58	2024-01-20 17:42:10	16 kB	3.8 MB	104.21.2.226
fp.metricswpsh.com	unknown	2021-10-29	2022-04-22 13:20:32	2024-01-22 04:30:18	1.0 kB	806 B	157.90.84.242
nereserv.com	40015	2020-12-21	2020-12-21 12:07:56	2024-01-22 06:06:26	584 B	320 B	167.235.163.216
cipdn.com	unknown	2023-07-13	2023-07-13 19:31:03	2024-01-22 11:54:53	975 B	182 B	213.239.207.252
ef106879f8.f794d2f9d9.com	unknown	2023-12-24	2024-01-20 04:51:54	2024-01-23 05:36:26	867 B	322 B	45.133.44.53

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-01-23	medium	202a02210a.com	Sinkholed
2024-01-23	medium	202a02210a.com	Sinkholed
2024-01-23	medium	202a02210a.com	Sinkholed
2024-01-23	medium	202a02210a.com	Sinkholed
2024-01-23	medium	f794d2f9d9.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (16)

	URL	From	Size	First Seen	Last Seen
	js.wpadmngr.com/static/adManager.js	ScriptElement	1.7 kB	2024-01-10	2024-08-20
Pretty URL js.wpadmngr.com/static/adManager.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-10 19:45 Last Seen2024-08-20 12:41 Times Seen419 Hash f11b56acd3ca809e708126e8f7ff8f58 933bd68823d96834eb50298715454c40104cc917 b78c5c3f93b9d9d8dcb46d08d4f67cbcf71ff8b2ec96c03543fc377ce446b6e6 Loading...

	unknown	ScriptElement	247 B	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 11:27 Last Seen2024-08-20 11:27 Times Seen1 Hash 7a9cf904e3d78fac3ae4d840ab697e56 7eab0badd4bb905a617d9e287036eaff20e4a57b 15152048cbfd11aa9b18b976be28cd1bd06a1ab10da8217ca860c385ccf720c6 Loading...

	cdn.jsdelivr.net/npm/streamsaver@2.0.3/StreamSaver.min.js	ScriptElement	4.0 kB	2023-06-23	2025-01-07
Pretty URL cdn.jsdelivr.net/npm/streamsaver@2.0.3/StreamSaver.min.js IP 151.101.65.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-23 16:34 Last Seen2025-01-07 12:07 Times Seen12 Hash 25d87b60ef1f53a7ed5076160d76c8b4 62ea7f94aa03d469580f77b79a0e383ee918bd7d d1dd08e65fa7b3fc43824a7aa8c165073e4231369495acec6c6c56bd9944a026 Loading...

	cdn.jsdelivr.net/npm/axios@1.1.2/dist/axios.min.js	ScriptElement	27 kB	2023-03-08	2025-06-29
Pretty URL cdn.jsdelivr.net/npm/axios@1.1.2/dist/axios.min.js IP 151.101.65.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:20 Last Seen2025-06-29 01:59 Times Seen864 Hash 68b395fd3cd02432ec6ce3a4a34332c0 69edb681673e5ad794d33f9f05b8b08ea940c13b ffb6e270a7bbb1ea1b797965ae85e35760b38b98744478a4151ddee79a31d215 Loading...

	cdn.jsdelivr.net/npm/web-streams-polyfill@2.0.2/dist/ponyfill.min.js	ScriptElement	44 kB	2023-03-10	2025-05-21
Pretty URL cdn.jsdelivr.net/npm/web-streams-polyfill@2.0.2/dist/ponyfill.min.js IP 151.101.65.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:42 Last Seen2025-05-21 19:43 Times Seen14 Hash 15f5a8613ba4cdc96560b32708c66475 2c13162876f361e1490c3b37998cb307eea65c87 fb098daba4b9ca85f5fb0bd948b98da76b6694c7a778fe6b19508ad3d281689e Loading...

	js.wpushsdk.com/skins/nmain.m.js	ScriptElement	445 kB	2024-01-20	2024-08-20
Pretty URL js.wpushsdk.com/skins/nmain.m.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-20 06:14 Last Seen2024-08-20 11:44 Times Seen202 Hash db0d015289f2ba3b4f012653a74fac41 aa65650766d68741d191dfb9c37f65999692ecab f66764ec186ab49165ce4fa6a0d60df7b888566212b1b060c83618c972008f78 Loading...

	anchira.to/	ScriptElement	1.1 kB	2024-08-20	2024-08-20
Pretty URL anchira.to/ IP 104.21.33.38 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 11:27 Last Seen2024-08-20 11:27 Times Seen1 Hash 7b988fabb5477ceb2e94d4017f0cfa38 77e24ccad45bf2318ce4d3201be6766bdc6c3b86 410c7c7ec94809a3c304826e6524a97d81eeca46af6aea3716c6d412715ae76c Loading...

	anchira.to/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	7.4 kB	2024-08-20	2024-08-20
Pretty URL anchira.to/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.21.33.38 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 11:27 Last Seen2024-08-20 11:27 Times Seen1 Hash 3306af4e384204f6d140439fa023a254 cdbed7af3bc7cf903860d81fb601dc4f9920176b 2dd8a310b2f9f8a3c6308988a39e998866d4b1c8785cea1951b732a57949f659 Loading...

	storage.multstorage.com/log/count.html	ScriptElement	718 B	2023-09-18	2025-03-01
Pretty URL storage.multstorage.com/log/count.html IP 172.67.174.51 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-18 17:19 Last Seen2025-03-01 23:33 Times Seen12563 Hash 1f697a0f2411e463adbc1211493fe5a6 93c154152bda427938543b8efbd8d3b594abbac7 08a5735f5232b651af89f552e8d0fb7b21d6605fba48f335318699d80d12703e Loading...

	js.wpushsdk.com/npc/sdk/wpu/npush.m.js	ScriptElement	197 kB	2024-01-20	2024-08-20
Pretty URL js.wpushsdk.com/npc/sdk/wpu/npush.m.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-20 06:14 Last Seen2024-08-20 11:44 Times Seen104 Hash 30646d3a4e5f64a71b8665de5cc95fbf f845b85fffeb89e551bd68a51c2252db88e101ce d0756a02b1c82a9f79197dcf9b6c793d8716f508f002bee523b00cec2988d59b Loading...

	js.capndr.com/popunder-admanager/build.m.js	ScriptElement	93 kB	2024-01-22	2024-08-20
Pretty URL js.capndr.com/popunder-admanager/build.m.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-22 13:16 Last Seen2024-08-20 11:30 Times Seen5 Hash c796a467077eb5e85b9721efc82d800a 9b12f4331e1b459823dfa99fdedd6ebc4f2dcd99 17a802c4940abe0ea9242abc5a2db42d91692a269f3c54e4af464c69a09a162b Loading...

	anchira.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	ScriptElement	12 kB	2023-03-07	2025-07-01
Pretty URL anchira.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 104.21.33.38 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-01 06:46 Times Seen37986 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	anchira.to/_app/app.8fb6727fbde043793dad.js	ScriptElement	510 kB	2024-01-20	2024-08-20
Pretty URL anchira.to/_app/app.8fb6727fbde043793dad.js IP 104.21.33.38 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-20 17:42 Last Seen2024-08-20 11:42 Times Seen3 Hash c1e506dc7d269ff8fc797c35dcaad341 a8b1033756ff9a16c76a5cb679a3cdc988441649 80ba6d50b6b449057255216fd9d2d6dee39139236d45ac4199668a3e85bcc63e Loading...

	anchira.to/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	7.4 kB	2024-08-20	2024-08-20
Pretty URL anchira.to/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.21.33.38 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 11:27 Last Seen2024-08-20 11:27 Times Seen1 Hash 89401cf99dd81b41109df5529ac7893d c30584c62d43b8af2e83d4940d4e01212b2cb061 26ca1eacd61a38f183ae59ed4f3d5e611792c9de2b7c8f32b32ac6cc4fc2c2e0 Loading...

	js.wpadmngr.com/static/adManager.m.js	ScriptElement	105 kB	2024-01-16	2024-08-20
Pretty URL js.wpadmngr.com/static/adManager.m.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-16 14:26 Last Seen2024-08-20 12:24 Times Seen310 Hash 4c6f5b0a44e3baabbbb79ed22290a4d7 b628b3f1393ef91325f1792ebb13f01be9f1cda8 70bef0b9b90f224dcce56929057d20668fd82f6a6044195d3655b893657ff11b Loading...

	js.capndr.com/advertising.js	ScriptElement	0 B	0001-01-01	2025-07-01
Pretty URL js.capndr.com/advertising.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-07-01 06:48 Times Seen5223807 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (79)

URL IP Response Size

GET anchira.to/favicon-16x16.png

104.21.33.38

200 OK

934 B

URL GET HTTP/2
anchira.to/favicon-16x16.png
IP
104.21.33.38:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectanchira.to
FingerprintF1:81:34:89:AF:8F:80:EC:A5:2E:1A:41:20:1C:A2:7C:5C:D8:79:66
ValiditySat, 16 Dec 2023 18:25:51 GMT - Fri, 15 Mar 2024 18:25:50 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
934 B (934 bytes)
Hash
42c54fc5fa669ddbee2b736bb689ddc0
74cd5d143f281cae2448a21b6cec673e609d66b8
084d3f17c01c90e1fc55b29167bd03b9f73f652c249cc40d947b455455c2b8f2

HTTP Headers

GET /favicon-16x16.png HTTP/1.1
Host: anchira.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:09 GMT
content-type: image/png
content-length: 934
cache-control: public, max-age=259200
last-modified: Tue, 17 Oct 2023 18:58:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 111490
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 849e0ca02fdc5699-OSL
X-Firefox-Spdy: h2

GET anchira.to/android-chrome-512x512.png

104.21.33.38

200 OK

424 kB

URL GET HTTP/2
anchira.to/android-chrome-512x512.png
IP
104.21.33.38:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectanchira.to
FingerprintF1:81:34:89:AF:8F:80:EC:A5:2E:1A:41:20:1C:A2:7C:5C:D8:79:66
ValiditySat, 16 Dec 2023 18:25:51 GMT - Fri, 15 Mar 2024 18:25:50 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
424 kB (423571 bytes)
Hash
0872117f30f1fc0ebc1db08f42873d5f
38c3488fb4184474c2089f96a346e8121073b25e
6ee85d8b09857f02ca9ec6823088a68d9c699d2054fec5248b3d5a22c54243aa

HTTP Headers

GET /android-chrome-512x512.png HTTP/1.1
Host: anchira.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:09 GMT
content-type: image/png
content-length: 423571
cache-control: public, max-age=259200
last-modified: Tue, 17 Oct 2023 18:58:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 111490
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 849e0ca02fdb5699-OSL
X-Firefox-Spdy: h2

POST anchira.to/api/v1/auth/refresh

104.21.33.38

204 No Content

0 B

URL POST HTTP/2
anchira.to/api/v1/auth/refresh
IP
104.21.33.38:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectanchira.to
FingerprintF1:81:34:89:AF:8F:80:EC:A5:2E:1A:41:20:1C:A2:7C:5C:D8:79:66
ValiditySat, 16 Dec 2023 18:25:51 GMT - Fri, 15 Mar 2024 18:25:50 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/v1/auth/refresh HTTP/1.1
Host: anchira.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
X-Requested-With: XMLHttpRequest
Origin: https://anchira.to
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=rJHLhb_hdx5RN.82lFjCNTY8HF6_AoUTMO6IHR.Co9A-1705992069-1-ATjwP14PAdeLBZSS4ao3prBiS4AXMU+jxJQHNdBMj+h7dsXgsxFdDg/eWyE10tkoZQiGsFXsMBMpfAf1WxxgTOQ=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
date: Tue, 23 Jan 2024 06:41:09 GMT
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-ratelimit-limit: 5
x-ratelimit-remaining: 4
x-ratelimit-reset: 1705992070
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 849e0ca2dc985699-OSL
X-Firefox-Spdy: h2

GET anchira.to/fonts/inter-v13-latin-regular.woff2

104.21.33.38

200 OK

33 kB

URL GET HTTP/2
anchira.to/fonts/inter-v13-latin-regular.woff2
IP
104.21.33.38:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectanchira.to
FingerprintF1:81:34:89:AF:8F:80:EC:A5:2E:1A:41:20:1C:A2:7C:5C:D8:79:66
ValiditySat, 16 Dec 2023 18:25:51 GMT - Fri, 15 Mar 2024 18:25:50 GMT

File type
Web Open Font Format (Version 2), TrueType, length 21564, version 1.0
Size
33 kB (32733 bytes)
Hash
4bb0b0411b61e41087644ba1e42ce8e3
58f1305f801418fe90a74d84c04d2e8065e25b10
c25ac6df71a5f0ee69944ce202b5f88f005501ae4394a3e3f300dc38261fe48c

HTTP Headers

GET /fonts/inter-v13-latin-regular.woff2 HTTP/1.1
Host: anchira.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:09 GMT
content-type: font/woff2
cache-control: public, max-age=259200
last-modified: Mon, 16 Oct 2023 02:37:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 113745
server: cloudflare
cf-ray: 849e0c9fef6f5699-OSL
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/axios@1.1.2/dist/axios.min.js

151.101.65.229

200 OK

10 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/axios@1.1.2/dist/axios.min.js
IP
151.101.65.229:443
ASN
#54113 FASTLY

Requested by
https://anchira.to/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (26541)
Size
10 kB (10349 bytes)
Hash
68b395fd3cd02432ec6ce3a4a34332c0
69edb681673e5ad794d33f9f05b8b08ea940c13b
ffb6e270a7bbb1ea1b797965ae85e35760b38b98744478a4151ddee79a31d215

HTTP Headers

GET /npm/axios@1.1.2/dist/axios.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.1.2
x-jsd-version-type: version
etag: W/"67d4-ae22gWc+WteU0z+fBbiwjqlAwTs"
content-encoding: br
accept-ranges: bytes
date: Tue, 23 Jan 2024 06:41:09 GMT
age: 1715999
x-served-by: cache-fra-eddf8230112-FRA, cache-hel1410027-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10349
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/streamsaver@2.0.3/StreamSaver.min.js

151.101.65.229

200 OK

1.9 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/streamsaver@2.0.3/StreamSaver.min.js
IP
151.101.65.229:443
ASN
#54113 FASTLY

Requested by
https://anchira.to/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (3664)
Size
1.9 kB (1930 bytes)
Hash
25d87b60ef1f53a7ed5076160d76c8b4
62ea7f94aa03d469580f77b79a0e383ee918bd7d
d1dd08e65fa7b3fc43824a7aa8c165073e4231369495acec6c6c56bd9944a026

HTTP Headers

GET /npm/streamsaver@2.0.3/StreamSaver.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.0.3
x-jsd-version-type: version
etag: W/"f9c-Yup/lKoD1GlYD3e3mg44PukYvX0"
content-encoding: br
accept-ranges: bytes
date: Tue, 23 Jan 2024 06:41:09 GMT
age: 6053416
x-served-by: cache-fra-eddf8230090-FRA, cache-hel1410027-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1930
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12873/7fd4e32dff8e/m/1

104.21.2.226

200 OK

80 kB

URL GET HTTP/2
kisakisexo.xyz/12873/7fd4e32dff8e/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x791, components 3
Size
80 kB (79582 bytes)
Hash
1e4742bdbb305d987253eba6ba8dbc0c
cfea85fc595640df0e4878ba699ea96718032305
5e64e1380683b51d9957652c591aae6a4c169d17a450b919e0c23afe9e2c557a

HTTP Headers

GET /12873/7fd4e32dff8e/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:09 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Mon, 22 Jan 2024 07:15:08 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 81514
server: cloudflare
cf-ray: 849e0ca4d9b4568a-OSL
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12858/7752aa786ed2/m/1

104.21.2.226

200 OK

120 kB

URL GET HTTP/2
kisakisexo.xyz/12858/7752aa786ed2/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x791, components 3
Size
120 kB (119777 bytes)
Hash
10166db9f7b434d9cf0c0dbf64f36fac
f75cbcd3675c7ba002e5df3695c0d84e43168a88
aa2701de4dc4262ce393b08159049eb6790297c27c4568874754c9d553b986d2

HTTP Headers

GET /12858/7752aa786ed2/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:10 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Mon, 22 Jan 2024 04:22:38 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 81385
server: cloudflare
cf-ray: 849e0ca73e12568a-OSL
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12871/2e38d7d7ffd6/m/1

104.21.2.226

200 OK

158 kB

URL GET HTTP/2
kisakisexo.xyz/12871/2e38d7d7ffd6/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x791, components 3
Size
158 kB (157951 bytes)
Hash
f3ec677d6b9489ee729772d8acf3d61d
3dba057ed87062c48f22ad357e0456ea528e4198
d83edf0561a55ecd9f1923d08b5b6bf7006bcf8f4d743738687089094646d8d0

HTTP Headers

GET /12871/2e38d7d7ffd6/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:09 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Mon, 22 Jan 2024 07:14:44 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 81514
server: cloudflare
cf-ray: 849e0ca4e9be568a-OSL
X-Firefox-Spdy: h2

GET anchira.to/fonts/inter-v13-latin-500.woff2

104.21.33.38

200 OK

212 kB

URL GET HTTP/2
anchira.to/fonts/inter-v13-latin-500.woff2
IP
104.21.33.38:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectanchira.to
FingerprintF1:81:34:89:AF:8F:80:EC:A5:2E:1A:41:20:1C:A2:7C:5C:D8:79:66
ValiditySat, 16 Dec 2023 18:25:51 GMT - Fri, 15 Mar 2024 18:25:50 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22760, version 1.0
Size
212 kB (211969 bytes)
Hash
80ffe19e107fae117808fc10cb33779c
09c130f04afbd71d087e2683a1e98f754415c216
9d6a7fce9d3227a2e346ea490d201f8c6c39bf350406dd24f6bc76eb1becabda

HTTP Headers

GET /fonts/inter-v13-latin-500.woff2 HTTP/1.1
Host: anchira.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=6qGbtwzy_YTvCpwFi_l5bE7oUXAwh8hLbMc4enMCgg0-1705992069-1-AbcGSID5f5pctRr4jBrHE0hDjWm8gHgiPxi5u2YFtg5GvITa14KVz4DDo2dM+kHzXT6ZBeSA5+1RPxC463lk8EU=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:09 GMT
content-type: font/woff2
cache-control: public, max-age=259200
last-modified: Mon, 16 Oct 2023 02:37:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 113745
server: cloudflare
cf-ray: 849e0ca40f285699-OSL
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12868/5ed3aa269ae6/m/1

104.21.2.226

200 OK

180 kB

URL GET HTTP/2
kisakisexo.xyz/12868/5ed3aa269ae6/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x791, components 3
Size
180 kB (180193 bytes)
Hash
6e2e15fea45a97d9fe403dcd527acd39
8dfaf3097590ad86e139fd2374b907b117ae2a39
4a9ccd9b1a193f5496a939e56f47187543a741246cba9e8eeaca45e8a9e3df6a

HTTP Headers

GET /12868/5ed3aa269ae6/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:09 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Mon, 22 Jan 2024 07:14:26 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 81514
server: cloudflare
cf-ray: 849e0ca4e9c7568a-OSL
X-Firefox-Spdy: h2

POST anchira.to/cdn-cgi/challenge-platform/h/g/jsd/r/849e0c9cdb0d5699

104.21.33.38

200 OK

75 kB

URL POST HTTP/2
anchira.to/cdn-cgi/challenge-platform/h/g/jsd/r/849e0c9cdb0d5699
IP
104.21.33.38:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectanchira.to
FingerprintF1:81:34:89:AF:8F:80:EC:A5:2E:1A:41:20:1C:A2:7C:5C:D8:79:66
ValiditySat, 16 Dec 2023 18:25:51 GMT - Fri, 15 Mar 2024 18:25:50 GMT

File type
data
Size
75 kB (74951 bytes)
Hash
9bba3edfdd63ffad257bee6609a83ff8
fd05952b448625d2c2d475d8ee9f9baa9b1bc9d8
8677d4c7bdf86046a0705f6aef2649d784443add5fc03925d2dd834db29bb589

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/jsd/r/849e0c9cdb0d5699 HTTP/1.1
Host: anchira.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12153
Origin: https://anchira.to
DNT: 1
Connection: keep-alive
Referer: https://anchira.to/
Cookie: cf_clearance=rJHLhb_hdx5RN.82lFjCNTY8HF6_AoUTMO6IHR.Co9A-1705992069-1-ATjwP14PAdeLBZSS4ao3prBiS4AXMU+jxJQHNdBMj+h7dsXgsxFdDg/eWyE10tkoZQiGsFXsMBMpfAf1WxxgTOQ=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:09 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=6qGbtwzy_YTvCpwFi_l5bE7oUXAwh8hLbMc4enMCgg0-1705992069-1-AbcGSID5f5pctRr4jBrHE0hDjWm8gHgiPxi5u2YFtg5GvITa14KVz4DDo2dM+kHzXT6ZBeSA5+1RPxC463lk8EU=; path=/; expires=Wed, 22-Jan-25 06:41:09 GMT; domain=.anchira.to; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 849e0ca3de6f5699-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12872/5fc299de7ee6/m/1

104.21.2.226

200 OK

172 kB

URL GET HTTP/2
kisakisexo.xyz/12872/5fc299de7ee6/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x791, components 3
Size
172 kB (171930 bytes)
Hash
9bd3f19e91b22a68853c97fbf3225773
34dcf9deaa576e36bbd8c15f26aac802e06afd9f
199f0e0c5fdd318efb554b4633986cd949c6a2c1728a3559777add1b79eecf40

HTTP Headers

GET /12872/5fc299de7ee6/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:09 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Mon, 22 Jan 2024 07:14:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 81514
server: cloudflare
cf-ray: 849e0ca51a11568a-OSL
X-Firefox-Spdy: h2

POST fp.metricswpsh.com/fp?tag_id=138875

157.90.84.242

200 OK

0 B

URL POST HTTP/1.1
fp.metricswpsh.com/fp?tag_id=138875
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anchira.to/
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint8B:74:55:50:6A:6F:79:6B:86:E4:A5:4D:00:03:4D:48:01:28:E9:97
ValidityWed, 03 Jan 2024 14:27:33 GMT - Tue, 02 Apr 2024 14:27:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /fp?tag_id=138875 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anchira.to/
Origin: https://anchira.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Tue, 23 Jan 2024 06:41:11 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://anchira.to
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST fp.metricswpsh.com/fp?tag_id=138875

157.90.84.242

200 OK

58 B

URL POST HTTP/1.1
fp.metricswpsh.com/fp?tag_id=138875
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anchira.to/
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint8B:74:55:50:6A:6F:79:6B:86:E4:A5:4D:00:03:4D:48:01:28:E9:97
ValidityWed, 03 Jan 2024 14:27:33 GMT - Tue, 02 Apr 2024 14:27:32 GMT

File type
JSON text data
Size
58 B (58 bytes)
Hash
87385fcd2a67fc74d2fa67366ba68ea2
a604cdbb1d31ce257e8643eee9219c9c724c200c
9307cbb21345500294eae459b18a8ffb2bd2fcccd928a09efbc1e324fa9c9995

HTTP Headers

POST /fp?tag_id=138875 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
Content-Type: application/json;charset=utf-8
Content-Length: 1837
Origin: https://anchira.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 23 Jan 2024 06:41:11 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://anchira.to
Set-Cookie: id=5294317883721827091; Expires=Wed, 22 Jan 2025 06:41:11 GMT; Secure; SameSite=None
Vary: Origin

GET anchira.to/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

104.21.33.38

200 OK

133 kB

URL GET HTTP/2
anchira.to/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
IP
104.21.33.38:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectanchira.to
FingerprintF1:81:34:89:AF:8F:80:EC:A5:2E:1A:41:20:1C:A2:7C:5C:D8:79:66
ValiditySat, 16 Dec 2023 18:25:51 GMT - Fri, 15 Mar 2024 18:25:50 GMT

File type
JavaScript source, ASCII text, with very long lines (7407), with no line terminators
Size
133 kB (132723 bytes)
Hash
3306af4e384204f6d140439fa023a254
cdbed7af3bc7cf903860d81fb601dc4f9920176b
2dd8a310b2f9f8a3c6308988a39e998866d4b1c8785cea1951b732a57949f659

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js HTTP/1.1
Host: anchira.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:09 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
vary: accept-encoding
server: cloudflare
cf-ray: 849e0ca03fe95699-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

64.233.161.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
64.233.161.84:443
ASN
#15169 GOOGLE

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
FingerprintE9:00:F4:02:DB:2E:43:07:4D:00:D0:33:77:6D:2B:38:28:C5:A2:B6
ValidityTue, 02 Jan 2024 13:09:54 GMT - Tue, 26 Mar 2024 13:09:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:CbebL4dNMRhBDfTdSmxuh0wCK6eV3g:K6UnhrRWNjsrypI3; Expires=Thu, 22-Jan-2026 06:41:11 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Jan 2024 06:41:11 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp2D8Q0b5JHSdJtRNSp2ZYHrul8mlUDpwGPUNnjwBfqDNC1gCarSHMRDEUBrgW5hyNa78_eWeQ
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-mNfynGK8fuPuFKm0QWZpAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12847/f467f7219a4a/m/1

104.21.2.226

200 OK

133 kB

URL GET HTTP/2
kisakisexo.xyz/12847/f467f7219a4a/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x791, components 3
Size
133 kB (132769 bytes)
Hash
206ccb0d6a407ee5e48c750ebc3b802b
80d5b013ee0e8a500e5c7bc79ceab5dbac306bfb
7308145e6a0b515ce30a20abc81f05ec9a0c7efae6aed0c362643018bb7f0f4f

HTTP Headers

GET /12847/f467f7219a4a/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:10 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Fri, 19 Jan 2024 09:24:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 334364
server: cloudflare
cf-ray: 849e0ca65c7c568a-OSL
X-Firefox-Spdy: h2

GET anchira.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

104.21.33.38

200 OK

4.4 kB

URL GET HTTP/2
anchira.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
104.21.33.38:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectanchira.to
FingerprintF1:81:34:89:AF:8F:80:EC:A5:2E:1A:41:20:1C:A2:7C:5C:D8:79:66
ValiditySat, 16 Dec 2023 18:25:51 GMT - Fri, 15 Mar 2024 18:25:50 GMT

File type
gzip compressed data, from Unix
Size
4.4 kB (4389 bytes)
Hash
15cbe75c7890f5c351566870617bceb6
3e65da12f8f462a9169f80b575a1471ca54b34b1
3692a47617baaaea1aba831875cc1013de0eaff2271d1391d28e3787274aa026

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: anchira.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:09 GMT
content-type: application/javascript
last-modified: Fri, 05 Jan 2024 17:29:47 GMT
etag: W/"65983c8b-302c"
vary: Accept-Encoding
server: cloudflare
cf-ray: 849e0c9f7ee75699-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 25 Jan 2024 06:41:09 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

GET nereserv.com/in/dip?site=native-push&wl=1&event_id=0ce921cc-c059-4844-a01d-69c4c95667e1&subid=1918070450&sid=1346673704&spot_id=492196&created_at=2024-01-23&timezone=0&ver=8.136.0&is_native=1

167.235.163.216

200 OK

0 B

URL GET HTTP/2
nereserv.com/in/dip?site=native-push&wl=1&event_id=0ce921cc-c059-4844-a01d-69c4c95667e1&subid=1918070450&sid=1346673704&spot_id=492196&created_at=2024-01-23&timezone=0&ver=8.136.0&is_native=1
IP
167.235.163.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anchira.to/
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint8B:74:55:50:6A:6F:79:6B:86:E4:A5:4D:00:03:4D:48:01:28:E9:97
ValidityWed, 03 Jan 2024 14:27:33 GMT - Tue, 02 Apr 2024 14:27:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?site=native-push&wl=1&event_id=0ce921cc-c059-4844-a01d-69c4c95667e1&subid=1918070450&sid=1346673704&spot_id=492196&created_at=2024-01-23&timezone=0&ver=8.136.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
Origin: https://anchira.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 23 Jan 2024 06:41:11 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

GET anchira.to/_app/app.8fb6727fbde043793dad.js

104.21.33.38

200 OK

130 kB

URL GET HTTP/2
anchira.to/_app/app.8fb6727fbde043793dad.js
IP
104.21.33.38:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectanchira.to
FingerprintF1:81:34:89:AF:8F:80:EC:A5:2E:1A:41:20:1C:A2:7C:5C:D8:79:66
ValiditySat, 16 Dec 2023 18:25:51 GMT - Fri, 15 Mar 2024 18:25:50 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
130 kB (130251 bytes)
Hash
c1e506dc7d269ff8fc797c35dcaad341
a8b1033756ff9a16c76a5cb679a3cdc988441649
80ba6d50b6b449057255216fd9d2d6dee39139236d45ac4199668a3e85bcc63e

HTTP Headers

GET /_app/app.8fb6727fbde043793dad.js HTTP/1.1
Host: anchira.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:09 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=259200
cf-bgj: minify
cf-polished: origSize=510254
last-modified: Fri, 19 Jan 2024 09:56:07 GMT
permissions-policy: fullscreen=(self)
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 74618
server: cloudflare
cf-ray: 849e0c9fff7e5699-OSL
content-encoding: br
X-Firefox-Spdy: h2

POST 09a1201bdf.202a02210a.com/in/multy

94.130.198.6

200 OK

0 B

URL POST HTTP/2
09a1201bdf.202a02210a.com/in/multy
IP
94.130.198.6:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anchira.to/
Certificate
IssuerLet's Encrypt
Subject202a02210a.com
Fingerprint78:F3:DB:A0:47:71:8E:3A:DB:66:7F:A6:62:A3:63:12:7E:41:DE:56
ValidityFri, 19 Jan 2024 14:02:00 GMT - Thu, 18 Apr 2024 14:01:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /in/multy HTTP/1.1
Host: 09a1201bdf.202a02210a.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anchira.to/
Origin: https://anchira.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx/1.20.1
date: Tue, 23 Jan 2024 06:41:12 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

POST 09a1201bdf.202a02210a.com/in/multy

94.130.198.6

200 OK

6.0 kB

URL POST HTTP/2
09a1201bdf.202a02210a.com/in/multy
IP
94.130.198.6:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anchira.to/
Certificate
IssuerLet's Encrypt
Subject202a02210a.com
Fingerprint78:F3:DB:A0:47:71:8E:3A:DB:66:7F:A6:62:A3:63:12:7E:41:DE:56
ValidityFri, 19 Jan 2024 14:02:00 GMT - Thu, 18 Apr 2024 14:01:59 GMT

File type
JSON text data
Size
6.0 kB (6018 bytes)
Hash
51990dae5247391f254dc97780693c41
d3c599c51f512c4d48bee004a3e3d0fc65258dff
d7fe1280ed54ecfac406245daa2df6a89dab67c3257711e0b739e3f6ccc2fadb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /in/multy HTTP/1.1
Host: 09a1201bdf.202a02210a.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
Content-Type: application/json;charset=utf-8
Content-Length: 1606
Origin: https://anchira.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 23 Jan 2024 06:41:12 GMT
content-type: application/json
content-length: 6018
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2

GET 09a1201bdf.202a02210a.com/in/show/?tag_ab=a&site_id=31492196&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fanchira.to%2F&refdom=anchira.to&auction_time=1705992072&subid=1918070450&sid=1346673704&tcid=0&ver=8.136.0&ver_c=&spot_id=492196&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-01-23&iabcat=IAB25-3&keywords=&user_fp=8771868113553316635&score=49.73585909760938&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1918070450%26spot_id%3D492196%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fanchira.to%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=popunderAd&crid=3418272&crtid=8fc5a3949d58ed66158a5da3a7b48b19&url=https%3A%2F%2Fvjxxx.com%2Fcheck-check-bots%3Furl%3Dhttps%253A%252F%252Fr-eu.tsyndicate.com%252Fdo2%252Fdirect%253Fc%253DAPeIQFMmDJkycuaI0HGDhYgwY-gsjOGQDpyFIuC8uVjxDMYaZGyUESNmZAsZY2TUaEFjBgwyLXLQiAGjxQ0xYQyKgTHjBgySIhyOcaNQR4wcMHA4DFNnDEYcN2LIuJHDBg4bM2TmwCEDRwyoQUWISUPmadSpVa9mpbG169cbYQ3aWWjDBg0aNhzCqSNmogy8eR_CuaijJ9eGIubAkaiDhgypXimKKIOHzhfFjEXUqMH2cdWwY9oQ3ixjBs2lZMwsRCzGjZuFM2YeluGwjRuPDLHGoKHXNu4YPmEErhMDIxo6FufoePEijRs6CM2weSMnjAszzt2Imd5mDnQ5Lty8eUGn-pg1P-L0uHNHD5kcWmpMgXMmR56wZN60wWhHDZ7_LoyhH2hhMLaFaV3oJYdTOsDgAgwwAFeDUHC08QUcC07kggwqOSSHHYS55FAZY1So4Q0TilBHHWlgFENsdd3QEww0hJUGYSLkEIMLSLngmAsxcBZWHWFg1MQbeqTBBhthvFDDgyCggEUMMewAAhPO1YEHCHhc9YVdVn6oQ1UPpgDCESSuMZ4MEUJIUwwgGJGGHGWY8QYeL5AJA2gMiuDEE2FR98UYff4ZFht9FuEEfmXY8QWdbExUww034DCDVRB6eMZrOqgElUMHOSqGHAvhoJQIoX7RxhtldXqVZGTI8QZsDr1RFG0ZyYrHfTqkOMeHGMlKR4HUtVCHG2nQ0QIMMrhAxhhw1frrXEbVYINKeM0gQw6g9nnQF89GKwId-xnlUw055MDmDbiSK8NE56a77mNdofZoGYp9USC8MKCrLgzsjuhoGGwgREdRB9aQ4ENiZHaQGUyxIZFeiC4Eg1C4wdCHAgEB%2526s%253D8a79aa518f8024fdeff2f1d4d5f4798a9ddf67c1f3aa0f166cdcb02b364758ac1705992072%2526ev%253D0.009495822749102167&icons=ptL6WykpQy-0o_o6bGqVMr5u2GdjZFIUe65BUlUrxCmTYhTNoz3NPAiC6DfFwopnrBYVyBYWD-oO_J8rUoolsH4-54hQT5TMMkfKxoXQAwqn2YycQLfshqKS_DY7Lfv54q-5_a0mgQEmhGq_K9Z7Qfs82jdPw3I-wdsj1_4KSNsBiBToNQ&ext_cid=552310&px_id=55492196&min_cpm=0.10627582952768219&out_id=1&campaign_type=lq-pop&aid=142&cid=14340&uniq=&mid=8712796863949828187&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.12048425280818469&cpm=0&verify_hash=2b41329b0f8a2d96c3d23e58ed516484&is_native=2&real_bid=0.0009801225349307036&original_bid_usd=0.0012250000000000002&original_bid=0.0012250000000000002&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,89,5,27,129,130,108,0&need_redirect_show=0&applied_features=coef_099,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&site=native-push-adult&price=0.0012250000000000002&hostname=auc-inpage-hz-7-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000012250000000000003&ext_campaign_id_str=552310&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.03&cpa=1dc72846-289e-4e19-bb4d-0c0297760bdf&prev_step_diff=806

94.130.198.6

200 OK

0 B

URL GET HTTP/2
09a1201bdf.202a02210a.com/in/show/?tag_ab=a&site_id=31492196&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fanchira.to%2F&refdom=anchira.to&auction_time=1705992072&subid=1918070450&sid=1346673704&tcid=0&ver=8.136.0&ver_c=&spot_id=492196&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-01-23&iabcat=IAB25-3&keywords=&user_fp=8771868113553316635&score=49.73585909760938&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1918070450%26spot_id%3D492196%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fanchira.to%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=popunderAd&crid=3418272&crtid=8fc5a3949d58ed66158a5da3a7b48b19&url=https%3A%2F%2Fvjxxx.com%2Fcheck-check-bots%3Furl%3Dhttps%253A%252F%252Fr-eu.tsyndicate.com%252Fdo2%252Fdirect%253Fc%253DAPeIQFMmDJkycuaI0HGDhYgwY-gsjOGQDpyFIuC8uVjxDMYaZGyUESNmZAsZY2TUaEFjBgwyLXLQiAGjxQ0xYQyKgTHjBgySIhyOcaNQR4wcMHA4DFNnDEYcN2LIuJHDBg4bM2TmwCEDRwyoQUWISUPmadSpVa9mpbG169cbYQ3aWWjDBg0aNhzCqSNmogy8eR_CuaijJ9eGIubAkaiDhgypXimKKIOHzhfFjEXUqMH2cdWwY9oQ3ixjBs2lZMwsRCzGjZuFM2YeluGwjRuPDLHGoKHXNu4YPmEErhMDIxo6FufoePEijRs6CM2weSMnjAszzt2Imd5mDnQ5Lty8eUGn-pg1P-L0uHNHD5kcWmpMgXMmR56wZN60wWhHDZ7_LoyhH2hhMLaFaV3oJYdTOsDgAgwwAFeDUHC08QUcC07kggwqOSSHHYS55FAZY1So4Q0TilBHHWlgFENsdd3QEww0hJUGYSLkEIMLSLngmAsxcBZWHWFg1MQbeqTBBhthvFDDgyCggEUMMewAAhPO1YEHCHhc9YVdVn6oQ1UPpgDCESSuMZ4MEUJIUwwgGJGGHGWY8QYeL5AJA2gMiuDEE2FR98UYff4ZFht9FuEEfmXY8QWdbExUww034DCDVRB6eMZrOqgElUMHOSqGHAvhoJQIoX7RxhtldXqVZGTI8QZsDr1RFG0ZyYrHfTqkOMeHGMlKR4HUtVCHG2nQ0QIMMrhAxhhw1frrXEbVYINKeM0gQw6g9nnQF89GKwId-xnlUw055MDmDbiSK8NE56a77mNdofZoGYp9USC8MKCrLgzsjuhoGGwgREdRB9aQ4ENiZHaQGUyxIZFeiC4Eg1C4wdCHAgEB%2526s%253D8a79aa518f8024fdeff2f1d4d5f4798a9ddf67c1f3aa0f166cdcb02b364758ac1705992072%2526ev%253D0.009495822749102167&icons=ptL6WykpQy-0o_o6bGqVMr5u2GdjZFIUe65BUlUrxCmTYhTNoz3NPAiC6DfFwopnrBYVyBYWD-oO_J8rUoolsH4-54hQT5TMMkfKxoXQAwqn2YycQLfshqKS_DY7Lfv54q-5_a0mgQEmhGq_K9Z7Qfs82jdPw3I-wdsj1_4KSNsBiBToNQ&ext_cid=552310&px_id=55492196&min_cpm=0.10627582952768219&out_id=1&campaign_type=lq-pop&aid=142&cid=14340&uniq=&mid=8712796863949828187&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.12048425280818469&cpm=0&verify_hash=2b41329b0f8a2d96c3d23e58ed516484&is_native=2&real_bid=0.0009801225349307036&original_bid_usd=0.0012250000000000002&original_bid=0.0012250000000000002&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,89,5,27,129,130,108,0&need_redirect_show=0&applied_features=coef_099,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&site=native-push-adult&price=0.0012250000000000002&hostname=auc-inpage-hz-7-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000012250000000000003&ext_campaign_id_str=552310&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.03&cpa=1dc72846-289e-4e19-bb4d-0c0297760bdf&prev_step_diff=806
IP
94.130.198.6:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anchira.to/
Certificate
IssuerLet's Encrypt
Subject202a02210a.com
Fingerprint78:F3:DB:A0:47:71:8E:3A:DB:66:7F:A6:62:A3:63:12:7E:41:DE:56
ValidityFri, 19 Jan 2024 14:02:00 GMT - Thu, 18 Apr 2024 14:01:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /in/show/?tag_ab=a&site_id=31492196&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fanchira.to%2F&refdom=anchira.to&auction_time=1705992072&subid=1918070450&sid=1346673704&tcid=0&ver=8.136.0&ver_c=&spot_id=492196&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-01-23&iabcat=IAB25-3&keywords=&user_fp=8771868113553316635&score=49.73585909760938&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1918070450%26spot_id%3D492196%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fanchira.to%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=popunderAd&crid=3418272&crtid=8fc5a3949d58ed66158a5da3a7b48b19&url=https%3A%2F%2Fvjxxx.com%2Fcheck-check-bots%3Furl%3Dhttps%253A%252F%252Fr-eu.tsyndicate.com%252Fdo2%252Fdirect%253Fc%253DAPeIQFMmDJkycuaI0HGDhYgwY-gsjOGQDpyFIuC8uVjxDMYaZGyUESNmZAsZY2TUaEFjBgwyLXLQiAGjxQ0xYQyKgTHjBgySIhyOcaNQR4wcMHA4DFNnDEYcN2LIuJHDBg4bM2TmwCEDRwyoQUWISUPmadSpVa9mpbG169cbYQ3aWWjDBg0aNhzCqSNmogy8eR_CuaijJ9eGIubAkaiDhgypXimKKIOHzhfFjEXUqMH2cdWwY9oQ3ixjBs2lZMwsRCzGjZuFM2YeluGwjRuPDLHGoKHXNu4YPmEErhMDIxo6FufoePEijRs6CM2weSMnjAszzt2Imd5mDnQ5Lty8eUGn-pg1P-L0uHNHD5kcWmpMgXMmR56wZN60wWhHDZ7_LoyhH2hhMLaFaV3oJYdTOsDgAgwwAFeDUHC08QUcC07kggwqOSSHHYS55FAZY1So4Q0TilBHHWlgFENsdd3QEww0hJUGYSLkEIMLSLngmAsxcBZWHWFg1MQbeqTBBhthvFDDgyCggEUMMewAAhPO1YEHCHhc9YVdVn6oQ1UPpgDCESSuMZ4MEUJIUwwgGJGGHGWY8QYeL5AJA2gMiuDEE2FR98UYff4ZFht9FuEEfmXY8QWdbExUww034DCDVRB6eMZrOqgElUMHOSqGHAvhoJQIoX7RxhtldXqVZGTI8QZsDr1RFG0ZyYrHfTqkOMeHGMlKR4HUtVCHG2nQ0QIMMrhAxhhw1frrXEbVYINKeM0gQw6g9nnQF89GKwId-xnlUw055MDmDbiSK8NE56a77mNdofZoGYp9USC8MKCrLgzsjuhoGGwgREdRB9aQ4ENiZHaQGUyxIZFeiC4Eg1C4wdCHAgEB%2526s%253D8a79aa518f8024fdeff2f1d4d5f4798a9ddf67c1f3aa0f166cdcb02b364758ac1705992072%2526ev%253D0.009495822749102167&icons=ptL6WykpQy-0o_o6bGqVMr5u2GdjZFIUe65BUlUrxCmTYhTNoz3NPAiC6DfFwopnrBYVyBYWD-oO_J8rUoolsH4-54hQT5TMMkfKxoXQAwqn2YycQLfshqKS_DY7Lfv54q-5_a0mgQEmhGq_K9Z7Qfs82jdPw3I-wdsj1_4KSNsBiBToNQ&ext_cid=552310&px_id=55492196&min_cpm=0.10627582952768219&out_id=1&campaign_type=lq-pop&aid=142&cid=14340&uniq=&mid=8712796863949828187&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.12048425280818469&cpm=0&verify_hash=2b41329b0f8a2d96c3d23e58ed516484&is_native=2&real_bid=0.0009801225349307036&original_bid_usd=0.0012250000000000002&original_bid=0.0012250000000000002&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,89,5,27,129,130,108,0&need_redirect_show=0&applied_features=coef_099,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&site=native-push-adult&price=0.0012250000000000002&hostname=auc-inpage-hz-7-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000012250000000000003&ext_campaign_id_str=552310&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.03&cpa=1dc72846-289e-4e19-bb4d-0c0297760bdf&prev_step_diff=806 HTTP/1.1
Host: 09a1201bdf.202a02210a.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 23 Jan 2024 06:41:12 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

GET 09a1201bdf.202a02210a.com/in/show/?tag_ab=a&site_id=31492196&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fanchira.to%2F&refdom=anchira.to&auction_time=1705992072&subid=1918070450&sid=1346673704&tcid=0&ver=8.136.0&ver_c=&spot_id=492196&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-01-23&iabcat=IAB25-3&keywords=&user_fp=8771868113553316635&score=49.73585909760938&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1918070450%26spot_id%3D492196%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fanchira.to%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=68678&crtid=187344e8d0cf1708b1d536328007926c&url=http%3A%2F%2Ffalionato.com%2Fie%3Fv%3D4%26c%3DsQ208uNUSnvi8gsxeJaMruh7qiUOiRsGyLlX-eXItYl8nSY69MVi-6o8885hru34B6Z0Dlg22_MtzLMLLBWrDMV3HdzKT5FTTgnHeYHhyypBcs_kbTBXuBXe0JvXxWJDJldA7s6Up07khX44tYE75rnokJ47xSJxyGDwbpDgL8UTTcvoO-vpzbMvEleCqQaZj3ziNlyKbPZrZegkSUiZ2GZm5jW1MqSaE2fbaGjq8ZENramYklWdlyfYlMhwayvK85qY6bTmRCdRP3JunB4lepPmoJa-yhTRTqJ7SY3_UVPSnOP_dfnN6QhSEDNHBgoOm0Bons2-t7rd1PejiWJL3mltlVoslUC5l8rpYPNAbLuhry2rIJnM_BNR8f15mSqOse5ChozFLgEKNhowRyZPwLe_4oi1b-BTGkRHnUpda4rTmXPcGqQzru7118fa5J1c6C-BfVdayzzZVKOSzhZ3oDM8iNBoaKGw8KHSSuZsQEzamdgcy7t2JoQDEuzseznks6dboNrbvyDeFTKGlyV0NuLkAlMZ61SBLqD7QvI9Ozvryvxj6g%3D%3D&icons=2pMuiLxPmx8U6k2BQCITr68sCZ1c6v8LC-ix8bdBye6QOlp8zFcJpVDU_SCxJexqyxMhPeQe6uV8KfvIHNsdYRh4-m7t59sea1PGYcEIDLLNc6YoY_qRLnNQzhtR-VuE8E1PLrEaJow1rCO08ebsb0lUu0UuOVlyVOIRCkE9JUdbdlFFQgb6osLO9Ag8XvhfK7iKmFK-iae_jOc2us7dv1PVsLXHuB7xV8Q3wp3_TFMWCdm6BtVH_mHBZW8SslH4Vz6XhCMoZrm2_klJK3i2kuYhib5i0XJ_i9UIoKzPTXhBCiE7HkwCaeuTPlPC4xJQ9XVYC5WPCKmadsQFMQ6xMf4YfLN380Z2lrN1J3l_8RwDrYtRkS-vsiWDVr3VPQ-QBvBZT7vpM48WndemuFpShQWAoByt0cp6WHSsWP_1ovLAtdK7PquuPn84IQVO17cvm1vZMCLdAuFguTidxwLCV2-4zULcnm9OekhTS21Rjze9Nadg5TP0pmM-aG4t4Ofo1koKtpicGx67_B__z6G9aj7Ze7Pw_kgIYz6c7yc-V6Vzt3ia54aE3pVJjWaTtLnCIaktygjPvZ8ulFdoXqnf5kdt49ru-oxw_C-Fs1C0Snqh7pwQNxIgz0EhEWN4PeJ4LzTEyuyrlY0Gek4N9QhAgBT8PNcg6umFZndChAdB2g&ext_cid=0&px_id=73492196&min_cpm=0.001612803875430951&out_id=0&campaign_type=hq&aid=291&cid=2703&uniq=&mid=8712796863949828187&skin_id=2&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.000359663855854005&cpm=0&verify_hash=6bbd8915d1050494783efbdf15679e8f&is_native=1&real_bid=0.00019279680252075264&original_bid_usd=0.000224&original_bid=0.000224&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=130,129,81,5,98,4,90&need_redirect_show=0&applied_features=coef_099,main-skins-settings&show_count=1&expiration_timestamp=1706049672&image_url=https%3A%2F%2Fimg.vmmcdn.com%2Fget%2F82683635%2F200747_image.jpg&site=native-push-adult&price=0.000224&hostname=auc-inpage-hz-7-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000000224&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.03&cpa=d8cc1908-90ec-4669-aa3b-5d0527ea29bc&prev_step_diff=806

94.130.198.6

200 OK

0 B

URL GET HTTP/2
09a1201bdf.202a02210a.com/in/show/?tag_ab=a&site_id=31492196&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fanchira.to%2F&refdom=anchira.to&auction_time=1705992072&subid=1918070450&sid=1346673704&tcid=0&ver=8.136.0&ver_c=&spot_id=492196&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-01-23&iabcat=IAB25-3&keywords=&user_fp=8771868113553316635&score=49.73585909760938&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1918070450%26spot_id%3D492196%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fanchira.to%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=68678&crtid=187344e8d0cf1708b1d536328007926c&url=http%3A%2F%2Ffalionato.com%2Fie%3Fv%3D4%26c%3DsQ208uNUSnvi8gsxeJaMruh7qiUOiRsGyLlX-eXItYl8nSY69MVi-6o8885hru34B6Z0Dlg22_MtzLMLLBWrDMV3HdzKT5FTTgnHeYHhyypBcs_kbTBXuBXe0JvXxWJDJldA7s6Up07khX44tYE75rnokJ47xSJxyGDwbpDgL8UTTcvoO-vpzbMvEleCqQaZj3ziNlyKbPZrZegkSUiZ2GZm5jW1MqSaE2fbaGjq8ZENramYklWdlyfYlMhwayvK85qY6bTmRCdRP3JunB4lepPmoJa-yhTRTqJ7SY3_UVPSnOP_dfnN6QhSEDNHBgoOm0Bons2-t7rd1PejiWJL3mltlVoslUC5l8rpYPNAbLuhry2rIJnM_BNR8f15mSqOse5ChozFLgEKNhowRyZPwLe_4oi1b-BTGkRHnUpda4rTmXPcGqQzru7118fa5J1c6C-BfVdayzzZVKOSzhZ3oDM8iNBoaKGw8KHSSuZsQEzamdgcy7t2JoQDEuzseznks6dboNrbvyDeFTKGlyV0NuLkAlMZ61SBLqD7QvI9Ozvryvxj6g%3D%3D&icons=2pMuiLxPmx8U6k2BQCITr68sCZ1c6v8LC-ix8bdBye6QOlp8zFcJpVDU_SCxJexqyxMhPeQe6uV8KfvIHNsdYRh4-m7t59sea1PGYcEIDLLNc6YoY_qRLnNQzhtR-VuE8E1PLrEaJow1rCO08ebsb0lUu0UuOVlyVOIRCkE9JUdbdlFFQgb6osLO9Ag8XvhfK7iKmFK-iae_jOc2us7dv1PVsLXHuB7xV8Q3wp3_TFMWCdm6BtVH_mHBZW8SslH4Vz6XhCMoZrm2_klJK3i2kuYhib5i0XJ_i9UIoKzPTXhBCiE7HkwCaeuTPlPC4xJQ9XVYC5WPCKmadsQFMQ6xMf4YfLN380Z2lrN1J3l_8RwDrYtRkS-vsiWDVr3VPQ-QBvBZT7vpM48WndemuFpShQWAoByt0cp6WHSsWP_1ovLAtdK7PquuPn84IQVO17cvm1vZMCLdAuFguTidxwLCV2-4zULcnm9OekhTS21Rjze9Nadg5TP0pmM-aG4t4Ofo1koKtpicGx67_B__z6G9aj7Ze7Pw_kgIYz6c7yc-V6Vzt3ia54aE3pVJjWaTtLnCIaktygjPvZ8ulFdoXqnf5kdt49ru-oxw_C-Fs1C0Snqh7pwQNxIgz0EhEWN4PeJ4LzTEyuyrlY0Gek4N9QhAgBT8PNcg6umFZndChAdB2g&ext_cid=0&px_id=73492196&min_cpm=0.001612803875430951&out_id=0&campaign_type=hq&aid=291&cid=2703&uniq=&mid=8712796863949828187&skin_id=2&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.000359663855854005&cpm=0&verify_hash=6bbd8915d1050494783efbdf15679e8f&is_native=1&real_bid=0.00019279680252075264&original_bid_usd=0.000224&original_bid=0.000224&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=130,129,81,5,98,4,90&need_redirect_show=0&applied_features=coef_099,main-skins-settings&show_count=1&expiration_timestamp=1706049672&image_url=https%3A%2F%2Fimg.vmmcdn.com%2Fget%2F82683635%2F200747_image.jpg&site=native-push-adult&price=0.000224&hostname=auc-inpage-hz-7-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000000224&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.03&cpa=d8cc1908-90ec-4669-aa3b-5d0527ea29bc&prev_step_diff=806
IP
94.130.198.6:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anchira.to/
Certificate
IssuerLet's Encrypt
Subject202a02210a.com
Fingerprint78:F3:DB:A0:47:71:8E:3A:DB:66:7F:A6:62:A3:63:12:7E:41:DE:56
ValidityFri, 19 Jan 2024 14:02:00 GMT - Thu, 18 Apr 2024 14:01:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /in/show/?tag_ab=a&site_id=31492196&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fanchira.to%2F&refdom=anchira.to&auction_time=1705992072&subid=1918070450&sid=1346673704&tcid=0&ver=8.136.0&ver_c=&spot_id=492196&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-01-23&iabcat=IAB25-3&keywords=&user_fp=8771868113553316635&score=49.73585909760938&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1918070450%26spot_id%3D492196%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fanchira.to%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=68678&crtid=187344e8d0cf1708b1d536328007926c&url=http%3A%2F%2Ffalionato.com%2Fie%3Fv%3D4%26c%3DsQ208uNUSnvi8gsxeJaMruh7qiUOiRsGyLlX-eXItYl8nSY69MVi-6o8885hru34B6Z0Dlg22_MtzLMLLBWrDMV3HdzKT5FTTgnHeYHhyypBcs_kbTBXuBXe0JvXxWJDJldA7s6Up07khX44tYE75rnokJ47xSJxyGDwbpDgL8UTTcvoO-vpzbMvEleCqQaZj3ziNlyKbPZrZegkSUiZ2GZm5jW1MqSaE2fbaGjq8ZENramYklWdlyfYlMhwayvK85qY6bTmRCdRP3JunB4lepPmoJa-yhTRTqJ7SY3_UVPSnOP_dfnN6QhSEDNHBgoOm0Bons2-t7rd1PejiWJL3mltlVoslUC5l8rpYPNAbLuhry2rIJnM_BNR8f15mSqOse5ChozFLgEKNhowRyZPwLe_4oi1b-BTGkRHnUpda4rTmXPcGqQzru7118fa5J1c6C-BfVdayzzZVKOSzhZ3oDM8iNBoaKGw8KHSSuZsQEzamdgcy7t2JoQDEuzseznks6dboNrbvyDeFTKGlyV0NuLkAlMZ61SBLqD7QvI9Ozvryvxj6g%3D%3D&icons=2pMuiLxPmx8U6k2BQCITr68sCZ1c6v8LC-ix8bdBye6QOlp8zFcJpVDU_SCxJexqyxMhPeQe6uV8KfvIHNsdYRh4-m7t59sea1PGYcEIDLLNc6YoY_qRLnNQzhtR-VuE8E1PLrEaJow1rCO08ebsb0lUu0UuOVlyVOIRCkE9JUdbdlFFQgb6osLO9Ag8XvhfK7iKmFK-iae_jOc2us7dv1PVsLXHuB7xV8Q3wp3_TFMWCdm6BtVH_mHBZW8SslH4Vz6XhCMoZrm2_klJK3i2kuYhib5i0XJ_i9UIoKzPTXhBCiE7HkwCaeuTPlPC4xJQ9XVYC5WPCKmadsQFMQ6xMf4YfLN380Z2lrN1J3l_8RwDrYtRkS-vsiWDVr3VPQ-QBvBZT7vpM48WndemuFpShQWAoByt0cp6WHSsWP_1ovLAtdK7PquuPn84IQVO17cvm1vZMCLdAuFguTidxwLCV2-4zULcnm9OekhTS21Rjze9Nadg5TP0pmM-aG4t4Ofo1koKtpicGx67_B__z6G9aj7Ze7Pw_kgIYz6c7yc-V6Vzt3ia54aE3pVJjWaTtLnCIaktygjPvZ8ulFdoXqnf5kdt49ru-oxw_C-Fs1C0Snqh7pwQNxIgz0EhEWN4PeJ4LzTEyuyrlY0Gek4N9QhAgBT8PNcg6umFZndChAdB2g&ext_cid=0&px_id=73492196&min_cpm=0.001612803875430951&out_id=0&campaign_type=hq&aid=291&cid=2703&uniq=&mid=8712796863949828187&skin_id=2&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.000359663855854005&cpm=0&verify_hash=6bbd8915d1050494783efbdf15679e8f&is_native=1&real_bid=0.00019279680252075264&original_bid_usd=0.000224&original_bid=0.000224&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=130,129,81,5,98,4,90&need_redirect_show=0&applied_features=coef_099,main-skins-settings&show_count=1&expiration_timestamp=1706049672&image_url=https%3A%2F%2Fimg.vmmcdn.com%2Fget%2F82683635%2F200747_image.jpg&site=native-push-adult&price=0.000224&hostname=auc-inpage-hz-7-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000000224&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.03&cpa=d8cc1908-90ec-4669-aa3b-5d0527ea29bc&prev_step_diff=806 HTTP/1.1
Host: 09a1201bdf.202a02210a.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 23 Jan 2024 06:41:12 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12869/9e9715eb63c6/m/1

104.21.2.226

200 OK

143 kB

URL GET HTTP/2
kisakisexo.xyz/12869/9e9715eb63c6/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x791, components 3
Size
143 kB (143266 bytes)
Hash
08eb2a4e1826d11da0fa8fd7893d1f53
edcb1be7968ce5acb3bf17906cc45dff22b82ed1
97fa196a284c6824a031a882cd9c8f83168aa6d8a34ecc235e112fd117192264

HTTP Headers

GET /12869/9e9715eb63c6/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:09 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Mon, 22 Jan 2024 07:14:32 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 81514
server: cloudflare
cf-ray: 849e0ca51a1c568a-OSL
X-Firefox-Spdy: h2

GET static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.03&cpa=248e8626-8cea-493a-a12f-1828de78d670&prev_step_diff=806

45.133.44.25

200 OK

590 B

URL GET HTTP/2
static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.03&cpa=248e8626-8cea-493a-a12f-1828de78d670&prev_step_diff=806
IP
45.133.44.25:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://anchira.to/
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
Fingerprint82:9C:46:43:2E:61:6B:71:94:BA:2E:7C:BC:A1:60:20:22:D3:FC:F6
ValidityThu, 07 Dec 2023 12:30:34 GMT - Wed, 06 Mar 2024 12:30:33 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp
Size
590 B (590 bytes)
Hash
debce753f1ce6652c1637491fd72b1b1
fd102eb3f058f7a43b0f9ec03541681699f5895e
c2443b0a74b25158756abb7aa12832e5442adab247aab6e24514f54396c72579

HTTP Headers

GET /creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.03&cpa=248e8626-8cea-493a-a12f-1828de78d670&prev_step_diff=806 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:12 GMT
content-type: image/webp
content-length: 590
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-24e"
expires: Wed, 22 Jan 2025 06:41:12 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp

45.133.44.25

200 OK

590 B

URL GET HTTP/2
static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
IP
45.133.44.25:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://anchira.to/
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
Fingerprint82:9C:46:43:2E:61:6B:71:94:BA:2E:7C:BC:A1:60:20:22:D3:FC:F6
ValidityThu, 07 Dec 2023 12:30:34 GMT - Wed, 06 Mar 2024 12:30:33 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp
Size
590 B (590 bytes)
Hash
debce753f1ce6652c1637491fd72b1b1
fd102eb3f058f7a43b0f9ec03541681699f5895e
c2443b0a74b25158756abb7aa12832e5442adab247aab6e24514f54396c72579

HTTP Headers

GET /creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:12 GMT
content-type: image/webp
content-length: 590
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-24e"
expires: Wed, 22 Jan 2025 06:41:12 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET cipdn.com/ie?v=4&c=9_Pp_Lb07shVAAmYciEsCzDLXvYI6P75-B7XzPPagZCACmwUYFQXLYil4DDQIPAE1MKiK72xV8i-45hwVwYeIsUfkG0WhqVJY1tbOlVYqB-XYB1IZDo_LymIbfeNAfxAni0BXrdoUnA07WzD9uTO08V444iZpsqlq3n_03_P2zf2ReKblkKScGbM5ffRwCdHVcbnO3QmmQG1ZISn6cNWC67islIZu8F3xsGPXeJINofOhzeh4ednS2Oy5yV33LKuSiFs5aPcnUctklSEDXrfl90Nqa9Xcmkz3iY764rrUVrJa-58i--375iaWrO6iIu8mRjBYN262i1On5wBmaeTtV1qA1O2W08DUCvk09hnTZ0Q6j3itoxncPlw6ZnMNISlCjt_NIL3jjcywfv7iS_xyultwuedyPVDSwS_lGUea05q&v1=457&v2=68678&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.03&cpa=cd36e142-7bfb-48e0-b47a-d56fe723eaa4&prev_step_diff=806

213.239.207.252

301 Moved Permanently

0 B

URL GET HTTP/1.1
cipdn.com/ie?v=4&c=9_Pp_Lb07shVAAmYciEsCzDLXvYI6P75-B7XzPPagZCACmwUYFQXLYil4DDQIPAE1MKiK72xV8i-45hwVwYeIsUfkG0WhqVJY1tbOlVYqB-XYB1IZDo_LymIbfeNAfxAni0BXrdoUnA07WzD9uTO08V444iZpsqlq3n_03_P2zf2ReKblkKScGbM5ffRwCdHVcbnO3QmmQG1ZISn6cNWC67islIZu8F3xsGPXeJINofOhzeh4ednS2Oy5yV33LKuSiFs5aPcnUctklSEDXrfl90Nqa9Xcmkz3iY764rrUVrJa-58i--375iaWrO6iIu8mRjBYN262i1On5wBmaeTtV1qA1O2W08DUCvk09hnTZ0Q6j3itoxncPlw6ZnMNISlCjt_NIL3jjcywfv7iS_xyultwuedyPVDSwS_lGUea05q&v1=457&v2=68678&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.03&cpa=cd36e142-7bfb-48e0-b47a-d56fe723eaa4&prev_step_diff=806
IP
213.239.207.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anchira.to/
Certificate
IssuerLet's Encrypt
Subjectnimrute.com
Fingerprint2F:DC:97:BB:BF:07:AD:4E:4B:6F:03:01:51:43:79:17:66:1C:37:C7
ValidityThu, 02 Nov 2023 05:18:21 GMT - Wed, 31 Jan 2024 05:18:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ie?v=4&c=9_Pp_Lb07shVAAmYciEsCzDLXvYI6P75-B7XzPPagZCACmwUYFQXLYil4DDQIPAE1MKiK72xV8i-45hwVwYeIsUfkG0WhqVJY1tbOlVYqB-XYB1IZDo_LymIbfeNAfxAni0BXrdoUnA07WzD9uTO08V444iZpsqlq3n_03_P2zf2ReKblkKScGbM5ffRwCdHVcbnO3QmmQG1ZISn6cNWC67islIZu8F3xsGPXeJINofOhzeh4ednS2Oy5yV33LKuSiFs5aPcnUctklSEDXrfl90Nqa9Xcmkz3iY764rrUVrJa-58i--375iaWrO6iIu8mRjBYN262i1On5wBmaeTtV1qA1O2W08DUCvk09hnTZ0Q6j3itoxncPlw6ZnMNISlCjt_NIL3jjcywfv7iS_xyultwuedyPVDSwS_lGUea05q&v1=457&v2=68678&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.03&cpa=cd36e142-7bfb-48e0-b47a-d56fe723eaa4&prev_step_diff=806 HTTP/1.1
Host: cipdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
server: fasthttp
date: Tue, 23 Jan 2024 06:41:12 GMT
content-length: 0
location: https://img.vmmcdn.com/get/7609021/200747_icon.png
x-app-id: 12

GET img.vmmcdn.com/get/82683635/200747_image.jpg

138.201.51.142

200 OK

36 kB

URL GET HTTP/1.1
img.vmmcdn.com/get/82683635/200747_image.jpg
IP
138.201.51.142:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anchira.to/
Certificate
IssuerLet's Encrypt
Subjectimg.vmmcdn.com
Fingerprint15:CC:5E:E7:12:BF:E8:26:07:EA:9D:8D:12:BE:02:54:9A:1C:B0:53
ValidityTue, 12 Dec 2023 08:28:31 GMT - Mon, 11 Mar 2024 08:28:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 720x480, components 3
Size
36 kB (36287 bytes)
Hash
a44377d1bf95c41d2bf0b039bdba6ade
cf84c83242f3a518a42861e7dc14eb66adabe63d
5a2c9ea6eb0f41b6b82ff37252da713df7010d7772be4afde0f9d783e54bfdca

HTTP Headers

GET /get/82683635/200747_image.jpg HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Tue, 23 Jan 2024 06:41:12 GMT
Content-Type: image/jpeg
Content-Length: 36287
Connection: keep-alive
Last-Modified: Mon, 07 Nov 2022 15:29:52 GMT
Cache-Control: public, max-age=604800
ETag: "63692470-8dbf"
X-Proxy-Cache: HIT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Request-Headers: x-requested-with
Access-Control-Allow-Headers: x-requested-with
Accept-Ranges: bytes

GET img.vmmcdn.com/get/7609021/200747_icon.png

138.201.51.142

200 OK

78 kB

URL GET HTTP/1.1
img.vmmcdn.com/get/7609021/200747_icon.png
IP
138.201.51.142:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anchira.to/
Certificate
IssuerLet's Encrypt
Subjectimg.vmmcdn.com
Fingerprint15:CC:5E:E7:12:BF:E8:26:07:EA:9D:8D:12:BE:02:54:9A:1C:B0:53
ValidityTue, 12 Dec 2023 08:28:31 GMT - Mon, 11 Mar 2024 08:28:30 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
78 kB (78410 bytes)
Hash
53282b73b589873fa79c738c03b4e47d
ca5ab91a4e36ebddd6b326fa67071e915415085d
530d10989a16c4cbdec879d1f82bb200fe63f5fb111179d873354058460dacc8

HTTP Headers

GET /get/7609021/200747_icon.png HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Tue, 23 Jan 2024 06:41:12 GMT
Content-Type: image/png
Content-Length: 78410
Connection: keep-alive
Last-Modified: Mon, 07 Nov 2022 15:29:52 GMT
Cache-Control: public, max-age=604800
ETag: "63692470-1324a"
X-Proxy-Cache: HIT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Request-Headers: x-requested-with
Access-Control-Allow-Headers: x-requested-with
Accept-Ranges: bytes

POST mcpuwpsh.com/get/

94.130.197.240

200 OK

8.2 kB

URL POST HTTP/2
mcpuwpsh.com/get/
IP
94.130.197.240:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anchira.to/
Certificate
IssuerLet's Encrypt
Subjectpuwpush.com
Fingerprint58:C2:DD:2C:EE:85:44:12:D6:8C:9C:81:24:6C:7E:3A:63:BE:86:B4
ValidityThu, 14 Dec 2023 12:19:42 GMT - Wed, 13 Mar 2024 12:19:41 GMT

File type
JSON text data
Size
8.2 kB (8156 bytes)
Hash
84ce578859e0bb08f954e36e4a41250d
d0d92627054b6f935bdc3c74773905198422fbea
dab771a7be2b8efa0e22ea78bf95bb81e0a40f8ebe086a05fd3b86f5508004d1

HTTP Headers

POST /get/ HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
Content-Type: text/plain;charset=UTF-8
Content-Length: 851
Origin: https://anchira.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.16.0
date: Tue, 23 Jan 2024 06:41:13 GMT
content-type: application/json
content-length: 8156
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12808/e3463173de10/m/1

104.21.2.226

200 OK

76 kB

URL GET HTTP/2
kisakisexo.xyz/12808/e3463173de10/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x804, components 3
Size
76 kB (75671 bytes)
Hash
5b129c581967cc6602680a8dffe5a790
e95ef00527b3a4374a1f8f97b5df72ff8a495712
bdb39ffb28ba631b61558a75cd6dc733bec6a63f881306acdfe2e5528e922018

HTTP Headers

GET /12808/e3463173de10/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:10 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Fri, 12 Jan 2024 08:49:30 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 898149
server: cloudflare
cf-ray: 849e0ca6cd7d568a-OSL
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12870/2b55dda41f25/m/1

104.21.2.226

200 OK

77 kB

URL GET HTTP/2
kisakisexo.xyz/12870/2b55dda41f25/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x791, components 3
Size
77 kB (76815 bytes)
Hash
e5798db758be00c33605083dfebb7751
b9f31f8879564a24202c872746c03eac656be2c0
2674976a65dec0f6b0dd316ad02b9a45803eba4bcc8347fd5a999cab64cd5f20

HTTP Headers

GET /12870/2b55dda41f25/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:09 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Mon, 22 Jan 2024 07:14:38 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 81514
server: cloudflare
cf-ray: 849e0ca4d9b9568a-OSL
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12859/e1ad02de4fd4/m/1

104.21.2.226

200 OK

91 kB

URL GET HTTP/2
kisakisexo.xyz/12859/e1ad02de4fd4/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x784, components 3
Size
91 kB (91414 bytes)
Hash
87b57055ba7dbb0d36fa53984c9c9cf3
22f0c8cdb6faf6c8e162fdc652ffa5291b719ab2
07fdd1e3b10b105794349cec7237fdb46354ffd57ddcedc496abe277de890ebc

HTTP Headers

GET /12859/e1ad02de4fd4/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:10 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Mon, 22 Jan 2024 04:22:39 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 81390
server: cloudflare
cf-ray: 849e0ca64c5b568a-OSL
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12829/11eec8180163/m/1

104.21.2.226

200 OK

96 kB

URL GET HTTP/2
kisakisexo.xyz/12829/11eec8180163/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x791, components 3
Size
96 kB (95831 bytes)
Hash
c0e9894a0e397d403b190d90dd96b5a6
d51500b19fadf4090fb803d6584492fe59eee0b5
80bcd5cbd96242c8d4a1b7dee7c7a8779951079818646d1d2a9cdf12a2032bdd

HTTP Headers

GET /12829/11eec8180163/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:10 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Tue, 16 Jan 2024 08:44:19 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 596175
server: cloudflare
cf-ray: 849e0ca69d14568a-OSL
X-Firefox-Spdy: h2

GET anchira.to/

104.21.33.38

200 OK

6.2 kB

URL User Request GET HTTP/2
anchira.to/
IP
104.21.33.38:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectanchira.to
FingerprintF1:81:34:89:AF:8F:80:EC:A5:2E:1A:41:20:1C:A2:7C:5C:D8:79:66
ValiditySat, 16 Dec 2023 18:25:51 GMT - Fri, 15 Mar 2024 18:25:50 GMT

File type
HTML document, ASCII text, with very long lines (6523), with no line terminators
Size
6.2 kB (6168 bytes)
Hash
818ef85548dcec5053200b65214a7588
18b09fb67ff649d62a0083478a355bc08702dbdb
f4e2d7f9064fd7a6f745ba0f31bb1422513b725a7b0ec4c66ff3331d2e60be87

HTTP Headers

GET / HTTP/1.1
Host: anchira.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:08 GMT
content-type: text/html; charset=utf-8
last-modified: Fri, 19 Jan 2024 09:56:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 849e0c9cdb0d5699-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/web-streams-polyfill@2.0.2/dist/ponyfill.min.js

151.101.65.229

200 OK

44 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/web-streams-polyfill@2.0.2/dist/ponyfill.min.js
IP
151.101.65.229:443
ASN
#54113 FASTLY

Requested by
https://anchira.to/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (43820)
Size
44 kB (44163 bytes)
Hash
15f5a8613ba4cdc96560b32708c66475
2c13162876f361e1490c3b37998cb307eea65c87
fb098daba4b9ca85f5fb0bd948b98da76b6694c7a778fe6b19508ad3d281689e

HTTP Headers

GET /npm/web-streams-polyfill@2.0.2/dist/ponyfill.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.0.2
x-jsd-version-type: version
etag: W/"ac83-LBMWKHbzYeFJDDs3mYyzB+6mXIc"
content-encoding: br
accept-ranges: bytes
date: Tue, 23 Jan 2024 06:41:09 GMT
age: 3476262
x-served-by: cache-fra-eddf8230104-FRA, cache-hel1410027-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 11169
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12874/932d28a08efc/m/1

104.21.2.226

200 OK

108 kB

URL GET HTTP/2
kisakisexo.xyz/12874/932d28a08efc/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x791, components 3
Size
108 kB (108430 bytes)
Hash
5b93ecc13077e6a573543cc9f8d5ed70
5232fa756249ad32fe59a03963ff6b1d6bb5d88c
7ea0eb63db81bd1325abc0ae3acf07cccb2e5699e0b034d0d846000bb9097136

HTTP Headers

GET /12874/932d28a08efc/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:09 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Mon, 22 Jan 2024 07:15:17 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 81514
server: cloudflare
cf-ray: 849e0ca51a18568a-OSL
X-Firefox-Spdy: h2

GET ef106879f8.f794d2f9d9.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNDA3NjE3MzE5MzkxNDgwMjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEwMC4xIiwidGFnX2lkIjoxMzg4NzUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC40LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJCcm93c2UlMkNBbmNoaXJhIn0=

45.133.44.53

200 OK

0 B

URL GET HTTP/2
ef106879f8.f794d2f9d9.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNDA3NjE3MzE5MzkxNDgwMjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEwMC4xIiwidGFnX2lkIjoxMzg4NzUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC40LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJCcm93c2UlMkNBbmNoaXJhIn0=
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://anchira.to/
Certificate
IssuerLet's Encrypt
Subjectef106879f8.f794d2f9d9.com
Fingerprint3C:36:11:FC:24:FB:16:52:D1:55:95:35:89:56:9E:63:A0:9D:C1:66
ValiditySat, 20 Jan 2024 02:50:23 GMT - Fri, 19 Apr 2024 02:50:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNDA3NjE3MzE5MzkxNDgwMjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEwMC4xIiwidGFnX2lkIjoxMzg4NzUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC40LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJCcm93c2UlMkNBbmNoaXJhIn0= HTTP/1.1
Host: ef106879f8.f794d2f9d9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
Origin: https://anchira.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:11 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12833/f29778be4582/m/1

104.21.2.226

200 OK

91 kB

URL GET HTTP/2
kisakisexo.xyz/12833/f29778be4582/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x804, components 3
Size
91 kB (91359 bytes)
Hash
7c9973f7e3b4b5b138c25ca4b6c9cf75
fdf707afb7e8f68aadc81c54510526569f4b46c7
889c619c7c0dbf7639d847512b4d028d6056bf923d075cb2a0ce3763af9ecb6b

HTTP Headers

GET /12833/f29778be4582/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:10 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Tue, 16 Jan 2024 08:44:23 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 596175
server: cloudflare
cf-ray: 849e0ca67cd9568a-OSL
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12846/d7a713c269d3/m/1

104.21.2.226

200 OK

123 kB

URL GET HTTP/2
kisakisexo.xyz/12846/d7a713c269d3/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x791, components 3
Size
123 kB (123414 bytes)
Hash
feefff7c5bcdc20ff9cda2fb5eccc33e
d8b4c7d06c60289c5547a14f8bfcd19ec142f97f
ad5d0e2707f3906f832614c91e51716c2b0450a8f57372d7664273f6512069e0

HTTP Headers

GET /12846/d7a713c269d3/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:10 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Fri, 19 Jan 2024 09:24:41 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 334364
server: cloudflare
cf-ray: 849e0ca76e55568a-OSL
X-Firefox-Spdy: h2

GET accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp2D8Q0b5JHSdJtRNSp2ZYHrul8mlUDpwGPUNnjwBfqDNC1gCarSHMRDEUBrgW5hyNa78_eWeQ

64.233.161.84

302 Found

0 B

URL GET HTTP/3
accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp2D8Q0b5JHSdJtRNSp2ZYHrul8mlUDpwGPUNnjwBfqDNC1gCarSHMRDEUBrgW5hyNa78_eWeQ
IP
64.233.161.84:443
ASN
#15169 GOOGLE

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintC5:94:19:42:28:3A:57:36:10:5E:4A:4E:7B:CE:5E:33:B7:50:8D:89
ValidityTue, 02 Jan 2024 13:02:52 GMT - Tue, 26 Mar 2024 13:02:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp2D8Q0b5JHSdJtRNSp2ZYHrul8mlUDpwGPUNnjwBfqDNC1gCarSHMRDEUBrgW5hyNa78_eWeQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:ASLoQjbXl6Y1-LUzCIstEYHUBGQ16Q:LMKLLuXScgCckTfb;Path=/;Expires=Thu, 22-Jan-2026 06:41:11 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Jan 2024 06:41:11 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3RhCKJp9IkCEH6IzXzxnXelD5fJTwMDZ9Bkcb-OJ2IzSSNfQeohU63oZ7cbfs6McggD52bbw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2113753795%3A1705992071844478&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-W9OFCnJFwFhSKEFiABMJUg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 406
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET kisakisexo.xyz/12867/b04f3b872dbf/m/1

104.21.2.226

200 OK

104 kB

URL GET HTTP/2
kisakisexo.xyz/12867/b04f3b872dbf/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x791, components 3
Size
104 kB (103561 bytes)
Hash
5863d695951e0d8b5af883f6bda86a7f
bc7c870b0ebefceb26b715acf4b0f439c0c315cb
10b57a526190f869fe1c6f5222e5d9f11bad28c0b4fe5d93aad6f8036d12a2a4

HTTP Headers

GET /12867/b04f3b872dbf/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:10 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Mon, 22 Jan 2024 07:14:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 81515
server: cloudflare
cf-ray: 849e0ca64c39568a-OSL
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12825/4d671d60b4ca/m/1

104.21.2.226

200 OK

80 kB

URL GET HTTP/2
kisakisexo.xyz/12825/4d671d60b4ca/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x810, components 3
Size
80 kB (79822 bytes)
Hash
18500c4d03d5987a1138b5c21fd7bf31
4b0248cb11eb8e2d689be4160d9650942b1ab00e
d798b1d7aa622ef19d557c49040866888a8696199e1325878626ffbb3216dbe4

HTTP Headers

GET /12825/4d671d60b4ca/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:10 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Sun, 14 Jan 2024 08:54:23 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 768449
server: cloudflare
cf-ray: 849e0ca6cd74568a-OSL
X-Firefox-Spdy: h2

GET js.wpadmngr.com/static/adManager.js

45.133.44.53

200 OK

1.7 kB

URL GET HTTP/2
js.wpadmngr.com/static/adManager.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://anchira.to/
Certificate
IssuerLet's Encrypt
Subjectjs.wpadmngr.com
Fingerprint2F:3F:48:9D:0A:12:7C:19:E2:D4:D8:B1:05:49:3B:C7:AF:B4:26:4C
ValidityThu, 11 Jan 2024 03:01:43 GMT - Wed, 10 Apr 2024 03:01:42 GMT

File type
JavaScript source, ASCII text, with very long lines (1877), with no line terminators
Size
1.7 kB (1731 bytes)
Hash
e24a9ec49f6f75025bf762f0af9815f1
c6c965aefb7e2c4463c0afdf55b3932a98e72519
25652e35ef6c95f05f18f2241cbf5cd4fc8616086f38fe11b63db5643212a21e

HTTP Headers

GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:10 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Jan 2024 12:25:43 GMT
etag: W/"65a675c7-6c3"
content-encoding: gzip
expires: Tue, 23 Jan 2024 06:46:10 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12854/da0f07798621/m/2

104.21.2.226

200 OK

96 kB

URL GET HTTP/2
kisakisexo.xyz/12854/da0f07798621/m/2
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x791, components 3
Size
96 kB (95596 bytes)
Hash
c89ed588595b5c361117f2e3a95928fd
a8eab5a9aae021cfda3ae27432903cecf75f0fe6
1f092f4c26e4b504a6a1f0706658818f1eac4b05a069594c4cf2c798d49b1bae

HTTP Headers

GET /12854/da0f07798621/m/2 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:09 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Mon, 22 Jan 2024 04:22:32 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 81382
server: cloudflare
cf-ray: 849e0ca4d996568a-OSL
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12877/04b00a7083d1/m/1

104.21.2.226

200 OK

82 kB

URL GET HTTP/2
kisakisexo.xyz/12877/04b00a7083d1/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x791, components 3
Size
82 kB (82134 bytes)
Hash
ded128f906123271072cc439ae14ea72
ce67c171bf379a28d56d41131dc5e57f54d09e6e
bcc7c88321f17c54f49245b9f5aa9dd24978327b399edca029f4da4b89780a7d

HTTP Headers

GET /12877/04b00a7083d1/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:09 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Mon, 22 Jan 2024 07:15:30 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 81514
server: cloudflare
cf-ray: 849e0ca52a57568a-OSL
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12851/a3e523702cc4/m/1

104.21.2.226

200 OK

64 kB

URL GET HTTP/2
kisakisexo.xyz/12851/a3e523702cc4/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x784, components 3
Size
64 kB (64026 bytes)
Hash
ce0f7a8d49f913227de50fc1bf3e4b94
1419bb659bbba0efc6a7b7c7dc638e12c9ecacc0
34d9de3ebc327c89046103cb9bf5666d314452c09f91727b11af352a8eae644d

HTTP Headers

GET /12851/a3e523702cc4/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:10 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Sat, 20 Jan 2024 13:09:10 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 234496
server: cloudflare
cf-ray: 849e0ca64c73568a-OSL
X-Firefox-Spdy: h2

GET js.capndr.com/advertising.js

45.133.44.52

200 OK

0 B

URL GET HTTP/2
js.capndr.com/advertising.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://anchira.to/
Certificate
IssuerLet's Encrypt
Subjectjs.capndr.com
FingerprintF0:24:A5:0C:06:85:29:08:4A:D1:00:E7:0E:6D:7E:FA:78:A7:98:84
ValiditySat, 23 Dec 2023 03:00:16 GMT - Fri, 22 Mar 2024 03:00:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Tue, 23 Jan 2024 06:46:11 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12843/7ed6b1627beb/m/1

104.21.2.226

200 OK

94 kB

URL GET HTTP/2
kisakisexo.xyz/12843/7ed6b1627beb/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x804, components 3
Size
94 kB (93598 bytes)
Hash
9616abfbbe81ff1d8bb20b12fc9e100b
eeea7aeac2854ffe08e044082329e61f217dd1ec
60ac6e1be94dcfb755711aba3402ed3adbfbd888f099ef26ec763862f8c927f3

HTTP Headers

GET /12843/7ed6b1627beb/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:10 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Thu, 18 Jan 2024 09:11:50 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 420189
server: cloudflare
cf-ray: 849e0ca67cd0568a-OSL
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12839/37213ed25710/m/1

104.21.2.226

200 OK

100 kB

URL GET HTTP/2
kisakisexo.xyz/12839/37213ed25710/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x784, components 3
Size
100 kB (100504 bytes)
Hash
8b31f9a88857f42caaae16254c0c4120
99cf3e6f39113af02c754d1e0787eff369768421
a5cdd1a9dac26a3246df43e88da03a42c36da749ee245d5d838df0ad401c7695

HTTP Headers

GET /12839/37213ed25710/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:10 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Wed, 17 Jan 2024 09:02:08 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 509799
server: cloudflare
cf-ray: 849e0ca67cd2568a-OSL
X-Firefox-Spdy: h2

GET js.wpushsdk.com/npc/sdk/wpu/npush.m.js

45.133.44.52

200 OK

197 kB

URL GET HTTP/2
js.wpushsdk.com/npc/sdk/wpu/npush.m.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://anchira.to/
Certificate
IssuerLet's Encrypt
Subjectjs.wpushsdk.com
FingerprintC1:50:5B:AB:3D:12:F3:99:31:43:2B:9A:C7:B5:CC:32:14:43:BE:FC
ValidityFri, 12 Jan 2024 05:00:52 GMT - Thu, 11 Apr 2024 05:00:51 GMT

File type

Size
197 kB (197427 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /npc/sdk/wpu/npush.m.js HTTP/1.1
Host: js.wpushsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:11 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 18 Jan 2024 13:31:43 GMT
etag: W/"65a9283f-30333"
content-encoding: gzip
expires: Tue, 23 Jan 2024 06:46:11 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET js.wpushsdk.com/skins/nmain.m.js

45.133.44.52

200 OK

445 kB

URL GET HTTP/2
js.wpushsdk.com/skins/nmain.m.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://anchira.to/
Certificate
IssuerLet's Encrypt
Subjectjs.wpushsdk.com
FingerprintC1:50:5B:AB:3D:12:F3:99:31:43:2B:9A:C7:B5:CC:32:14:43:BE:FC
ValidityFri, 12 Jan 2024 05:00:52 GMT - Thu, 11 Apr 2024 05:00:51 GMT

File type

Size
445 kB (445374 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/nmain.m.js HTTP/1.1
Host: js.wpushsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:11 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 19 Jan 2024 16:09:32 GMT
etag: W/"65aa9ebc-6cbbe"
content-encoding: gzip
expires: Tue, 23 Jan 2024 06:46:11 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12876/9deffa70c7b5/m/1

104.21.2.226

200 OK

86 kB

URL GET HTTP/2
kisakisexo.xyz/12876/9deffa70c7b5/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x791, components 3
Size
86 kB (86460 bytes)
Hash
48f745884545d7064d893a28ee988002
24ae01a115896b3e96dcae5ba26fafe15af52dd5
db0ed2aa39cf10af417e146525c4cc0a68ada747bca5f1e394f4e1d795f9eff6

HTTP Headers

GET /12876/9deffa70c7b5/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:09 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Mon, 22 Jan 2024 07:15:25 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 81514
server: cloudflare
cf-ray: 849e0ca53a5d568a-OSL
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12855/34e9d4a23c3d/m/1

104.21.2.226

200 OK

78 kB

URL GET HTTP/2
kisakisexo.xyz/12855/34e9d4a23c3d/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x791, components 3
Size
78 kB (78202 bytes)
Hash
870eabdb32f4724cfe524914937192c4
3b43ad1f16b4801ec960f9171a4bf934f9750dd0
5da8eb79fc5b18bba5968954d6953611b93f90f52d475018803859a1292fff42

HTTP Headers

GET /12855/34e9d4a23c3d/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:10 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Mon, 22 Jan 2024 04:22:33 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 81390
server: cloudflare
cf-ray: 849e0ca64c6d568a-OSL
X-Firefox-Spdy: h2

GET anchira.to/_app/app.9a91dc5b265af2ccdad5.css

104.21.33.38

200 OK

121 kB

URL GET HTTP/2
anchira.to/_app/app.9a91dc5b265af2ccdad5.css
IP
104.21.33.38:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectanchira.to
FingerprintF1:81:34:89:AF:8F:80:EC:A5:2E:1A:41:20:1C:A2:7C:5C:D8:79:66
ValiditySat, 16 Dec 2023 18:25:51 GMT - Fri, 15 Mar 2024 18:25:50 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
121 kB (120793 bytes)
Hash
84daa59752b7ddd492973db39f3b2e86
2a65698408f55df9fb72cc3ebb72d308d1d12c58
839f16896340fc0fb8268bf54cc71d10855c6f9b3a4af3164ba5e30e374ab6e1

HTTP Headers

GET /_app/app.9a91dc5b265af2ccdad5.css HTTP/1.1
Host: anchira.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:09 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=259200
cf-bgj: minify
cf-polished: origSize=120815
last-modified: Fri, 19 Jan 2024 09:56:07 GMT
permissions-policy: fullscreen=(self)
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 113817
server: cloudflare
cf-ray: 849e0c9f7ee55699-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12849/a677c8730d8c/m/1

104.21.2.226

200 OK

129 kB

URL GET HTTP/2
kisakisexo.xyz/12849/a677c8730d8c/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x804, components 3
Size
129 kB (129281 bytes)
Hash
49a5405c6cd45f47fb23f40800b408f2
f67e6c6a8f3974b16237dff74107c4e4a24e38b8
699cf9793b7bca50aeee304c68f9a4a8b3d12a5b7296c2045d0e4f10310fe8d3

HTTP Headers

GET /12849/a677c8730d8c/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:10 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Fri, 19 Jan 2024 09:24:43 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 334364
server: cloudflare
cf-ray: 849e0ca76e52568a-OSL
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12856/a6eed87bc9cb/m/1

104.21.2.226

200 OK

111 kB

URL GET HTTP/2
kisakisexo.xyz/12856/a6eed87bc9cb/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x804, components 3
Size
111 kB (110992 bytes)
Hash
eb1366fc3b0463bc25c53594dd033235
0aff405544c890a3b047372de7259ad5a0d66881
489336095439a369b3da1b20a7fae5faf12dbed6de9e436b420ebf0b0254cee9

HTTP Headers

GET /12856/a6eed87bc9cb/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:10 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Mon, 22 Jan 2024 04:22:34 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 81385
server: cloudflare
cf-ray: 849e0ca74e17568a-OSL
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12848/65499fff40e4/m/1

104.21.2.226

200 OK

104 kB

URL GET HTTP/2
kisakisexo.xyz/12848/65499fff40e4/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x791, components 3
Size
104 kB (104543 bytes)
Hash
23c1ca640898fdafa54232bcc17f97c1
652abfc697327dfb21f913ae3882b9a065a1d9ca
65c15cf84757d1bf8949830f754216a7870877066e5bf068f318ede8e96692c3

HTTP Headers

GET /12848/65499fff40e4/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:10 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Fri, 19 Jan 2024 09:24:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 334364
server: cloudflare
cf-ray: 849e0ca76e54568a-OSL
X-Firefox-Spdy: h2

GET storage.multstorage.com/log/count.html

172.67.174.51

200 OK

882 B

URL GET HTTP/2
storage.multstorage.com/log/count.html
IP
172.67.174.51:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectmultstorage.com
Fingerprint85:2F:46:5C:CA:F9:F8:C2:40:0F:06:C8:34:77:E5:3B:16:08:64:22
ValidityThu, 18 Jan 2024 09:24:31 GMT - Wed, 17 Apr 2024 09:24:30 GMT

File type
HTML document, ASCII text, with very long lines (919), with no line terminators
Size
882 B (882 bytes)
Hash
053b1fe641da8057571d40ebaf1624ab
09b2648b7d08c84621298f0b939cea5170a65022
6606334874a3edb8295831f41d3684433e4553ffe0a72e58c90926e00f39c6a4

HTTP Headers

GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:11 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: 617311dac125272937384bd6552623d9
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96oM6%2BA7DQXR6N8BwVTWNZPRcFkh%2FxH35QQGiUmuEkfVuYU3nMeT8z05nWRhjUXM5cfM1Qi4lrw5R6F%2Fayv9RlvBXgur35pWCdLVDuXlnlHIALVBachrIJNK1ejhKSkkDYbMI1cGzcy%2FWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 849e0cad79b3b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET anchira.to/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.21.33.38

302 Found

7.4 kB

URL GET HTTP/2
anchira.to/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.21.33.38:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectanchira.to
FingerprintF1:81:34:89:AF:8F:80:EC:A5:2E:1A:41:20:1C:A2:7C:5C:D8:79:66
ValiditySat, 16 Dec 2023 18:25:51 GMT - Fri, 15 Mar 2024 18:25:50 GMT

File type

Size
7.4 kB (7407 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: anchira.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 23 Jan 2024 06:41:09 GMT
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
cache-control: max-age=300, public
vary: accept-encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 849e0ca00f9c5699-OSL
X-Firefox-Spdy: h2

GET anchira.to/api/v1/library/index

104.21.33.38

200 OK

21 kB

URL GET HTTP/2
anchira.to/api/v1/library/index
IP
104.21.33.38:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectanchira.to
FingerprintF1:81:34:89:AF:8F:80:EC:A5:2E:1A:41:20:1C:A2:7C:5C:D8:79:66
ValiditySat, 16 Dec 2023 18:25:51 GMT - Fri, 15 Mar 2024 18:25:50 GMT

File type

Size
21 kB (21191 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/v1/library/index HTTP/1.1
Host: anchira.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=rJHLhb_hdx5RN.82lFjCNTY8HF6_AoUTMO6IHR.Co9A-1705992069-1-ATjwP14PAdeLBZSS4ao3prBiS4AXMU+jxJQHNdBMj+h7dsXgsxFdDg/eWyE10tkoZQiGsFXsMBMpfAf1WxxgTOQ=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:09 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-ratelimit-limit: 5
x-ratelimit-remaining: 3
x-ratelimit-reset: 1705990190
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 1880
last-modified: Tue, 23 Jan 2024 06:09:49 GMT
server: cloudflare
cf-ray: 849e0ca3ff075699-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET anchira.to/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.21.33.38

302 Found

7.4 kB

URL GET HTTP/2
anchira.to/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.21.33.38:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectanchira.to
FingerprintF1:81:34:89:AF:8F:80:EC:A5:2E:1A:41:20:1C:A2:7C:5C:D8:79:66
ValiditySat, 16 Dec 2023 18:25:51 GMT - Fri, 15 Mar 2024 18:25:50 GMT

File type

Size
7.4 kB (7386 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: anchira.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=rJHLhb_hdx5RN.82lFjCNTY8HF6_AoUTMO6IHR.Co9A-1705992069-1-ATjwP14PAdeLBZSS4ao3prBiS4AXMU+jxJQHNdBMj+h7dsXgsxFdDg/eWyE10tkoZQiGsFXsMBMpfAf1WxxgTOQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 23 Jan 2024 06:41:09 GMT
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
vary: accept-encoding
cache-control: max-age=300, public
server: cloudflare
cf-ray: 849e0ca2eccb5699-OSL
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12860/ed3eb40c845d/m/1

104.21.2.226

200 OK

114 kB

URL GET HTTP/2
kisakisexo.xyz/12860/ed3eb40c845d/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x791, components 3
Size
114 kB (113862 bytes)
Hash
372786de79efa07bbf7c1bcc7ce405fc
ed6bfdbffcf202a1803b7816cd3f2f5399c66eeb
14d876d6bcd05553b84d7d70fed386472174d24ed1252be0a9a1faa4b2c38ceb

HTTP Headers

GET /12860/ed3eb40c845d/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:09 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Mon, 22 Jan 2024 04:22:41 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 81384
server: cloudflare
cf-ray: 849e0ca4d9ab568a-OSL
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12857/04548a213fe3/m/2

104.21.2.226

200 OK

110 kB

URL GET HTTP/2
kisakisexo.xyz/12857/04548a213fe3/m/2
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x791, components 3
Size
110 kB (110493 bytes)
Hash
e224dd35c74dc29875588d17ba753844
cc220c00d1c972b38800e183ed2fbcf8d4d4fbee
b05670f462e903e04d7f27a4ebe230f2d5ca862b1c492546862dada5a5ab3c38

HTTP Headers

GET /12857/04548a213fe3/m/2 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:09 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Mon, 22 Jan 2024 04:22:36 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 81384
server: cloudflare
cf-ray: 849e0ca4d9a5568a-OSL
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12826/eba6b19541b5/m/1

104.21.2.226

200 OK

68 kB

URL GET HTTP/2
kisakisexo.xyz/12826/eba6b19541b5/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x804, components 3
Size
68 kB (67655 bytes)
Hash
27a51d88326b02801dfaddc09a69718b
f01ffcf9bdd15f83cec309b8e1fcda8f8c11f565
64b4784412e7782e1ca06bb1e63bc884e782bce81c6c8603dd03402e163a3200

HTTP Headers

GET /12826/eba6b19541b5/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:10 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Sun, 14 Jan 2024 08:54:23 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 768449
server: cloudflare
cf-ray: 849e0ca6ad53568a-OSL
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12850/72f4e522c52d/m/1

104.21.2.226

200 OK

102 kB

URL GET HTTP/2
kisakisexo.xyz/12850/72f4e522c52d/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x791, components 3
Size
102 kB (102468 bytes)
Hash
76f45a4f997e947a3e3262f18a1ac081
94e25fc08565a9287080ff78cf12cd150554432f
969922527efbe29cdd5104b1992631e5945f0aad8bf5c97aa77422b08f2f94d2

HTTP Headers

GET /12850/72f4e522c52d/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:10 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Sat, 20 Jan 2024 13:09:09 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 235443
server: cloudflare
cf-ray: 849e0ca76e51568a-OSL
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12821/a18279853f68/m/1

104.21.2.226

200 OK

74 kB

URL GET HTTP/2
kisakisexo.xyz/12821/a18279853f68/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x791, components 3
Size
74 kB (74447 bytes)
Hash
b846edfec43015c42dc5a1b69e9c93a5
33e03a25a940ef77bbebc5a976e6dc9a5fc66823
56dced07fa68038b3cbaca9bb2a374a079a2f79502a24f30acacacbcdcadcff1

HTTP Headers

GET /12821/a18279853f68/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:10 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Sun, 14 Jan 2024 08:54:13 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 768449
server: cloudflare
cf-ray: 849e0ca6cd75568a-OSL
X-Firefox-Spdy: h2

GET na.nawpush.com/tags/138875?version_name=a

45.133.44.24

200 OK

2.1 kB

URL GET HTTP/2
na.nawpush.com/tags/138875?version_name=a
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://anchira.to/
Certificate
IssuerLet's Encrypt
Subjectna.nawpush.com
Fingerprint73:8E:D9:E1:D0:7F:5B:63:BD:6A:8D:47:8E:04:38:3F:5F:49:91:2B
ValidityWed, 29 Nov 2023 03:00:42 GMT - Tue, 27 Feb 2024 03:00:41 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2421), with no line terminators
Size
2.1 kB (2143 bytes)
Hash
bc4b0085387e39194f35ac425cc01a5c
3a091aa348f7843bc96cc5a8ee7c1ae588ec73bb
3bf9a3b2c05c0f1b9b097e31737e166384d68ffd01f245c5b7b0bcebf48d4fbc

HTTP Headers

GET /tags/138875?version_name=a HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
Origin: https://anchira.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:11 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300, public
x-proxy-cache: EXPIRED
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12853/1e8d8dda192e/m/2

104.21.2.226

200 OK

90 kB

URL GET HTTP/2
kisakisexo.xyz/12853/1e8d8dda192e/m/2
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x791, components 3
Size
90 kB (89607 bytes)
Hash
7cc329e5667de704edceed84dffec2ec
4afe6a83537d04d3cf2e211664fd09d20a54dd60
2352eb28cd6d005f261c945863b811f062340e667f9821066856e264d1a9bd09

HTTP Headers

GET /12853/1e8d8dda192e/m/2 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:09 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Sat, 20 Jan 2024 13:09:15 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 235442
server: cloudflare
cf-ray: 849e0ca4d9b0568a-OSL
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12875/ba5b32f25c0b/m/1

104.21.2.226

200 OK

95 kB

URL GET HTTP/2
kisakisexo.xyz/12875/ba5b32f25c0b/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x791, components 1
Size
95 kB (95265 bytes)
Hash
210f4d262bc680526f27c4b0d52a2b6c
f51b09bb327487c6469ae4a32a14f3ac4ebaac5a
7eae44257ea442f99332948f923cab062613603745ba5a43bdb8e9d244ec2bac

HTTP Headers

GET /12875/ba5b32f25c0b/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:09 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Mon, 22 Jan 2024 07:15:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 81514
server: cloudflare
cf-ray: 849e0ca53a61568a-OSL
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12866/79ef8c8fe339/m/1

104.21.2.226

200 OK

85 kB

URL GET HTTP/2
kisakisexo.xyz/12866/79ef8c8fe339/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x791, components 3
Size
85 kB (85270 bytes)
Hash
1f37a9f5e87a4c5c5bfb7ae314d18c74
cd4bda4388f5834c03e2cabefad3c9ea1502bc02
98f5ca6177ac5b7a2e1da8e40c135e5796eb7417ffcb8886ac57b0166d57fa50

HTTP Headers

GET /12866/79ef8c8fe339/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:10 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Mon, 22 Jan 2024 07:14:16 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 81515
server: cloudflare
cf-ray: 849e0ca64c47568a-OSL
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12852/939933b1db86/m/2

104.21.2.226

200 OK

110 kB

URL GET HTTP/2
kisakisexo.xyz/12852/939933b1db86/m/2
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x804, components 3
Size
110 kB (110104 bytes)
Hash
00658221cb5b71cf230e72798279d263
18e8227cc03694f5b356023b131fd18ad8f6bcb9
e5a46f634762b138037391dcfb2cbe48f69cff2e7d0b3ea87d42a39953f802f8

HTTP Headers

GET /12852/939933b1db86/m/2 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:10 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Sat, 20 Jan 2024 13:09:12 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 235443
server: cloudflare
cf-ray: 849e0ca76e50568a-OSL
X-Firefox-Spdy: h2

GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3RhCKJp9IkCEH6IzXzxnXelD5fJTwMDZ9Bkcb-OJ2IzSSNfQeohU63oZ7cbfs6McggD52bbw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2113753795%3A1705992071844478&theme=glif

64.233.161.84

403 Forbidden

0 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3RhCKJp9IkCEH6IzXzxnXelD5fJTwMDZ9Bkcb-OJ2IzSSNfQeohU63oZ7cbfs6McggD52bbw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2113753795%3A1705992071844478&theme=glif
IP
64.233.161.84:443
ASN
#15169 GOOGLE

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintC5:94:19:42:28:3A:57:36:10:5E:4A:4E:7B:CE:5E:33:B7:50:8D:89
ValidityTue, 02 Jan 2024 13:02:52 GMT - Tue, 26 Mar 2024 13:02:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3RhCKJp9IkCEH6IzXzxnXelD5fJTwMDZ9Bkcb-OJ2IzSSNfQeohU63oZ7cbfs6McggD52bbw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2113753795%3A1705992071844478&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Jan 2024 06:41:12 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-pd4fqqbfA3r4O-tKsy-OgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET anchira.to/fonts/inter-v13-latin-600.woff2

104.21.33.38

200 OK

23 kB

URL GET HTTP/2
anchira.to/fonts/inter-v13-latin-600.woff2
IP
104.21.33.38:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectanchira.to
FingerprintF1:81:34:89:AF:8F:80:EC:A5:2E:1A:41:20:1C:A2:7C:5C:D8:79:66
ValiditySat, 16 Dec 2023 18:25:51 GMT - Fri, 15 Mar 2024 18:25:50 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22820, version 1.0
Size
23 kB (22820 bytes)
Hash
0bf7eadca131e06ec47943f8b4981f72
d0be123f34a4a68107328c916f9421afe72560ea
3022fadde78fd30c384797bcef8bebc18c96083527a850f62a58d8957a8b208f

HTTP Headers

GET /fonts/inter-v13-latin-600.woff2 HTTP/1.1
Host: anchira.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=rJHLhb_hdx5RN.82lFjCNTY8HF6_AoUTMO6IHR.Co9A-1705992069-1-ATjwP14PAdeLBZSS4ao3prBiS4AXMU+jxJQHNdBMj+h7dsXgsxFdDg/eWyE10tkoZQiGsFXsMBMpfAf1WxxgTOQ=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:09 GMT
content-type: font/woff2
cache-control: public, max-age=259200
last-modified: Mon, 16 Oct 2023 02:37:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 113745
server: cloudflare
cf-ray: 849e0ca3ff0a5699-OSL
X-Firefox-Spdy: h2

GET kisakisexo.xyz/12861/e5729c866d20/m/1

104.21.2.226

200 OK

121 kB

URL GET HTTP/2
kisakisexo.xyz/12861/e5729c866d20/m/1
IP
104.21.2.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anchira.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectkisakisexo.xyz
Fingerprint32:7C:E3:04:52:EB:07:58:E2:91:0C:5E:4B:4B:42:E9:84:25:9A:78
ValiditySun, 17 Dec 2023 01:54:00 GMT - Sat, 16 Mar 2024 01:53:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x791, components 1
Size
121 kB (120875 bytes)
Hash
eae374454ac3410b022e171fde0c2682
18ac303795849aa97e97635d9f28351c87c189f5
76fb6660b0e1e80129d9271c220e84eb5ac6341a0964876d629473ae09527766

HTTP Headers

GET /12861/e5729c866d20/m/1 HTTP/1.1
Host: kisakisexo.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:09 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
last-modified: Mon, 22 Jan 2024 04:22:44 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self)
cf-cache-status: HIT
age: 81384
server: cloudflare
cf-ray: 849e0ca51a14568a-OSL
X-Firefox-Spdy: h2

GET js.wpadmngr.com/static/adManager.m.js

45.133.44.53

200 OK

105 kB

URL GET HTTP/2
js.wpadmngr.com/static/adManager.m.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://anchira.to/
Certificate
IssuerLet's Encrypt
Subjectjs.wpadmngr.com
Fingerprint2F:3F:48:9D:0A:12:7C:19:E2:D4:D8:B1:05:49:3B:C7:AF:B4:26:4C
ValidityThu, 11 Jan 2024 03:01:43 GMT - Wed, 10 Apr 2024 03:01:42 GMT

File type

Size
105 kB (104555 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:10 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Jan 2024 12:25:49 GMT
etag: W/"65a675cd-1986b"
content-encoding: gzip
expires: Tue, 23 Jan 2024 06:46:10 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET js.capndr.com/popunder-admanager/build.m.js

45.133.44.52

200 OK

93 kB

URL GET HTTP/2
js.capndr.com/popunder-admanager/build.m.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://anchira.to/
Certificate
IssuerLet's Encrypt
Subjectjs.capndr.com
FingerprintF0:24:A5:0C:06:85:29:08:4A:D1:00:E7:0E:6D:7E:FA:78:A7:98:84
ValiditySat, 23 Dec 2023 03:00:16 GMT - Fri, 22 Mar 2024 03:00:15 GMT

File type

Size
93 kB (92622 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /popunder-admanager/build.m.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anchira.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Jan 2024 06:41:11 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 22 Jan 2024 10:37:11 GMT
etag: W/"65ae4557-169ce"
content-encoding: gzip
expires: Tue, 23 Jan 2024 06:46:11 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash