Report - de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/

Report Overview

Visited public
2023-11-27 23:02:14
Tags
URL
de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Finishing URL
de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
IP / ASN
104.21.235.189
#13335 CLOUDFLARENET
Title
Kagaku na Yatsura Gifs Part 47 - Hentai Gif

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
edge-hls.doppiocdn.com	unknown	2022-02-16	2022-11-01 13:03:56	2023-11-27 21:11:56	2.4 kB	635 kB	104.18.63.134
creative.bbrdbr.com	unknown	2022-07-05	2023-09-02 02:49:41	2023-11-27 18:58:39	5.0 kB	290 kB	104.18.59.150
hentai-cosplays.com	735719	2020-05-30	2020-06-06 11:25:37	2023-11-15 17:09:23	582 B	763 B	104.21.80.76
respectableinjurefortunate.com	unknown	unknown	No data	No data	517 B	467 B	173.233.139.164
mothwetcheater.com	unknown	unknown	No data	No data	5.7 kB	11 kB	192.243.59.13
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-11-27 07:14:04	551 B	18 kB	142.250.74.67
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-11-27 06:40:38	1.4 kB	160 kB	142.250.74.168
stealcurtainsdeeprooted.com	unknown	2023-10-30	2023-10-30 08:03:02	2023-11-19 06:57:27	4.2 kB	116 kB	173.233.137.36
hundredshands.com	unknown	unknown	No data	No data	2.7 kB	5.7 kB	192.243.59.12
i.jads.co	46788	2012-05-17	2019-12-04 09:50:06	2023-11-27 09:20:49	595 B	139 kB	205.185.216.42
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12 17:15:41	2023-11-27 20:33:00	2.9 kB	833 kB	45.133.44.9
video.ktkjmp.com	23778	2020-08-07	2020-10-02 10:52:19	2023-11-26 05:19:46	454 B	1.0 kB	104.18.62.235
img.strpst.com	12993	2021-05-31	2021-06-03 10:45:56	2023-11-27 18:56:11	4.2 kB	106 kB	104.18.63.124
unseenreport.com	unknown	2022-03-30	2022-03-30 16:33:17	2023-11-27 18:32:50	1.5 kB	846 B	192.243.59.12
r.trackwilltrk.com	unknown	2020-04-24	2020-04-28 06:48:25	2023-11-25 14:36:11	1.3 kB	3.1 kB	45.131.147.145
banquetunarmedgrater.com	unknown	2022-08-04	2022-08-04 17:12:50	2023-11-26 14:13:39	433 B	841 B	104.21.86.121
b-hls-01.doppiocdn.com	unknown	2022-02-16	2022-03-01 13:27:32	2023-11-14 17:37:43	4.0 kB	1.3 MB	104.18.63.134
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2023-11-27 08:01:03	700 B	1.9 kB	143.204.53.97
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2023-11-27 18:55:43	1.4 kB	1.3 kB	18.185.201.157
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-11-27 07:17:39	840 B	15 kB	142.250.74.106
b-hls-10.doppiocdn.com	unknown	2022-02-16	2022-03-01 19:59:37	2023-11-24 14:27:03	5.0 kB	985 kB	104.18.63.134
b-hls-12.doppiocdn.com	unknown	2022-02-16	2022-04-21 15:47:02	2023-11-24 16:55:23	10 kB	2.2 MB	104.18.63.134
circumstantialplatoon.com	unknown	unknown	No data	No data	15 kB	5.6 kB	173.233.137.52
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15 17:46:22	2023-11-27 20:32:59	3.5 kB	980 kB	172.64.108.10
displeaseddietstair.com	unknown	unknown	No data	No data	995 B	20 kB	173.233.137.44
go.bbrdbr.com	unknown	2022-07-05	2023-09-01 12:29:19	2023-11-27 20:57:13	5.8 kB	22 kB	104.18.59.150
grannyblowdos.com	unknown	unknown	No data	No data	482 B	467 B	192.243.61.227
adjusteddrug.com	unknown	unknown	No data	No data	2.8 kB	6.3 kB	192.243.59.12
cdn.yourwebbars.com	62037	2020-08-21	2021-01-29 18:47:27	2023-10-29 14:31:13	505 B	54 kB	104.26.6.19
de.hentai-gif-anime.com	unknown	2020-05-30	2020-06-06 17:42:06	2023-06-26 15:45:15	1.5 kB	7.7 kB	104.21.235.190
poweredby.jads.co	30525	2012-05-17	2019-12-04 11:34:12	2023-11-25 19:18:16	4.6 kB	17 kB	185.94.236.246
go.xxxviijmp.com	unknown	2021-06-22	2021-07-02 11:45:56	2023-11-25 11:40:47	436 B	447 B	104.18.59.150
superchat.live	88201	2016-06-30	2019-01-29 06:50:18	2023-11-25 21:58:59	434 B	445 B	104.18.63.130
b-hls-24.doppiocdn.com	unknown	2022-02-16	2022-03-01 19:04:00	2023-11-19 06:10:44	3.1 kB	1.3 MB	104.18.63.134
b-hls-02.doppiocdn.com	unknown	2022-02-16	2022-03-01 16:31:18	2023-11-20 01:17:37	2.6 kB	917 kB	104.18.63.134
static.hentai-gif-anime.com	738079	2020-05-30	2020-06-06 17:42:06	2023-06-28 22:29:06	16 kB	5.1 MB	104.21.235.190
compensationstout.com	unknown	unknown	No data	No data	2.8 kB	6.3 kB	192.243.59.20

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-27	medium	stealcurtainsdeeprooted.com	Sinkholed
2023-11-27	medium	stealcurtainsdeeprooted.com	Sinkholed
2023-11-27	medium	stealcurtainsdeeprooted.com	Sinkholed
2023-11-27	medium	stealcurtainsdeeprooted.com	Sinkholed
2023-11-27	medium	stealcurtainsdeeprooted.com	Sinkholed
2023-11-27	medium	stealcurtainsdeeprooted.com	Sinkholed
2023-11-27	medium	stealcurtainsdeeprooted.com	Sinkholed
2023-11-27	medium	stealcurtainsdeeprooted.com	Sinkholed
2023-11-27	medium	stealcurtainsdeeprooted.com	Sinkholed
2023-11-27	medium	displeaseddietstair.com	Sinkholed
2023-11-27	medium	circumstantialplatoon.com	Sinkholed
2023-11-27	medium	displeaseddietstair.com	Sinkholed
2023-11-27	medium	compensationstout.com	Sinkholed
2023-11-27	medium	grannyblowdos.com	Sinkholed
2023-11-27	medium	circumstantialplatoon.com	Sinkholed
2023-11-27	medium	respectableinjurefortunate.com	Sinkholed
2023-11-27	medium	mothwetcheater.com	Sinkholed
2023-11-27	medium	circumstantialplatoon.com	Sinkholed
2023-11-27	medium	compensationstout.com	Sinkholed
2023-11-27	medium	circumstantialplatoon.com	Sinkholed
2023-11-27	medium	adjusteddrug.com	Sinkholed
2023-11-27	medium	hundredshands.com	Sinkholed
2023-11-27	medium	circumstantialplatoon.com	Sinkholed
2023-11-27	medium	circumstantialplatoon.com	Sinkholed
2023-11-27	medium	circumstantialplatoon.com	Sinkholed
2023-11-27	medium	adjusteddrug.com	Sinkholed
2023-11-27	medium	hundredshands.com	Sinkholed
2023-11-27	medium	circumstantialplatoon.com	Sinkholed
2023-11-27	medium	circumstantialplatoon.com	Sinkholed
2023-11-27	medium	mothwetcheater.com	Sinkholed
2023-11-27	medium	mothwetcheater.com	Sinkholed
2023-11-27	medium	unseenreport.com	Sinkholed
2023-11-27	medium	unseenreport.com	Sinkholed
2023-11-27	medium	mothwetcheater.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (51)

	URL	From	Size	First Seen	Last Seen
	de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/	ScriptElement	340 B	2023-07-04	2024-08-20
Pretty URL de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/ IP 104.21.235.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-04 03:54 Last Seen2024-08-20 17:40 Times Seen5 Hash c3023f1a2cdfa274a8131b0d44680adf 94a66b42213953e45bd6c0ee782c4cb1b50d6be9 7f370a250339f3dba56aac226f23c1e09cdd4fd0fba92a76444c2c0a41d04374 Loading...

	poweredby.jads.co/adshow.php?adzone=818804	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL poweredby.jads.co/adshow.php?adzone=818804 IP 185.94.236.246 ASN #42567 Mojohost B.v. Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 18:51 Times Seen4656644 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/	ScriptElement	341 B	2023-07-04	2024-08-20
Pretty URL de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/ IP 104.21.235.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-04 03:54 Last Seen2024-08-20 17:40 Times Seen5 Hash ac6fe6353072f92c0f1b0062b8b1820c 469facc2cfe5698f2d3920c20428810a845ba9e7 a4b4405c657b53959638db8d441c8771aad22c7f992419476d3510a8dec91991 Loading...

	poweredby.jads.co/js/jads.js	ScriptElement	3.8 kB	2023-03-07	2025-04-02
Pretty URL poweredby.jads.co/js/jads.js IP 185.94.236.246 ASN #42567 Mojohost B.v. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-04-02 23:24 Times Seen2022 Hash bc8141c4650030c41f6a98026b12ce80 af5618f7e467a207d4c64627be580283ab5640cd 5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51 Loading...

	creative.bbrdbr.com/widgets/v4/Universal/main.672e6e87c69b0c60653e.js	ScriptElement	282 kB	2023-11-23	2023-12-05
Pretty URL creative.bbrdbr.com/widgets/v4/Universal/main.672e6e87c69b0c60653e.js IP 104.18.59.150 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-23 16:50 Last Seen2023-12-05 12:59 Times Seen245 Hash 149fd3a87101adfb731800f02f11e73b 9a9a0f6f14028d913e63fc012a80378a5c4d5896 420332e58487b55b58db2c2edbe69162c5d23170061d16addce87762ef224f4b Loading...

	unknown	ScriptElement	145 B	2023-07-04	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-04 03:54 Last Seen2024-08-20 17:40 Times Seen4 Hash 19ccb28cff572ba1f50c3f3fea6a8bbe 1221c7c1f8ff355239cdc5293e71c0082d6e8aa2 6007c71690bee248e9d2f50cd4620c19c387566df8dc3a82f952336c212dadf2 Loading...

	de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/	ScriptElement	401 B	2023-07-04	2024-08-20
Pretty URL de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/ IP 104.21.235.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-04 03:54 Last Seen2024-08-20 17:40 Times Seen5 Hash e2e0adc295317bdef9a9484586ba2028 26cd59508c62925a50640568829e4ba6224f1a05 ece088af4bdb7e010a503aa63c020f4b750b3ce06f886d5eb3134a317e5d8771 Loading...

	unknown	ScriptElement	21 kB	2023-11-28	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 00:02 Last Seen2024-08-20 17:40 Times Seen2 Hash 9a3a7495bc0d797af81ed932da65450c a223ec3a120aacb6315f47207a4318a70a3dd1a2 1e5fe3c5966d6a95a0542d34f18114670e8191769edcbabc442642af4de2b647 Loading...

	de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/	ScriptElement	63 B	2023-07-04	2024-08-20
Pretty URL de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/ IP 104.21.235.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-04 03:54 Last Seen2024-08-20 17:40 Times Seen5 Hash c84ddc3cb2b164e739961868c0501885 88507ad3cea3c16d6b52dec2295744cf2b28b993 15c0aaf7d96324047bbf3bf39a29830f1b5f3c3642e33d03f74dd51644a29371 Loading...

	stealcurtainsdeeprooted.com/b8b73dce4dd569d1ae1f0e0c576ef179/invoke.js	ScriptElement	25 kB	2023-11-28	2023-11-28
Pretty URL stealcurtainsdeeprooted.com/b8b73dce4dd569d1ae1f0e0c576ef179/invoke.js IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 00:02 Last Seen2023-11-28 00:02 Times Seen1 Hash 10258de2239704689c151e4f63c7a447 3c8b9b7ba1168693f15e13dc63e3d6316008bef6 b3dccb45cf47dbb4686cb9e323b334857365f61619122c2c32648ba1ea1ca44c Loading...

	stealcurtainsdeeprooted.com/b8b73dce4dd569d1ae1f0e0c576ef179/invoke.js	ScriptElement	25 kB	2023-11-28	2023-11-28
Pretty URL stealcurtainsdeeprooted.com/b8b73dce4dd569d1ae1f0e0c576ef179/invoke.js IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 00:02 Last Seen2023-11-28 00:02 Times Seen1 Hash 494787384874b22243f2199bcf1187a2 aa5009725fa1693b73a49ba477c395073a7d3650 ec9eb78aa632b04635f7c8cafae52dcfd8565b619ad3364497c0613e2ae4b9e3 Loading...

	creative.bbrdbr.com/widgets/v4/Universal/hls.4cfa5b780bfed20a8b26.js	ScriptElement	61 B	2023-03-14	2025-03-26
Pretty URL creative.bbrdbr.com/widgets/v4/Universal/hls.4cfa5b780bfed20a8b26.js IP 104.18.59.150 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 06:30 Last Seen2025-03-26 07:32 Times Seen2403 Hash 22f22b49cc901aa95826401f7ce0930c 6471abdd35ab6d511b67d73ad1375f1ee0f255de 0fae8b03858a764bad3e9af19bfc924ead5b9e25c760432c19e91cba3dff1cf3 Loading...

	unknown	DomTimer	9 B	2023-03-07	2025-05-11
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 18:07 Times Seen20257 Hash 5e543256c480ac577d30f76f9120eb74 d5d4cd07616a542891b7ec2d0257b3a24b69856e eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c Loading...

	de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/	ScriptElement	346 B	2023-11-28	2024-08-20
Pretty URL de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/ IP 104.21.235.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-28 00:02 Last Seen2024-08-20 17:40 Times Seen2 Hash 50d52655bbe9e1e8c080beee0be691a7 d5766e76b2a4cfc4c869a62575bb7fdb923dbc0a bedd80105fd2ae60e2963c8eebbcedc16eb28d9365e73d3bc2da3ef3fa3ff211 Loading...

	poweredby.jads.co/js/jfc.js	ScriptElement	6.8 kB	2023-03-07	2025-02-19
Pretty URL poweredby.jads.co/js/jfc.js IP 185.94.236.246 ASN #42567 Mojohost B.v. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05 Last Seen2025-02-19 04:42 Times Seen76 Hash eabb2115947699ca1e6255ebc3214e19 13b32dd270c7eeea684434c7d57a9f4e6008774d a9556daf36123f66aa90903d1cb88d2ea3c5b74492b5c74b3b9fe53d2c909953 Loading...

	unknown	ScriptElement	3.8 kB	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:40 Last Seen2024-08-20 17:40 Times Seen1 Hash e305288efab5ac4d39e7364a5bffb949 a071f4141133d8d9a21b0586255fe71fd7fd672c 0e24faddb1ff20f993c81f3f7fb8e8e78f280de9891fdd3f2675d605e7f1e88b Loading...

	unknown	ScriptElement	3.4 kB	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:40 Last Seen2024-08-20 17:40 Times Seen1 Hash 3dbe98a8b10aead55f9dfcaf5a0a6a16 2f64a29d4273ea2e185fbc01508d4529dd5e94dc d6af9b5ccdfbcc8f1ff29e0f2e43309643492149de6af84e9c7e045cf53eb18d Loading...

	de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/	ScriptElement	346 B	2024-08-20	2024-08-20
Pretty URL de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/ IP 104.21.235.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:40 Last Seen2024-08-20 17:40 Times Seen1 Hash 65c3069ded00f6db7ebcefa9a5aadb8d 3e4f0ab9538afa687e1afd2e78c6af1f0d999eaf cc49db2f2482d8847a43c6f66e4ebde2ba43fe61ade4f00c8ef8310fbe8c1689 Loading...

	unknown	ScriptElement	3.8 kB	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:40 Last Seen2024-08-20 17:40 Times Seen1 Hash 33552195d17e84181d093893b6a3941b a41e81087cdecb4497ff37ceb462d6cb9741b94b 87697bb5d00d46e60d1bfff17e742ff6b4bf92efa65dde5f0420794046cbc84d Loading...

	unknown	ScriptElement	145 B	2023-11-28	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 00:02 Last Seen2024-08-20 17:40 Times Seen5 Hash 4b7c41cb3174de28446d429abc27f474 8de8913b9c1a1c45d946b9c1743d1b6ece651c33 2fbcd9f606b5eebaf053bf7a51d8672c0bb6aadf879a03c871d6785f1c001147 Loading...

	cdn.creative-bars1.com/sb/interstitial/games/hentai-heroes/adult/5/js/jquery-3.3.1.min.js	ScriptElement	87 kB	2023-03-07	2025-05-11
Pretty URL cdn.creative-bars1.com/sb/interstitial/games/hentai-heroes/adult/5/js/jquery-3.3.1.min.js IP 172.64.108.10 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 18:44 Times Seen57573 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/	ScriptElement	63 B	2023-07-04	2024-08-20
Pretty URL de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/ IP 104.21.235.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-04 03:54 Last Seen2024-08-20 17:40 Times Seen5 Hash 3a535e0a64b93c75defd171fedf76255 242872feb319fc2283d0f5025f00e9677aa25aa2 ac573fb17c8f89c5adf7f92185846c50fa6a27184a1b6da6165ba2217aa86d04 Loading...

	stealcurtainsdeeprooted.com/5b/da/a2/5bdaa2a05be747d86f4b99c1bcc4cd6c.js	ScriptElement	62 kB	2023-11-28	2023-11-28
Pretty URL stealcurtainsdeeprooted.com/5b/da/a2/5bdaa2a05be747d86f4b99c1bcc4cd6c.js IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 00:02 Last Seen2023-11-28 00:02 Times Seen1 Hash f3d9c79033e409ea10b987d5fc126c8c 595ee30e02ba3b2bea8d4d55ddc4204b9a164d15 e310fb4d94430e8a537892e6c8e4e19b0d78e5ff49767c1052f30526654d8255 Loading...

	unknown	ScriptElement	3.4 kB	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:40 Last Seen2024-08-20 17:40 Times Seen1 Hash daccf692298f671ecd9ebf94b32cc2c0 3058750cd5868845a606c2c8e7e7e2bf80090094 b7c9cdae80d56831ef634c8eefc3eb121cfd0c2e80b1e143666808d218765cbf Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5T2WNRK	ScriptElement	201 kB	2023-11-28	2023-11-28
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5T2WNRK IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 00:02 Last Seen2023-11-28 00:02 Times Seen1 Hash d27be25c7f6657469d78e2ad8cc473f5 458e178fda75266e46136eb0f5a501f488741748 b33573424b79de989167bba4440d037d681874876cbb03f368876dd4deb48c2e Loading...

	de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/	ScriptElement	737 B	2024-08-20	2024-08-20
Pretty URL de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/ IP 104.21.235.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:40 Last Seen2024-08-20 17:40 Times Seen1 Hash adc6c5876ba8c4e1bbf72872c038729e 7465f24798978fb8a1d2a77444e4b1d377a1085d 987d66480abce7ce1546cebc8d576c5a438f41954e78807bb9f3617c4ec6f087 Loading...

	stealcurtainsdeeprooted.com/466a4a49f3d5ab80a19d25d71d1aea47/invoke.js	ScriptElement	30 kB	2023-11-28	2023-11-28
Pretty URL stealcurtainsdeeprooted.com/466a4a49f3d5ab80a19d25d71d1aea47/invoke.js IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 00:02 Last Seen2023-11-28 07:29 Times Seen3 Hash 4b6055bee68be362eca2b757a429e675 7f09243fdf24cded56cac593cb3160894cc9f026 5e824d55de1361bf2417d751df05f852d9976d0d81cc9f752badcb7a423f5294 Loading...

	de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/	ScriptElement	679 B	2024-08-20	2024-08-20
Pretty URL de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/ IP 104.21.235.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:40 Last Seen2024-08-20 17:40 Times Seen1 Hash c8d0a4dea68e391425db07e56b4b15f3 60b8be8f3fc93b649679a741884f7a74a39b0109 c150e49f9b5df460d88402795e3a68a2e7eb91f1f501c1c2902815fc73689d14 Loading...

	stealcurtainsdeeprooted.com/b8b73dce4dd569d1ae1f0e0c576ef179/invoke.js	ScriptElement	25 kB	2023-11-28	2023-11-28
Pretty URL stealcurtainsdeeprooted.com/b8b73dce4dd569d1ae1f0e0c576ef179/invoke.js IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 00:02 Last Seen2023-11-28 00:02 Times Seen1 Hash 7677155bfe3f0fa65a393f601b5304ec eafe9593bb6110d0d1ece731647f74e66ddb1ac8 8a2ea25f074fb93be199ae4e0d01660fed82156988a421d51f0dc72a246756ec Loading...

	stealcurtainsdeeprooted.com/466a4a49f3d5ab80a19d25d71d1aea47/invoke.js	ScriptElement	30 kB	2023-11-27	2023-11-28
Pretty URL stealcurtainsdeeprooted.com/466a4a49f3d5ab80a19d25d71d1aea47/invoke.js IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-27 19:20 Last Seen2023-11-28 00:02 Times Seen2 Hash 3329152d96991e7a5607549a24affd54 ec7c0343733193df24a59c76067e55a7f7935a8f 4f86c0353f9c156aa127cdae968be295d29d4eabdd9ddf71905546fea2ee8bae Loading...

	stealcurtainsdeeprooted.com/bf/3a/3a/bf3a3af4dd0c8d985f1accd648d117c1.js	ScriptElement	43 kB	2023-11-28	2023-11-28
Pretty URL stealcurtainsdeeprooted.com/bf/3a/3a/bf3a3af4dd0c8d985f1accd648d117c1.js IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 00:02 Last Seen2023-11-28 00:02 Times Seen1 Hash 3c38e38de1919768118306556f155597 599a9c12a28510a0f1eb27f58c66b4ff8e0b8644 1f51e8e383a6a08edb388308fa69ca013a7101ff29865b374c7c96ae4e62f43c Loading...

	creative.bbrdbr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js	ScriptElement	178 kB	2023-09-06	2024-08-21
Pretty URL creative.bbrdbr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js IP 104.18.59.150 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-06 18:01 Last Seen2024-08-21 07:23 Times Seen659 Hash 4a1e862a348e6713dfcce18e9cda2f42 47bed78ef29844bec68da443a6b0add48936b61b b3b83266dde6fa2870ddc1cc812233d8baa03727cd4d65733ed5ee7a4fbb4490 Loading...

	de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/	ScriptElement	689 B	2024-08-20	2024-08-20
Pretty URL de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/ IP 104.21.235.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:40 Last Seen2024-08-20 17:40 Times Seen1 Hash 5e0b909303531d37c474697165b57303 f043a9b6e4294603995fc1feccdaf06a1a23884a 5e355b373f3c9330ca9cc19f086e61034d7bba22f0d4ac80d4c2028885c544e8 Loading...

	static.hentai-gif-anime.com/js/common/jquery-2.2.4.min.js	ScriptElement	86 kB	2023-03-07	2025-05-11
Pretty URL static.hentai-gif-anime.com/js/common/jquery-2.2.4.min.js IP 104.21.235.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 18:37 Times Seen174147 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	friendshipmale.com/sfp.js	ScriptElement	86 kB	2023-11-23	2024-08-20
Pretty URL friendshipmale.com/sfp.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-23 18:35 Last Seen2024-08-20 18:08 Times Seen6307 Hash 924e967bca1d599992556a8d139b1c5a 222b09dbf164ddc03d39100fd0524a22018d28b2 ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95 Loading...

	unknown	ScriptElement	196 B	2023-11-28	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 00:02 Last Seen2024-08-20 17:40 Times Seen5 Hash f38655ee98cf7f68ed29c8145877d95b 33d0e131880aff3ae0926accd8f703341e473571 7cc392b9963f05fc5a33f7642517b59106e98f7bbbaca4c795a845790c28dc7f Loading...

	stealcurtainsdeeprooted.com/c56a3a0d78064cdb8bd27f6995fe3f3a/invoke.js	ScriptElement	30 kB	2023-11-28	2023-11-28
Pretty URL stealcurtainsdeeprooted.com/c56a3a0d78064cdb8bd27f6995fe3f3a/invoke.js IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 00:02 Last Seen2023-11-28 00:02 Times Seen1 Hash 93cee2371498140f7ccdb4baf079d8da dee5dc7ce8ce6a20adcd1434b4ba3660c8f88a43 2424fa4f0b41fad0ef7270755ec819a9a88fc2f0dd8528fd423da3bd904416bb Loading...

	de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/	ScriptElement	24 B	2023-07-04	2024-08-20
Pretty URL de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/ IP 104.21.235.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-04 03:54 Last Seen2024-08-20 17:40 Times Seen5 Hash df90b5c1ebcf568e10d716521f14cf66 3b349933c7d823c5778dbd6ef099d167afaa730e 56ecd8a2c6a480b868568517c9397b552f93ebbf58a6fa5f75e946240cddaad8 Loading...

	static.hentai-gif-anime.com/js/common/jquery.lazyload.min.js	ScriptElement	3.4 kB	2023-03-07	2025-05-10
Pretty URL static.hentai-gif-anime.com/js/common/jquery.lazyload.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:04 Last Seen2025-05-10 13:42 Times Seen1309 Hash 5c01d7aff077b4ed0804b71c2e3ab4a1 56b4c94cff0d5fdfca579eac85da28a767607644 80351098c2478918bb80008d7836499305bf6f4d4b2abf742b8823255bbb0d8e Loading...

	de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/	ScriptElement	450 B	2023-07-04	2024-08-20
Pretty URL de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/ IP 104.21.235.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-04 03:54 Last Seen2024-08-20 17:40 Times Seen4 Hash 0003f23bb5aefe28c13e15f67d394363 c46815c48642a8a8819473c6c4391d4a5958bdd2 94066ef20d375db8b37daf7c65769a1c1c0e2e5276563bfa2d35102f88782ab0 Loading...

	static.hentai-gif-anime.com/js/pc/default/init.js?t=20170430	ScriptElement	83 B	2023-03-08	2024-08-21
Pretty URL static.hentai-gif-anime.com/js/pc/default/init.js?t=20170430 IP 104.21.235.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:47 Last Seen2024-08-21 08:35 Times Seen60 Hash bdcf1b85c383e21e8200c806447402f3 a09f26d588d18aaf3ebf37177270e74255a61f10 8bc58db2b1a5ef5f7564afb9b7a0ded88c285b383534a51072eb2b076633e8f9 Loading...

	r.trackwilltrk.com/s1/9fc291e8-531f-4fe2-a356-73d597ec7033?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=121604&cv4=229375&cv5=818804&cv6=	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL r.trackwilltrk.com/s1/9fc291e8-531f-4fe2-a356-73d597ec7033?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=121604&cv4=229375&cv5=818804&cv6= IP 45.131.147.145 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 18:51 Times Seen4656644 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	stealcurtainsdeeprooted.com/c56a3a0d78064cdb8bd27f6995fe3f3a/invoke.js	ScriptElement	30 kB	2023-11-28	2023-11-28
Pretty URL stealcurtainsdeeprooted.com/c56a3a0d78064cdb8bd27f6995fe3f3a/invoke.js IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 00:02 Last Seen2023-11-28 00:02 Times Seen1 Hash aab8eaf7fab8f8a727380a9fe414535d ead4b80ef36042040a5ef0478b66a636a2d2bade de2a55b420244fc3381b2128fef09556300853c9efa8b231139b83caa966528f Loading...

	banquetunarmedgrater.com/advertisers.js	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL banquetunarmedgrater.com/advertisers.js IP 104.21.86.121 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 18:51 Times Seen4656644 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtag/js?id=G-W7HH4WJX2S&l=dataLayer&cx=c	ScriptElement	246 kB	2023-11-28	2023-11-28
Pretty URL www.googletagmanager.com/gtag/js?id=G-W7HH4WJX2S&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 00:02 Last Seen2023-11-28 00:02 Times Seen1 Hash f30850b42d1d5ae4b0ebd28fd08065ec 46164888bf08aa384ae92df8382111d5aa0005fd 8cc3500e30607d696cfc4ba3c3a7944c9af171ab5216f28230fd7a09f58447a1 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9672bcab20601f573cb3bd1e1a468980	2.1 kB	2024-08-20 17:40	2024-08-20 17:40
Pretty Observations First Seen2024-08-20 17:40 Last Seen2024-08-20 17:40 Times Seen1 Hash 9672bcab20601f573cb3bd1e1a468980 cc8e51f9d60d7cd2e7bf55239b3740b0570a76cc ced3bc2a8b14e4446018af03577569344274ccdc6d91e029f5e8e11391936cb3 Loading...

	#2 Eval - bd8a22fa670d2089ae06117d8423e865	2.1 kB	2024-08-20 17:40	2024-08-20 17:40
Pretty Observations First Seen2024-08-20 17:40 Last Seen2024-08-20 17:40 Times Seen1 Hash bd8a22fa670d2089ae06117d8423e865 2b945e12262ca4d56bddaa0856e3abbbb8155410 efac2125b7f0c4545a76e7e3c4f783264cd8700962e5c3917e5bf74bf2b0fc3e Loading...

	#3 Eval - c81ed1d83166cf0366aded54b8dcc39d	2.1 kB	2024-08-20 17:40	2024-08-20 17:40
Pretty Observations First Seen2024-08-20 17:40 Last Seen2024-08-20 17:40 Times Seen1 Hash c81ed1d83166cf0366aded54b8dcc39d e2b7b1a6fb55ea27c44c6274e21d0131151ca760 a2c242dce0ad79f24d9fe2e89e0c4a1feea9a639108c1038006f9c5a1b184578 Loading...

	#4 Eval - cbc3a0e237ea05b067633e54eaf12800	2.1 kB	2024-08-20 17:40	2024-08-20 17:40
Pretty Observations First Seen2024-08-20 17:40 Last Seen2024-08-20 17:40 Times Seen1 Hash cbc3a0e237ea05b067633e54eaf12800 b3464c72194ec1a261dfc051055298f81f74f94d 57d117fa72c51cd320fc5eb5cd5f1b80790a463b9f048181ee7493809b35dbd7 Loading...

		Size	First Seen	Last Seen
	#1 Write - 888aaacbe5794aa5cacec19ed4d26778	125 B	2023-11-28 00:02	2024-08-20 17:40
Pretty Observations First Seen2023-11-28 00:02 Last Seen2024-08-20 17:40 Times Seen2 Hash 888aaacbe5794aa5cacec19ed4d26778 f69915786f7de99c1553f7a14333eb45851f6460 9f8521746a8c2c03b4b55fc132dc143daf1acd0913ca08319b468d9213dacd75 Loading...

	#2 Write - 9936d31bc979e96c816a891112e168e6	125 B	2024-08-20 17:40	2024-08-20 17:40
Pretty Observations First Seen2024-08-20 17:40 Last Seen2024-08-20 17:40 Times Seen1 Hash 9936d31bc979e96c816a891112e168e6 24c12e4e43c06653314189ae0136d5df04fbfb04 5684b8f6a70c569d18ff739c56185072b7cc09b004d3b7062944d8daa59e6b92 Loading...

HTTP Transactions (184)

URL IP Response Size

static.hentai-gif-anime.com/img/common/flag/zh.gif

104.21.235.190

743 B

URL
static.hentai-gif-anime.com/img/common/flag/zh.gif
IP
104.21.235.190:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 87a, 50 x 33\012- data
Size
743 B (743 bytes)
Hash
5763f939a9e7b54e13997f2d74265e56
eebd3d13ce05866893a86f0a08c5426e8b5f5187
605bc30e975b4b4ea8ca03b3d423d55d9a582a7894bd47107db58e887a95211d

HTTP Headers

GET /img/common/flag/zh.gif HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: image/gif
content-length: 743
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: "65471322-2e7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 504925
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jGsDUeeCfVhSvE%2BfYfF4VQxukxikbQ6YIF2919p3SXQI%2FHDbT5uiGSTvUw7qHUPuPN5XVXJbMAL5EW8OSHGY9hMe13bEPu7J7MrBsNsfaT757Dbu2cq6MJOUuQKZMzPjO%2Fxs8tI8JkUvmMU1nxU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfed4bb1d70f9-HEL
alt-svc: h3=":443"; ma=86400

static.hentai-gif-anime.com/img/common/flag/id.gif

104.21.235.190

303 B

URL
static.hentai-gif-anime.com/img/common/flag/id.gif
IP
104.21.235.190:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 87a, 50 x 33\012- data
Size
303 B (303 bytes)
Hash
87e8ae0f9d667be54bb35cc6d95f5dce
cf7cc9f3f5caa7495d41cc5a45a2e754181847f7
a74faa32d47b6edffdddcd50c26e9678f4867b7cfa314c4ab0d0130a50513c1e

HTTP Headers

GET /img/common/flag/id.gif HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: image/gif
content-length: 303
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: "65471322-12f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 404903
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PEoUm1hQ6aCVuFMcaiotm8E4lt9kURG9u85g0xLCc0Qx5yYNjuZHJUwLE7OgvZVVLsbf0ZimxWgfkuFF%2FJLVoYaOsBl3mYSAF9kQagIxA4wDj09jGlOVyucPQ1wcxazRcJzr82sq8EhMoyCwmXw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfed4bb2570f9-HEL
alt-svc: h3=":443"; ma=86400

static.hentai-gif-anime.com/img/common/flag/de.gif

104.21.235.190

315 B

URL
static.hentai-gif-anime.com/img/common/flag/de.gif
IP
104.21.235.190:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 87a, 50 x 30\012- data
Size
315 B (315 bytes)
Hash
b5f1834976932223f4eceb4ebe1263bc
75f99653385ba646f06441b8794e0c5bb6f9ec71
1555657d93aaab5a01449521300b72822b3db46909d84285d102725c45de3234

HTTP Headers

GET /img/common/flag/de.gif HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: image/gif
content-length: 315
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: "65471322-13b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 499062
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awPf%2BQipllQgTJhh%2F4qAZ%2BHyovvmJGeykIO7Se4Dxd19yarxRNKK0wA1tpERiH1GqfgNB%2Bn8zJPx0mpqiclpLns6jrIDDXQias160DV4Ho9ZAfub1riQB7qOZSjdYfZpZudSUz8UKUhdCyflHjE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfed4bb1770f9-HEL
alt-svc: h3=":443"; ma=86400

static.hentai-gif-anime.com/img/common/flag/fr.gif

104.21.235.190

525 B

URL
static.hentai-gif-anime.com/img/common/flag/fr.gif
IP
104.21.235.190:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 87a, 50 x 33\012- data
Size
525 B (525 bytes)
Hash
751bfc9753e8ec32b2af6273c44025ce
513a7ace4670aedc494fafda5a04a6f5f101a60b
7679445cf6d488364207be74a6d2c971fc10fede333050fc6745bf07fe236b59

HTTP Headers

GET /img/common/flag/fr.gif HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: image/gif
content-length: 525
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: "65471322-20d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 8129
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSSb5E3eQta3BRMyDWdsaZp4pVoOLzGNgh8yEBqQkdCkotQcm5dkLCFtBqxOJvQEryQhq8Ln%2FS8jekgv1bBFnh8551ZG7rGTDvWM4oaaJ1SODE%2FXYDompaSud5H9SxBYSCPICCCJr2nB98ccH5I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfed4bb1570f9-HEL
alt-svc: h3=":443"; ma=86400

static.hentai-gif-anime.com/img/common/flag/en.gif

104.21.235.190

1.4 kB

URL
static.hentai-gif-anime.com/img/common/flag/en.gif
IP
104.21.235.190:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 87a, 50 x 26\012- data
Size
1.4 kB (1393 bytes)
Hash
614f51d8a552e93ab1a8d34e693b69f4
0ad32db920908f958f6c07167896091e44d5edee
eb820f959f75beecebc6e1319c2c774a830c8622a80048de1b0ba0ef2b2e2b25

HTTP Headers

GET /img/common/flag/en.gif HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: image/gif
content-length: 1393
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: "65471322-571"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 336725
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jyv%2FRFS9MyUhtNqPYNZFvPhxH3Yy9Sksq%2BJHAt6KJ5D94Ndk%2B5NAov8UThs%2BoU3zdoQyZ3Lcdg8YmG7cQg%2BJW1J%2FWyrnLEBwZ7S4cHuB1oIIHyiZukUQkCrLyCrLo2C%2FMIcKEN9gc4OK7zO9CBo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfed4bb1270f9-HEL
alt-svc: h3=":443"; ma=86400

static.hentai-gif-anime.com/img/common/flag/ru.gif

104.21.235.190

468 B

URL
static.hentai-gif-anime.com/img/common/flag/ru.gif
IP
104.21.235.190:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 87a, 50 x 33\012- data
Size
468 B (468 bytes)
Hash
f4ceb928d7944860271f172b9a5a2df0
92b056a3c2426d7aef8b740ed2725b6f4fd52f40
6ca184b5dd2ff659ee4e354c3c2bc57b0ba45fb9f2e6c86cbc922f681d45fc16

HTTP Headers

GET /img/common/flag/ru.gif HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: image/gif
content-length: 468
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: "65471322-1d4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 416292
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2Iw4Lczpe%2BzRTUyp6ZirH1e6TjhYd1ZPb2ONiml%2FuV6j02Wej04ToFeTj%2BzkiPRbig1GIRZtWYro9TVT7bpUsBm9exrkY3UGHjWob40Y3NlylCm3M4mx1zeJDzCsctPupdKMqrF%2FomPclwSOyo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfed4bb1a70f9-HEL
alt-svc: h3=":443"; ma=86400

static.hentai-gif-anime.com/img/common/flag/ja.gif

104.21.235.190

474 B

URL
static.hentai-gif-anime.com/img/common/flag/ja.gif
IP
104.21.235.190:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 87a, 50 x 33\012- data
Size
474 B (474 bytes)
Hash
fc232c3a98b41d61cdecfe025b2d44d8
b5aa1202d489ce8e6ca37dac67baf495d5dd4c07
5a728d100e5b50ce85986a7408725740db27682433c29c221dc2764480eb2078

HTTP Headers

GET /img/common/flag/ja.gif HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: image/gif
content-length: 474
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: "65471322-1da"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 409813
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGTRpmFUVMp8Pr7gkW%2FpqbmDM0DC2z939%2BcjiY48Bg3jPi4mzi6lGpxRkNLFiZGFVeHHDLKklZAIy0%2Fkf89JBgoQMdtuD3zk3Ab4jmJqEOzX%2FZcrehWJ6o7nGqCHyzno80IzHysZxX7CvlZSgX0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfed4bb1070f9-HEL
alt-svc: h3=":443"; ma=86400

static.hentai-gif-anime.com/img/common/flag/ko.gif

104.21.235.190

200 OK

1.3 kB

URL GET HTTP/3
static.hentai-gif-anime.com/img/common/flag/ko.gif
IP
104.21.235.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:F5:E5:EA:61:30:D5:1C:EF:D7:18:ED:EC:FC:32:D2:89:CC:04:BE
ValidityMon, 27 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
GIF image data, version 87a, 50 x 33\012- data
Size
1.3 kB (1335 bytes)
Hash
3db4f525bfa45626a782be27c91435e9
3734ee66a9cd2a9ece15561dd05f9c5aabafd702
621054d86125ef3c436d6126e7be35f29ea4349cda904516ed1259b73c9cd1d8

HTTP Headers

GET /img/common/flag/ko.gif HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: image/gif
content-length: 1335
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: "65471322-537"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 404903
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CaUgRGJVGKCCfdMhxDItOA07lboh8snioB%2B5cFNbzXVWqfLMHAiF5bJzYgaZ3lUE6ejlqteKP5xAmwxAAiVjOVtllWoOwcMI4DkIN1iyVjPFZ0B1vKleewl4O04CfGswmgAfmXValXfka0%2FTJZI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfed4bb1f70f9-HEL
alt-svc: h3=":443"; ma=86400

static.hentai-gif-anime.com/img/common/flag/es.gif

104.21.235.190

200 OK

1.3 kB

URL GET HTTP/3
static.hentai-gif-anime.com/img/common/flag/es.gif
IP
104.21.235.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:F5:E5:EA:61:30:D5:1C:EF:D7:18:ED:EC:FC:32:D2:89:CC:04:BE
ValidityMon, 27 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
GIF image data, version 87a, 50 x 33\012- data
Size
1.3 kB (1335 bytes)
Hash
b78318d1bbe6b11d049e3491a7066ba7
9f2ff64dc88431ee0e7fce5ebd1ba25aa923407b
bf158833191c774ea8b2aeaab4e7ae605537ebe32fe79323139b47808ab84ace

HTTP Headers

GET /img/common/flag/es.gif HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: image/gif
content-length: 1335
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: "65471322-537"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 7988
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UncPUfxsunifDmgAaGfYJFWoEe8n5n1k%2B66UhMfpnMR2yxAzIfiBcjkx5V%2FADZeXD6SjY4uxkZPYjcUwQmN4fgeFGOeB4b871UbkEpdK5UUl9pEAUWiDRpKG%2B%2F8afsn11PsnyEEhlxgjPENIETc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfed4bb2270f9-HEL
alt-svc: h3=":443"; ma=86400

static.hentai-gif-anime.com/img/common/flag/th.gif

104.21.235.190

200 OK

489 B

URL GET HTTP/3
static.hentai-gif-anime.com/img/common/flag/th.gif
IP
104.21.235.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:F5:E5:EA:61:30:D5:1C:EF:D7:18:ED:EC:FC:32:D2:89:CC:04:BE
ValidityMon, 27 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
GIF image data, version 87a, 50 x 33\012- data
Size
489 B (489 bytes)
Hash
dade310281854f06b5d86e2bda6a195a
b1ef80054727ee2e6bb6f5064ebe967df29140a5
3a8f0d75a21c4ee76195ec2b853f843f4f3e3448302b09d3e7f3571f0d432e60

HTTP Headers

GET /img/common/flag/th.gif HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: image/gif
content-length: 489
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: "65471322-1e9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 421126
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttZ%2BRRyJs9truBoJ%2F%2FbaNaMalswZiAa6O5rd4XNfHn7MXyYtnRCH56aRKmaje2NNdxqHwWdcsMaAfFvJqaxXDOSU%2BnDUtiLcmLyEUy%2FSiPC97MUrkin5nZ3wemWYs838rqmprf4Xejglg8NcN9s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfed4bb2970f9-HEL
alt-svc: h3=":443"; ma=86400

de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/

104.21.235.190

6.1 kB

URL
de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
IP
104.21.235.190:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (448)
Size
6.1 kB (6061 bytes)
Hash
030c23758d3dd3676f04d9ead814c801
21b4f4aa7e5f0bbcea172cab5789b9fc1be855dc
790f379c73be915c27e2f19e70c1bc23dcac4a81f4f94e4a9050adfe51e795b6

HTTP Headers

GET /image/kagaku-na-yatsura-gifs-47/ HTTP/1.1
Host: de.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, User-Agent
set-cookie: previous_detail=106002; path=/
adsense=pc-interstitial%3D20231128080151; expires=Wed, 27-Dec-2023 23:01:51 GMT; Max-Age=2592000; path=/; domain=.hentai-gif-anime.com
pvcla=1; path=/
fastcgi-cache: BYPASS
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4Hs712Qdeu1T8or2TNG3DaOeS0%2F%2F%2FyYntHvLjYk8%2B3BJNEZTPC9c6pVQGEe%2FlOgnTjuFP04YcTR4kyy3BDc6Ny5cSiaTffB4MeWnfUCLRsyy3CS4Xln3Pz2KAYYt3BjVClvYi1lVwwgmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82cdfed1aca64e1b-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.hentai-gif-anime.com/img/common/social/google_plus.png

104.21.235.190

200 OK

966 B

URL GET HTTP/3
static.hentai-gif-anime.com/img/common/social/google_plus.png
IP
104.21.235.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:F5:E5:EA:61:30:D5:1C:EF:D7:18:ED:EC:FC:32:D2:89:CC:04:BE
ValidityMon, 27 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
966 B (966 bytes)
Hash
9eba4fde04295dbb4fe02beb5e72f2b0
90f4570d583a97bf2893d1bfa293daefae6084bb
4e3100d1d100105cfd2fadc475c9d3a5d82cff77acf877a1e7d8cca502fc35a6

HTTP Headers

GET /img/common/social/google_plus.png HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: image/png
content-length: 966
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: "65471322-3c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 499063
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PatsqKHPVXwz1IgL%2F%2BMj6nub%2BJBrxLLeAFOSbvEWNJaT6Dan03sDdqBOzoBdJ5CljQP8RScI3BQMSK%2B5yoGEp%2By23rZ2ImvbowYGFqFGWNf1EZvy8krw%2BTvZHaDVKw97VViv0PLm8RjB5xvX%2FxM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfed4bb2e70f9-HEL
alt-svc: h3=":443"; ma=86400

static.hentai-gif-anime.com/img/common/social/google.jpg

104.21.235.190

200 OK

2.9 kB

URL GET HTTP/3
static.hentai-gif-anime.com/img/common/social/google.jpg
IP
104.21.235.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:F5:E5:EA:61:30:D5:1C:EF:D7:18:ED:EC:FC:32:D2:89:CC:04:BE
ValidityMon, 27 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 64x64, components 3\012- data
Size
2.9 kB (2860 bytes)
Hash
d03da4d5a755fafa79537809171d7745
a7d6e98bdce5e7d001806d64e1f7b9740ce56b41
3e434c6b6bf79dd1df0166a0acfd4faeab551cdc02e240e76bb82e9aaaef97c1

HTTP Headers

GET /img/common/social/google.jpg HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: image/jpeg
content-length: 2860
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: "65471322-b2c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 504926
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMzieWVxkWyGISK%2FpQCL0SrIJhJvs49OTPjX9s4QTW2QYfDh8yO7MiuVTOy%2B7yOQhBeDUpqwoGTl%2BAzPNGFfFKfsKGI2Jh3UmXsBT0CrM9MuPurjEH1LrxXf%2F%2FEvl7K4w3R319GqlJfF0DkJlVQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfed4db5a70f9-HEL
alt-svc: h3=":443"; ma=86400

static.hentai-gif-anime.com/img/common/social/twitter.jpg

104.21.235.190

200 OK

3.1 kB

URL GET HTTP/3
static.hentai-gif-anime.com/img/common/social/twitter.jpg
IP
104.21.235.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:F5:E5:EA:61:30:D5:1C:EF:D7:18:ED:EC:FC:32:D2:89:CC:04:BE
ValidityMon, 27 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 64x64, components 3\012- data
Size
3.1 kB (3070 bytes)
Hash
332ba12ef50c10ec47fc6fe788ed76cf
e5c36d02a2058526f9b50ed511f729daa23664cc
e4e2dc43599b41d04804f3b10a393dad8416f66a2c4c5924cf1c61730d63dfed

HTTP Headers

GET /img/common/social/twitter.jpg HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: image/jpeg
content-length: 3070
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: "65471322-bfe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 76371
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9N99DI1BmxGx8ottUxKq7lmyn1JtUG5SpUeHdz2UPqD1EhP7V6MiIJLQTQ7tFXIx29zwYPV3ctqwT5N3Efh9vycUaX7W5fnsFKHZSzUzv3fy7xdRjLf7BECPvJbAvmumJUckmUKyCp46tCHoao4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfed4db5b70f9-HEL
alt-svc: h3=":443"; ma=86400

static.hentai-gif-anime.com/img/common/social/facebook.jpg

104.21.235.190

2.1 kB

URL
static.hentai-gif-anime.com/img/common/social/facebook.jpg
IP
104.21.235.190:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 64x64, components 3\012- data
Size
2.1 kB (2086 bytes)
Hash
40d8a992e98bb81a3ae223545c985fa4
167a554092a8b3f93659dbcd4b8995668f0e4b86
86551a71ce56e419e94306144f91bd0200d6ca73b7b933e88be448b1f2ea251a

HTTP Headers

GET /img/common/social/facebook.jpg HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: image/jpeg
content-length: 2086
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: "65471322-826"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 157454
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFHowdBzfjG5blMLnTFKvosIErrV%2BWwQmnXPyejkeP7kPNGTeMLo%2FJKAP7Vx%2FotMGTxivbq92SWhfATbIlO41S7fDy5LZyNVZ7MRzoTZ2cnhwMAbMN8runGFM8KjG2j1vjJq728P04QelH4bgm4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfed4db5d70f9-HEL
alt-svc: h3=":443"; ma=86400

static.hentai-gif-anime.com/img/common/social/reddit.png

104.21.235.190

542 B

URL
static.hentai-gif-anime.com/img/common/social/reddit.png
IP
104.21.235.190:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
542 B (542 bytes)
Hash
3713e686f6104795b2f9ce1e249313d6
c4ab6171292d3aeef618c614677a167f230b6ffd
ed28fead9654b1ec127f76da970b98bdaa954061a0a2a1121179debff9a0d153

HTTP Headers

GET /img/common/social/reddit.png HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: image/png
content-length: 542
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: "65471322-21e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 496519
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4smrd%2FESMnie%2FQ6rFoBF3EW0joBeynksO%2FvmRrq5A5AwwSnXWcl1%2FilcX%2FQThQX1%2BZBdBQ6HQ3fxFnXlS9zpfrXthOmxbAE6gHnCpwVY73HfdSynt9amktmpSp6UYa9scq3bKUO4xG%2Fb0BpMhOo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfed4db5e70f9-HEL
alt-svc: h3=":443"; ma=86400

static.hentai-gif-anime.com/img/common/social/tumblr.jpg

104.21.235.190

2.4 kB

URL
static.hentai-gif-anime.com/img/common/social/tumblr.jpg
IP
104.21.235.190:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 64x64, components 3\012- data
Size
2.4 kB (2407 bytes)
Hash
5b33546756b674ce2be373044f24c0cf
68dcc328753f7872624504268fcd7334b71c9f76
c1a52b3dc3cf5ea00542ea76f1295b55c7d01d0660e04587d0de18e86cdbb2c7

HTTP Headers

GET /img/common/social/tumblr.jpg HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: image/jpeg
content-length: 2407
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: "65471322-967"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 322471
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=noTzYWr7pe5PnJJhqCpmkXmbmnXGfg1IYIoNEOMYg2ozWSU0Jtt6ud%2FwTOVLUu37QvchoyBv%2FMWHnYl8oHqbD0Krvekdqx%2BxNk5TR%2FhGs%2BU8ebFt0dNAONTV4xLh%2B1byXQ08ntLbG7RV7ZYOKCw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfed4fbb970f9-HEL
alt-svc: h3=":443"; ma=86400

static.hentai-gif-anime.com/img/common/social/pinterest.png

104.21.235.190

458 B

URL
static.hentai-gif-anime.com/img/common/social/pinterest.png
IP
104.21.235.190:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
458 B (458 bytes)
Hash
648994670c62d7a329042748a4bee30d
8227437266c5cab384f53caa32d1b387a77049fa
7d2b7976f2ee424f2a5c3efd727ce68d9d30400bfaaf44bf7a5348c914cf244c

HTTP Headers

GET /img/common/social/pinterest.png HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: image/png
content-length: 458
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: "65471322-1ca"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 164354
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1HD6vO3DHG2C%2BJMz9wq%2FQ%2B9tSGRlv6aXZNHI%2B5PEg0%2FGOySTOcf01iy2P71gvUFoE%2Bl%2FfxGqr9P54kLLHG78N0%2F%2FIixc3GAWPvzRn7I9GvsnGIiWJmZUQDvk2FzjZutmHReYbfSD2pALSv7nMyY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfed4fbba70f9-HEL
alt-svc: h3=":443"; ma=86400

static.hentai-gif-anime.com/img/common/social/vk_com.png

104.21.235.190

200 OK

964 B

URL GET HTTP/3
static.hentai-gif-anime.com/img/common/social/vk_com.png
IP
104.21.235.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:F5:E5:EA:61:30:D5:1C:EF:D7:18:ED:EC:FC:32:D2:89:CC:04:BE
ValidityMon, 27 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
964 B (964 bytes)
Hash
25e01617b3bdb03a8254a51c52183e09
bed65c5f27acec7a2043c225b4c5e52c031354fb
5e117a1e8a53399ae27ab8aac45f2b8b4daa7f9d208726f29d8eef7c3fe85b3f

HTTP Headers

GET /img/common/social/vk_com.png HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: image/png
content-length: 964
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: "65471322-3c4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 429170
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fe8LDRhJRkFLwIbXBoSxa%2BEIU212dPrbpdFJ8Rqc9htPMkA4NUT%2Fk0Qt6qqWcu7rqANcn24vENt4ZVDu%2Bt%2Bl3mFVh2vkME%2BmgPM0LxKacRuovm6r3tk6jji3Lrbsl4%2FrthELdX9E6hxFxqKQLgQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfed4fbbc70f9-HEL
alt-svc: h3=":443"; ma=86400

static.hentai-gif-anime.com/img/common/social/line.png

104.21.235.190

825 B

URL
static.hentai-gif-anime.com/img/common/social/line.png
IP
104.21.235.190:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
825 B (825 bytes)
Hash
299510f9cfb5a76a1ec5174cfb6ae795
0fc4e218da4019ee2b75a6639f981ca1a31187f9
eb1d6f5b8b6289ab1b326d7b116311fd37f4eb296ded36090f333bccb55bde5b

HTTP Headers

GET /img/common/social/line.png HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: image/png
content-length: 825
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: "65471322-339"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 409813
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6ixQGBcuODfcSdQo%2BbzF1Yaz2i61IAHib4VmwSs9ALCdNcN9znmyrzyIU7SheIN02GUCu0HVDCQOE2aO3qHQuqoBbI%2BDQFxnfXZsutKI5w%2BVrHYNDygWWKxYtFTs%2FjwKbA%2FyxmE7AthpXSQd2M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfed4fbbd70f9-HEL
alt-svc: h3=":443"; ma=86400

static.hentai-gif-anime.com/img/common/social/hatena.png

104.21.235.190

200 OK

501 B

URL GET HTTP/3
static.hentai-gif-anime.com/img/common/social/hatena.png
IP
104.21.235.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:F5:E5:EA:61:30:D5:1C:EF:D7:18:ED:EC:FC:32:D2:89:CC:04:BE
ValidityMon, 27 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
501 B (501 bytes)
Hash
ab83b4b896bf57fb195debbc7149971f
3c479cb275572b7e29b82100099d7b8a074b689e
d0ba5d480ebfe557338e123f161e74ebbe5f75fa67acfb00196daf8b74e6aa58

HTTP Headers

GET /img/common/social/hatena.png HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: image/png
content-length: 501
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: "65471322-1f5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 429170
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBjrx5En5i4Tqug%2FUGgseyu4zupptU%2Bw6nISMvNY0OgX8Ff5%2Bpo0HTKmMw7L8HlTSyzh3LNYZmg6O7tfd5ZcmseJjOrHzY6u%2FaTa4iKdLzHP3l8hjFh8SrECCcoUMSchwnOmqFCmHHzYwB%2BwjVU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfed4fbc570f9-HEL
alt-svc: h3=":443"; ma=86400

static.hentai-gif-anime.com/img/common/social/mixi.png

104.21.235.190

822 B

URL
static.hentai-gif-anime.com/img/common/social/mixi.png
IP
104.21.235.190:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
822 B (822 bytes)
Hash
b95efd042485932bebbd64b36e04239d
05bf771f9bc32761964c9142b5a02146ba00834a
ca1d5623931e628fcbb100eea0802c8819ba74d650f7e20eb8f5ebacb4985c72

HTTP Headers

GET /img/common/social/mixi.png HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: image/png
content-length: 822
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: "65471322-336"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 8130
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dc8F7eiqipwnN5t0As3%2BeYUxgROFM5jovMEvA3usMFPYoMLZQEVqrJK%2BvIvzXFMW34uUYrAh6pnmZRsCFKDQus5%2BotLBoaW2dgvuVmmc2GTGDdqtQezlDLTmj3eIipKZb%2F8a3b0RsQsiGS%2FTQ7Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfed50bd070f9-HEL
alt-svc: h3=":443"; ma=86400

static.hentai-gif-anime.com/img/common/social/stumble_upon.jpg

104.21.235.190

200 OK

5.3 kB

URL GET HTTP/3
static.hentai-gif-anime.com/img/common/social/stumble_upon.jpg
IP
104.21.235.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:F5:E5:EA:61:30:D5:1C:EF:D7:18:ED:EC:FC:32:D2:89:CC:04:BE
ValidityMon, 27 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5], baseline, precision 8, 64x64, components 3\012- data
Size
5.3 kB (5308 bytes)
Hash
75356d971865d18f361c31b8082bb4fc
c7a9fb21644661b3ecc6a7bb514818fca505b799
3cfcbf3045b013f60c81448975b83ac34e391e3b887a421ab765d9b36ae51350

HTTP Headers

GET /img/common/social/stumble_upon.jpg HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: image/jpeg
content-length: 5308
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: "65471322-14bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 322471
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOychOHhZ4y8ZEV8O0xNe2cfuqP3qf4A2RiBd7yTSp%2FX5FPeYD80Wg4wntVN8w648UfZgujiiu%2FsofS7WuZCeE0ejzuY0%2FgKvsVCrY%2BTE4795%2FdoV%2FG%2BNBPmHVHz0kI%2BAOLcEu3fQ95inkf0xUI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfed50bd170f9-HEL
alt-svc: h3=":443"; ma=86400

static.hentai-gif-anime.com/img/common/social/pocket.png

104.21.235.190

200 OK

1.1 kB

URL GET HTTP/3
static.hentai-gif-anime.com/img/common/social/pocket.png
IP
104.21.235.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:F5:E5:EA:61:30:D5:1C:EF:D7:18:ED:EC:FC:32:D2:89:CC:04:BE
ValidityMon, 27 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
1.1 kB (1113 bytes)
Hash
34177c970f2a37a384e877bd07489116
a4b1dc3ae3e2b369bebaeb9a741821bfc2f68a26
57e48d9c3c98955c1d34b7968870bbdef6845441f4e7707c6bef7c4f0bda8e36

HTTP Headers

GET /img/common/social/pocket.png HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: image/png
content-length: 1113
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: "65471322-459"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 244773
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ht0Ug33i0csrNU%2FPm7YUuayjchANQ3dKo6raMPHnTxI7Q0Eg2SgjtBVi3shjvYmymqyHYD9hvPvMqvBnbN%2F%2BYOkOtHoZllH4xvzvlohlXt7ztE7YuR7EJp2Vt1E7MxBRP7h8pd6i3qfnLh9wPE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfed50bcd70f9-HEL
alt-svc: h3=":443"; ma=86400

poweredby.jads.co/js/jads.js

185.94.236.246

301 Moved Permanently

178 B

URL GET HTTP/1.1
poweredby.jads.co/js/jads.js
IP
185.94.236.246:443
ASN
#42567 Mojohost B.v.

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerSectigo Limited
Subject*.jads.co
Fingerprint9E:B2:20:AC:19:4B:72:8F:12:D9:D6:5A:6A:B5:BE:EE:46:13:48:EB
ValidityMon, 26 Dec 2022 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 27 Nov 2023 23:01:51 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js

poweredby.jads.co/js/jfc.js

185.94.236.246

3.0 kB

URL
poweredby.jads.co/js/jfc.js
IP
185.94.236.246:0
ASN
#42567 Mojohost B.v.

Certificate
IssuerSectigo Limited
Subject*.jads.co
Fingerprint9E:B2:20:AC:19:4B:72:8F:12:D9:D6:5A:6A:B5:BE:EE:46:13:48:EB
ValidityMon, 26 Dec 2022 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1678)
Size
3.0 kB (3037 bytes)
Hash
eabb2115947699ca1e6255ebc3214e19
13b32dd270c7eeea684434c7d57a9f4e6008774d
a9556daf36123f66aa90903d1cb88d2ea3c5b74492b5c74b3b9fe53d2c909953

HTTP Headers

GET /js/jfc.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 23:01:51 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 20 Sep 2023 21:26:09 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"650b6371-1a8e"
Content-Encoding: gzip

static.hentai-gif-anime.com/css/common/awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

104.21.235.190

77 kB

URL
static.hentai-gif-anime.com/css/common/awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.21.235.190:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /css/common/awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://de.hentai-gif-anime.com
DNT: 1
Connection: keep-alive
Referer: https://static.hentai-gif-anime.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: font/woff2
content-length: 77160
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: "65471322-12d68"
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Origin, Authorization, Accept
access-control-allow-credentials: true
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 93128
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TEQiStxu%2BuMu1IRHUN0basl9qyKIAbcbkJYTkIeN00WG3icyqFjbBZyUASF0cZ%2FX%2FCpG7RXkNX5mJFp8jlNM%2FFJcczWJqvcdeYGK9UpAuiMwD66SoCp0Pdy2R7aL4K3oifnmajnbt%2FvnBt0gKjI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfed6de7270f9-HEL
alt-svc: h3=":443"; ma=86400

static.hentai-gif-anime.com/img/common/loading.gif

104.21.235.190

200 OK

8.2 kB

URL GET HTTP/3
static.hentai-gif-anime.com/img/common/loading.gif
IP
104.21.235.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:F5:E5:EA:61:30:D5:1C:EF:D7:18:ED:EC:FC:32:D2:89:CC:04:BE
ValidityMon, 27 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
GIF image data, version 89a, 48 x 48\012- data
Size
8.2 kB (8167 bytes)
Hash
97d6004d640bff4ccb7dbc19c8210e2c
0e993fb7dc31da3437cc9f4c934d3b4a7fa7dccf
7690561960d2b4bb48e5e19c0cfa6b84fa1d9f967eca9686c6e8ebeb73df0852

HTTP Headers

GET /img/common/loading.gif HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: image/gif
content-length: 8167
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: "65471322-1fe7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 421127
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGg4T3NFHmiIIvVua2TgC99Hqo6nw7781PxBfRahdO%2Bmezl8WRh7C93RcZtow2Cx5Kljf%2Bkvx%2BoZWX%2FwImxbFqbTJHxefEA2uss4uGEqXWLQzvblmCr3iCwphDia4QHvc%2FNffmVkl6oDfZv89kg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfed6ee8170f9-HEL
alt-svc: h3=":443"; ma=86400

static.hentai-gif-anime.com/js/pc/default/init.js?t=20170430

104.21.235.190

249 B

URL
static.hentai-gif-anime.com/js/pc/default/init.js?t=20170430
IP
104.21.235.190:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
249 B (249 bytes)
Hash
bdcf1b85c383e21e8200c806447402f3
a09f26d588d18aaf3ebf37177270e74255a61f10
8bc58db2b1a5ef5f7564afb9b7a0ded88c285b383534a51072eb2b076633e8f9

HTTP Headers

GET /js/pc/default/init.js?t=20170430 HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: application/javascript
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: W/"65471322-53"
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Origin, Authorization, Accept
access-control-allow-credentials: true
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 322079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ejTWRFSSBHszc0YNWHyOJq%2FrTerNd5mtYMNZPv4Jcreib%2BHKT8s4HusOH0eG1QSjjONVkjqk4A10kbPxW58%2B6jA6Yx6Iuc2JK39s%2B3nJXJNOWhlXOFKXmo9OZUdmDrj0T506MIYEkcXGQDo%2B58U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfed50bd870f9-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtm.js?id=GTM-W799X8

142.250.74.168

1.6 kB

URL
www.googletagmanager.com/gtm.js?id=GTM-W799X8
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.6 kB (1581 bytes)
Hash
efad7fa1519fa0c690d3749aa93c18c9
45c778e7cbf470adf9fc45759ea7509eafbcca5c
a590a594e71c7f9fc06c30a12db415ce6493441445109a2418a79909e1565839

HTTP Headers

GET /gtm.js?id=GTM-W799X8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: text/html; charset=UTF-8
server: Google Tag Manager
content-length: 1581
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-5T2WNRK

142.250.74.168

72 kB

URL
www.googletagmanager.com/gtm.js?id=GTM-5T2WNRK
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3026)
Size
72 kB (71603 bytes)
Hash
d27be25c7f6657469d78e2ad8cc473f5
458e178fda75266e46136eb0f5a501f488741748
b33573424b79de989167bba4440d037d681874876cbb03f368876dd4deb48c2e

HTTP Headers

GET /gtm.js?id=GTM-5T2WNRK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 27 Nov 2023 23:01:51 GMT
expires: Mon, 27 Nov 2023 23:01:51 GMT
cache-control: private, max-age=900
last-modified: Mon, 27 Nov 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71603
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

poweredby.jads.co/js/jads2.js

185.94.236.246

1.7 kB

URL
poweredby.jads.co/js/jads2.js
IP
185.94.236.246:0
ASN
#42567 Mojohost B.v.

Certificate
IssuerSectigo Limited
Subject*.jads.co
Fingerprint9E:B2:20:AC:19:4B:72:8F:12:D9:D6:5A:6A:B5:BE:EE:46:13:48:EB
ValidityMon, 26 Dec 2022 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3758), with no line terminators
Size
1.7 kB (1719 bytes)
Hash
bc8141c4650030c41f6a98026b12ce80
af5618f7e467a207d4c64627be580283ab5640cd
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

HTTP Headers

GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://de.hentai-gif-anime.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 23:01:51 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 20 Sep 2023 21:26:09 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"650b6371-eae"
Content-Encoding: gzip

static.hentai-gif-anime.com/upload/20181101/52/106002/detail.gif

104.21.235.190

200 OK

4.8 MB

URL GET HTTP/3
static.hentai-gif-anime.com/upload/20181101/52/106002/detail.gif
IP
104.21.235.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:F5:E5:EA:61:30:D5:1C:EF:D7:18:ED:EC:FC:32:D2:89:CC:04:BE
ValidityMon, 27 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
GIF image data, version 89a, 848 x 480\012- data
Size
4.8 MB (4846027 bytes)
Hash
299544e38fa998ad871b36d9db0cecbb
52e73e7087a6f07623315b26b39a33622538c033
128e90fc81538448a3bb70ca938d7675071fc7948acd780d2e6e6d9bccad3e3d

HTTP Headers

GET /upload/20181101/52/106002/detail.gif HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: image/gif
content-length: 4846027
last-modified: Fri, 13 Jul 2018 05:40:05 GMT
etag: "5b483b35-49f1cb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldQobL3bsb61pUFvRM9CpblqsQH%2FheSwdAYVD%2BswKxMWHyoeYHM2p6sQytdyXcqzjX2iQ%2FoOna8sDaOv3hNsCm%2FsG6hglV0f0msMgHcvJ8JX63iLlU%2FIg2R6kkJDJNGKI9riCsYlyLSMzzNB2B4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfed4bb3170f9-HEL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-W7HH4WJX2S&l=dataLayer&cx=c

142.250.74.168

85 kB

URL
www.googletagmanager.com/gtag/js?id=G-W7HH4WJX2S&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3034)
Size
85 kB (85253 bytes)
Hash
f30850b42d1d5ae4b0ebd28fd08065ec
46164888bf08aa384ae92df8382111d5aa0005fd
8cc3500e30607d696cfc4ba3c3a7944c9af171ab5216f28230fd7a09f58447a1

HTTP Headers

GET /gtag/js?id=G-W7HH4WJX2S&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 27 Nov 2023 23:01:52 GMT
expires: Mon, 27 Nov 2023 23:01:52 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85253
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

stealcurtainsdeeprooted.com/bf/3a/3a/bf3a3af4dd0c8d985f1accd648d117c1.js

173.233.137.36

200 OK

15 kB

URL GET HTTP/1.1
stealcurtainsdeeprooted.com/bf/3a/3a/bf3a3af4dd0c8d985f1accd648d117c1.js
IP
173.233.137.36:443
ASN
#7979 SERVERS-COM

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerLet's Encrypt
Subjectstealcurtainsdeeprooted.com
FingerprintD2:80:AC:40:05:55:8B:BC:9B:C8:7C:26:56:42:AF:54:04:5F:9B:61
ValidityMon, 30 Oct 2023 06:01:37 GMT - Sun, 28 Jan 2024 06:01:36 GMT

File type
ASCII text, with very long lines (42821), with no line terminators
Size
15 kB (15191 bytes)
Hash
3c38e38de1919768118306556f155597
599a9c12a28510a0f1eb27f58c66b4ff8e0b8644
1f51e8e383a6a08edb388308fa69ca013a7101ff29865b374c7c96ae4e62f43c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bf/3a/3a/bf3a3af4dd0c8d985f1accd648d117c1.js HTTP/1.1
Host: stealcurtainsdeeprooted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 27 Nov 2023 23:01:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: aece3d2c03b8e2e04809a00de6f63936
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

stealcurtainsdeeprooted.com/5b/da/a2/5bdaa2a05be747d86f4b99c1bcc4cd6c.js

173.233.137.36

25 kB

URL
stealcurtainsdeeprooted.com/5b/da/a2/5bdaa2a05be747d86f4b99c1bcc4cd6c.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

Certificate
IssuerLet's Encrypt
Subjectstealcurtainsdeeprooted.com
FingerprintD2:80:AC:40:05:55:8B:BC:9B:C8:7C:26:56:42:AF:54:04:5F:9B:61
ValidityMon, 30 Oct 2023 06:01:37 GMT - Sun, 28 Jan 2024 06:01:36 GMT

File type
ASCII text, with very long lines (62520), with no line terminators
Size
25 kB (24819 bytes)
Hash
f3d9c79033e409ea10b987d5fc126c8c
595ee30e02ba3b2bea8d4d55ddc4204b9a164d15
e310fb4d94430e8a537892e6c8e4e19b0d78e5ff49767c1052f30526654d8255

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5b/da/a2/5bdaa2a05be747d86f4b99c1bcc4cd6c.js HTTP/1.1
Host: stealcurtainsdeeprooted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 27 Nov 2023 23:01:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1a3d07bed0ce3018712ee191831035c2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

stealcurtainsdeeprooted.com/b8b73dce4dd569d1ae1f0e0c576ef179/invoke.js

173.233.137.36

200 OK

9.3 kB

URL GET HTTP/1.1
stealcurtainsdeeprooted.com/b8b73dce4dd569d1ae1f0e0c576ef179/invoke.js
IP
173.233.137.36:443
ASN
#7979 SERVERS-COM

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerLet's Encrypt
Subjectstealcurtainsdeeprooted.com
FingerprintD2:80:AC:40:05:55:8B:BC:9B:C8:7C:26:56:42:AF:54:04:5F:9B:61
ValidityMon, 30 Oct 2023 06:01:37 GMT - Sun, 28 Jan 2024 06:01:36 GMT

File type
Unicode text, UTF-8 text, with very long lines (25095), with no line terminators
Size
9.3 kB (9283 bytes)
Hash
494787384874b22243f2199bcf1187a2
aa5009725fa1693b73a49ba477c395073a7d3650
ec9eb78aa632b04635f7c8cafae52dcfd8565b619ad3364497c0613e2ae4b9e3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /b8b73dce4dd569d1ae1f0e0c576ef179/invoke.js HTTP/1.1
Host: stealcurtainsdeeprooted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 27 Nov 2023 23:01:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e48289c463889b18cc0e571065540d7f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

poweredby.jads.co/js/jads2.js

185.94.236.246

1.7 kB

URL
poweredby.jads.co/js/jads2.js
IP
185.94.236.246:0
ASN
#42567 Mojohost B.v.

Certificate
IssuerSectigo Limited
Subject*.jads.co
Fingerprint9E:B2:20:AC:19:4B:72:8F:12:D9:D6:5A:6A:B5:BE:EE:46:13:48:EB
ValidityMon, 26 Dec 2022 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3758), with no line terminators
Size
1.7 kB (1719 bytes)
Hash
bc8141c4650030c41f6a98026b12ce80
af5618f7e467a207d4c64627be580283ab5640cd
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

HTTP Headers

GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://de.hentai-gif-anime.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 23:01:52 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 20 Sep 2023 21:26:09 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"650b6371-eae"
Content-Encoding: gzip

stealcurtainsdeeprooted.com/b8b73dce4dd569d1ae1f0e0c576ef179/invoke.js

173.233.137.36

200 OK

9.3 kB

URL GET HTTP/1.1
stealcurtainsdeeprooted.com/b8b73dce4dd569d1ae1f0e0c576ef179/invoke.js
IP
173.233.137.36:443
ASN
#7979 SERVERS-COM

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerLet's Encrypt
Subjectstealcurtainsdeeprooted.com
FingerprintD2:80:AC:40:05:55:8B:BC:9B:C8:7C:26:56:42:AF:54:04:5F:9B:61
ValidityMon, 30 Oct 2023 06:01:37 GMT - Sun, 28 Jan 2024 06:01:36 GMT

File type
Unicode text, UTF-8 text, with very long lines (25071), with no line terminators
Size
9.3 kB (9280 bytes)
Hash
10258de2239704689c151e4f63c7a447
3c8b9b7ba1168693f15e13dc63e3d6316008bef6
b3dccb45cf47dbb4686cb9e323b334857365f61619122c2c32648ba1ea1ca44c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /b8b73dce4dd569d1ae1f0e0c576ef179/invoke.js HTTP/1.1
Host: stealcurtainsdeeprooted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 27 Nov 2023 23:01:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ddb9935efce67d4454e3bf3667216461
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

stealcurtainsdeeprooted.com/b8b73dce4dd569d1ae1f0e0c576ef179/invoke.js

173.233.137.36

200 OK

9.3 kB

URL GET HTTP/1.1
stealcurtainsdeeprooted.com/b8b73dce4dd569d1ae1f0e0c576ef179/invoke.js
IP
173.233.137.36:443
ASN
#7979 SERVERS-COM

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerLet's Encrypt
Subjectstealcurtainsdeeprooted.com
FingerprintD2:80:AC:40:05:55:8B:BC:9B:C8:7C:26:56:42:AF:54:04:5F:9B:61
ValidityMon, 30 Oct 2023 06:01:37 GMT - Sun, 28 Jan 2024 06:01:36 GMT

File type
Unicode text, UTF-8 text, with very long lines (25095), with no line terminators
Size
9.3 kB (9283 bytes)
Hash
494787384874b22243f2199bcf1187a2
aa5009725fa1693b73a49ba477c395073a7d3650
ec9eb78aa632b04635f7c8cafae52dcfd8565b619ad3364497c0613e2ae4b9e3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /b8b73dce4dd569d1ae1f0e0c576ef179/invoke.js HTTP/1.1
Host: stealcurtainsdeeprooted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 27 Nov 2023 23:01:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b22cec648d81af2b97e2729d6d869031
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

stealcurtainsdeeprooted.com/c56a3a0d78064cdb8bd27f6995fe3f3a/invoke.js

173.233.137.36

11 kB

URL
stealcurtainsdeeprooted.com/c56a3a0d78064cdb8bd27f6995fe3f3a/invoke.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

Certificate
IssuerLet's Encrypt
Subjectstealcurtainsdeeprooted.com
FingerprintD2:80:AC:40:05:55:8B:BC:9B:C8:7C:26:56:42:AF:54:04:5F:9B:61
ValidityMon, 30 Oct 2023 06:01:37 GMT - Sun, 28 Jan 2024 06:01:36 GMT

File type
exported SGML document, ASCII text, with very long lines (29642), with no line terminators
Size
11 kB (10936 bytes)
Hash
93cee2371498140f7ccdb4baf079d8da
dee5dc7ce8ce6a20adcd1434b4ba3660c8f88a43
2424fa4f0b41fad0ef7270755ec819a9a88fc2f0dd8528fd423da3bd904416bb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /c56a3a0d78064cdb8bd27f6995fe3f3a/invoke.js HTTP/1.1
Host: stealcurtainsdeeprooted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 27 Nov 2023 23:01:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f1451523e8e8df003649ee3c12528362
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

stealcurtainsdeeprooted.com/b8b73dce4dd569d1ae1f0e0c576ef179/invoke.js

173.233.137.36

200 OK

9.3 kB

URL GET HTTP/1.1
stealcurtainsdeeprooted.com/b8b73dce4dd569d1ae1f0e0c576ef179/invoke.js
IP
173.233.137.36:443
ASN
#7979 SERVERS-COM

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerLet's Encrypt
Subjectstealcurtainsdeeprooted.com
FingerprintD2:80:AC:40:05:55:8B:BC:9B:C8:7C:26:56:42:AF:54:04:5F:9B:61
ValidityMon, 30 Oct 2023 06:01:37 GMT - Sun, 28 Jan 2024 06:01:36 GMT

File type
Unicode text, UTF-8 text, with very long lines (25103), with no line terminators
Size
9.3 kB (9281 bytes)
Hash
7677155bfe3f0fa65a393f601b5304ec
eafe9593bb6110d0d1ece731647f74e66ddb1ac8
8a2ea25f074fb93be199ae4e0d01660fed82156988a421d51f0dc72a246756ec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /b8b73dce4dd569d1ae1f0e0c576ef179/invoke.js HTTP/1.1
Host: stealcurtainsdeeprooted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 27 Nov 2023 23:01:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d75584c6ea7ebc4347e750dc9373bd8f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

stealcurtainsdeeprooted.com/c56a3a0d78064cdb8bd27f6995fe3f3a/invoke.js

173.233.137.36

11 kB

URL
stealcurtainsdeeprooted.com/c56a3a0d78064cdb8bd27f6995fe3f3a/invoke.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

Certificate
IssuerLet's Encrypt
Subjectstealcurtainsdeeprooted.com
FingerprintD2:80:AC:40:05:55:8B:BC:9B:C8:7C:26:56:42:AF:54:04:5F:9B:61
ValidityMon, 30 Oct 2023 06:01:37 GMT - Sun, 28 Jan 2024 06:01:36 GMT

File type
exported SGML document, ASCII text, with very long lines (29627), with no line terminators
Size
11 kB (10937 bytes)
Hash
aab8eaf7fab8f8a727380a9fe414535d
ead4b80ef36042040a5ef0478b66a636a2d2bade
de2a55b420244fc3381b2128fef09556300853c9efa8b231139b83caa966528f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /c56a3a0d78064cdb8bd27f6995fe3f3a/invoke.js HTTP/1.1
Host: stealcurtainsdeeprooted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 27 Nov 2023 23:01:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7802b70f1e7f36e4c71afbc221713a1c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ab08b21b37480bf609deaf73dcbf1e34
4121333c3a37ff481b30918ce3a1aa643cf813c2
d8c99d9c9d12731615d29afd9aba86e213ce6c7dfb8938334de50d3edfd78fcd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Mon, 27 Nov 2023 23:01:52 GMT
Last-Modified: Mon, 27 Nov 2023 22:53:30 GMT
Server: ECAcc (ska/F6A3)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0eODWs2CyfHxVpEgOTokniHV9Ge47S-KuZVnq-B0La3yyWxSAz8c0A==
Age: 502

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ab08b21b37480bf609deaf73dcbf1e34
4121333c3a37ff481b30918ce3a1aa643cf813c2
d8c99d9c9d12731615d29afd9aba86e213ce6c7dfb8938334de50d3edfd78fcd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Mon, 27 Nov 2023 23:01:52 GMT
Last-Modified: Mon, 27 Nov 2023 22:53:28 GMT
Server: ECAcc (ska/F78B)
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6yI-EICx-HR1OEdjk5NRXM87ReQhBjvAJPSFyYCOrKtPCoTKY5oz_Q==
Age: 504

proftrafficcounter.com/stats

18.185.201.157

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.201.157:443
ASN
#16509 AMAZON-02

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
4aa93904e86fe6155d77cc5425f0bbbc
cf4bb11734d963abd939684262b0b4fe22c31376
b861be9779bd80fc2731c235e43c21895a24c3a9f727c6c1d21b8e2c281cd78d

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://de.hentai-gif-anime.com
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://de.hentai-gif-anime.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=cb7de550-92b9-4fd1-91f1-e1bab9ca5745:2:1; expires=Thu, 24 Nov 2033 23:01:53 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.185.201.157

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.201.157:443
ASN
#16509 AMAZON-02

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
987c0f1e4d51222ba9bf6a17179c60dc
a90419f913d508ccae2fa823619aa7391db62575
6163f7af552c28005ed88f3e659ee5e80d0feb9e4e1911c24e9c18234efffc9f

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://de.hentai-gif-anime.com
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://de.hentai-gif-anime.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=b244c384-eb7a-4305-80ce-8ad40eaa6c22:3:1; expires=Thu, 24 Nov 2033 23:01:53 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.185.201.157

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.201.157:443
ASN
#16509 AMAZON-02

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
8c178ac3c27e04c180923ba97a4a0924
7e7849bac2a22f5e31dbd8231ade60c999aec74f
4b4da09b91fe63e939f6992378ec86952138ca1e3893411f9ff6684eaed3c928

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://de.hentai-gif-anime.com
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://de.hentai-gif-anime.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=9f539ebe-20f7-46e8-afaf-f3161e954842:1:1; expires=Thu, 24 Nov 2033 23:01:53 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

static.hentai-gif-anime.com/css/pc/style.min.css?t=20160213_01

104.21.235.190

17 kB

URL
static.hentai-gif-anime.com/css/pc/style.min.css?t=20160213_01
IP
104.21.235.190:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (22479), with no line terminators
Size
17 kB (17019 bytes)
Hash
85caf6f75762ceb350dd303f5cca904a
66a93e0d0664460f738a2409bd6bb75486de949b
9e5529c82499ab89351adeccca36a4edfaba8c27463ad056f3a8228816d3e708

HTTP Headers

GET /css/pc/style.min.css?t=20160213_01 HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: W/"65471322-57f1"
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Origin, Authorization, Accept
access-control-allow-credentials: true
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 404903
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4sGbZyck3qaC2acXhSt6Cq0cDVtHrKPPl1RirtPrF%2BqNxJrHZi9uOvpdRHBq%2F1rxL%2BPbe84Oh4bG2lsIKlJ7FxfV5VAQaGR4IZdyUPtwA4yUdcEQ2LFFJlJaDD41f1dTzjBjVrsWQYnX5eaLY4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82cdfed4bb0b70f9-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

poweredby.jads.co/adshow.php?adzone=818804

185.94.236.246

1.7 kB

URL
poweredby.jads.co/adshow.php?adzone=818804
IP
185.94.236.246:0
ASN
#42567 Mojohost B.v.

Certificate
IssuerSectigo Limited
Subject*.jads.co
Fingerprint9E:B2:20:AC:19:4B:72:8F:12:D9:D6:5A:6A:B5:BE:EE:46:13:48:EB
ValidityMon, 26 Dec 2022 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (399), with CRLF, LF line terminators
Size
1.7 kB (1661 bytes)
Hash
65ce2030a9786fa4d2a865ff10faca7d
6839ab0832a1ed4173532e052df07e4f41d7c367
e7b63cd211c292671601357dcda8399fdfe160b80f8ffb3bad15bef33b8bf8f2

HTTP Headers

GET /adshow.php?adzone=818804 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 23:01:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=aee59885584b512221750c8318820276; expires=Tue, 26-Nov-2024 23:01:52 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Thu, 30-Nov-2023 23:01:52 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Thu, 30-Nov-2023 23:01:52 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip

poweredby.jads.co/adshow.php?adzone=818804

185.94.236.246

1.7 kB

URL
poweredby.jads.co/adshow.php?adzone=818804
IP
185.94.236.246:0
ASN
#42567 Mojohost B.v.

Certificate
IssuerSectigo Limited
Subject*.jads.co
Fingerprint9E:B2:20:AC:19:4B:72:8F:12:D9:D6:5A:6A:B5:BE:EE:46:13:48:EB
ValidityMon, 26 Dec 2022 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (399), with CRLF, LF line terminators
Size
1.7 kB (1662 bytes)
Hash
a187a3e7e1964177722df65bc98fc5d2
9a6283aa29fa7e737a98d0057020c8db784abc1a
d77e2dba1184118f61685108dc5ea3765352b0146331521cbbdc4a1b71cb7da4

HTTP Headers

GET /adshow.php?adzone=818804 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 23:01:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=aee59885584b512221750c8318820276; expires=Tue, 26-Nov-2024 23:01:52 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Thu, 30-Nov-2023 23:01:52 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Thu, 30-Nov-2023 23:01:52 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip

poweredby.jads.co/js/jads.js

185.94.236.246

301 Moved Permanently

178 B

URL GET HTTP/1.1
poweredby.jads.co/js/jads.js
IP
185.94.236.246:443
ASN
#42567 Mojohost B.v.

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerSectigo Limited
Subject*.jads.co
Fingerprint9E:B2:20:AC:19:4B:72:8F:12:D9:D6:5A:6A:B5:BE:EE:46:13:48:EB
ValidityMon, 26 Dec 2022 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: surferid=aee59885584b512221750c8318820276; juicy_data_1=YTowOnt9; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 27 Nov 2023 23:01:53 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js

stealcurtainsdeeprooted.com/466a4a49f3d5ab80a19d25d71d1aea47/invoke.js

173.233.137.36

11 kB

URL
stealcurtainsdeeprooted.com/466a4a49f3d5ab80a19d25d71d1aea47/invoke.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

Certificate
IssuerLet's Encrypt
Subjectstealcurtainsdeeprooted.com
FingerprintD2:80:AC:40:05:55:8B:BC:9B:C8:7C:26:56:42:AF:54:04:5F:9B:61
ValidityMon, 30 Oct 2023 06:01:37 GMT - Sun, 28 Jan 2024 06:01:36 GMT

File type
exported SGML document, ASCII text, with very long lines (29601), with no line terminators
Size
11 kB (10906 bytes)
Hash
3329152d96991e7a5607549a24affd54
ec7c0343733193df24a59c76067e55a7f7935a8f
4f86c0353f9c156aa127cdae968be295d29d4eabdd9ddf71905546fea2ee8bae

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /466a4a49f3d5ab80a19d25d71d1aea47/invoke.js HTTP/1.1
Host: stealcurtainsdeeprooted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 27 Nov 2023 23:01:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c58be76f7a91d34d85a6e299e3e2db09
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

displeaseddietstair.com/pixel/nvwbdp?key=b8b73dce4dd569d1ae1f0e0c576ef179

173.233.137.44

200 OK

0 B

URL GET HTTP/1.1
displeaseddietstair.com/pixel/nvwbdp?key=b8b73dce4dd569d1ae1f0e0c576ef179
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerLet's Encrypt
Subjectdispleaseddietstair.com
Fingerprint09:3D:95:76:F0:3E:68:B5:44:D5:BD:81:1D:67:75:85:F0:3D:8B:ED
ValidityTue, 07 Nov 2023 08:00:28 GMT - Mon, 05 Feb 2024 08:00:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/nvwbdp?key=b8b73dce4dd569d1ae1f0e0c576ef179 HTTP/1.1
Host: displeaseddietstair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 27 Nov 2023 23:01:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

circumstantialplatoon.com/pixel/nvwbdp?key=b8b73dce4dd569d1ae1f0e0c576ef179

173.233.137.52

0 B

URL
circumstantialplatoon.com/pixel/nvwbdp?key=b8b73dce4dd569d1ae1f0e0c576ef179
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/nvwbdp?key=b8b73dce4dd569d1ae1f0e0c576ef179 HTTP/1.1
Host: circumstantialplatoon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 27 Nov 2023 23:01:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

poweredby.jads.co/js/jads2.js

185.94.236.246

1.7 kB

URL
poweredby.jads.co/js/jads2.js
IP
185.94.236.246:0
ASN
#42567 Mojohost B.v.

Certificate
IssuerSectigo Limited
Subject*.jads.co
Fingerprint9E:B2:20:AC:19:4B:72:8F:12:D9:D6:5A:6A:B5:BE:EE:46:13:48:EB
ValidityMon, 26 Dec 2022 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3758), with no line terminators
Size
1.7 kB (1719 bytes)
Hash
bc8141c4650030c41f6a98026b12ce80
af5618f7e467a207d4c64627be580283ab5640cd
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

HTTP Headers

GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://de.hentai-gif-anime.com/
DNT: 1
Connection: keep-alive
Cookie: surferid=aee59885584b512221750c8318820276; juicy_data_1=YTowOnt9; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 23:01:53 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 20 Sep 2023 21:26:09 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"650b6371-eae"
Content-Encoding: gzip

r.trackwilltrk.com/s1/9fc291e8-531f-4fe2-a356-73d597ec7033?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=121604&cv4=229375&cv5=818804&cv6=

45.131.147.145

200 OK

1.2 kB

URL GET HTTP/1.1
r.trackwilltrk.com/s1/9fc291e8-531f-4fe2-a356-73d597ec7033?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=121604&cv4=229375&cv5=818804&cv6=
IP
45.131.147.145:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://poweredby.jads.co/adshow.php?adzone=818804
Certificate
IssuerLet's Encrypt
Subjectr.trackwilltrk.com
Fingerprint7C:C7:38:E4:D4:9A:D8:A7:4E:3B:33:43:DA:B9:1E:86:98:DA:B1:71
ValidityTue, 14 Nov 2023 07:21:50 GMT - Mon, 12 Feb 2024 07:21:49 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (696)
Size
1.2 kB (1180 bytes)
Hash
c2b8ad0c254c86b526ca8da76a8a83dc
f7aa96bc64c581e05c14c7949a772671dd5d3a37
43a53a7d32a3a51a413d636443e7566dfa2f9a7f0d94e48c5ffbd124f42d548f

HTTP Headers

GET /s1/9fc291e8-531f-4fe2-a356-73d597ec7033?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=121604&cv4=229375&cv5=818804&cv6= HTTP/1.1
Host: r.trackwilltrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poweredby.jads.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 27 Nov 2023 23:01:53 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: uid=fYPlrEr-M; Path=/; Domain=trackwilltrk.com; Expires=Tue, 28 Nov 2023 23:01:53 GMT; HttpOnly
X-Request-Id: 0834cb6c-ae37-4168-b5d4-9481627d2c58
Content-Encoding: gzip

r.trackwilltrk.com/s1/9fc291e8-531f-4fe2-a356-73d597ec7033?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=121604&cv4=229375&cv5=818804&cv6=

45.131.147.145

200 OK

1.2 kB

URL GET HTTP/1.1
r.trackwilltrk.com/s1/9fc291e8-531f-4fe2-a356-73d597ec7033?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=121604&cv4=229375&cv5=818804&cv6=
IP
45.131.147.145:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://poweredby.jads.co/adshow.php?adzone=818804
Certificate
IssuerLet's Encrypt
Subjectr.trackwilltrk.com
Fingerprint7C:C7:38:E4:D4:9A:D8:A7:4E:3B:33:43:DA:B9:1E:86:98:DA:B1:71
ValidityTue, 14 Nov 2023 07:21:50 GMT - Mon, 12 Feb 2024 07:21:49 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (696)
Size
1.2 kB (1180 bytes)
Hash
c2b8ad0c254c86b526ca8da76a8a83dc
f7aa96bc64c581e05c14c7949a772671dd5d3a37
43a53a7d32a3a51a413d636443e7566dfa2f9a7f0d94e48c5ffbd124f42d548f

HTTP Headers

GET /s1/9fc291e8-531f-4fe2-a356-73d597ec7033?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=121604&cv4=229375&cv5=818804&cv6= HTTP/1.1
Host: r.trackwilltrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poweredby.jads.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 27 Nov 2023 23:01:53 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: uid=aYP2rE9-Mp; Path=/; Domain=trackwilltrk.com; Expires=Tue, 28 Nov 2023 23:01:53 GMT; HttpOnly
X-Request-Id: 77a9ba92-fd0b-4447-aa2f-ba79c109dec2
Content-Encoding: gzip

displeaseddietstair.com/ntv.json?key=b8b73dce4dd569d1ae1f0e0c576ef179&vstc=4

173.233.137.44

200 OK

18 kB

URL GET HTTP/1.1
displeaseddietstair.com/ntv.json?key=b8b73dce4dd569d1ae1f0e0c576ef179&vstc=4
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerLet's Encrypt
Subjectdispleaseddietstair.com
Fingerprint09:3D:95:76:F0:3E:68:B5:44:D5:BD:81:1D:67:75:85:F0:3D:8B:ED
ValidityTue, 07 Nov 2023 08:00:28 GMT - Mon, 05 Feb 2024 08:00:27 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (18392), with no line terminators
Size
18 kB (18414 bytes)
Hash
40ef9843d2512125548f69441cca7d8e
c35c9dc83b5439c7195d8f7faa469a615cb92145
5ca6e22e81ad262f9d76804900feb9beac44e34f80703b09ab1fe258f4cc674b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ntv.json?key=b8b73dce4dd569d1ae1f0e0c576ef179&vstc=4 HTTP/1.1
Host: displeaseddietstair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://de.hentai-gif-anime.com
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 27 Nov 2023 23:01:53 GMT
Content-Type: application/json
Content-Length: 18414
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://de.hentai-gif-anime.com
Access-Control-Allow-Origin: https://de.hentai-gif-anime.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16486611; expires=Tue, 28 Nov 2023 23:01:53 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 28 Nov 2023 23:01:53 GMT; secure; SameSite=None
uncs=1; expires=Tue, 28 Nov 2023 23:01:53 GMT; secure; SameSite=None
pdhtkv49=true; expires=Tue, 28 Nov 2023 23:01:53 GMT; secure; SameSite=None
uncs49=1; expires=Tue, 28 Nov 2023 23:01:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 09701e2baa7b021d4ff9ee222400c4c4
Strict-Transport-Security: max-age=0; includeSubdomains

192.243.59.20

0 B

URL
compensationstout.com/watch.1134690932023.js?key=c56a3a0d78064cdb8bd27f6995fe3f3a&kw=%5B%22kagaku%22%2C%22na%22%2C%22yatsura%22%2C%22gifs%22%2C%22part%22%2C%2247%22%2C%22-%22%2C%22hentai%22%2C%22gif%22%5D&refer=https%3A%2F%2Fde.hentai-gif-anime.com%2Fimage%2Fkagaku-na-yatsura-gifs-47%2F&tz=0&dev=e&res=14.3095&uuid=9f539ebe-20f7-46e8-afaf-f3161e954842%3A1%3A1
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1134690932023.js?key=c56a3a0d78064cdb8bd27f6995fe3f3a&kw=%5B%22kagaku%22%2C%22na%22%2C%22yatsura%22%2C%22gifs%22%2C%22part%22%2C%2247%22%2C%22-%22%2C%22hentai%22%2C%22gif%22%5D&refer=https%3A%2F%2Fde.hentai-gif-anime.com%2Fimage%2Fkagaku-na-yatsura-gifs-47%2F&tz=0&dev=e&res=14.3095&uuid=9f539ebe-20f7-46e8-afaf-f3161e954842%3A1%3A1 HTTP/1.1
Host: compensationstout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://de.hentai-gif-anime.com
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 27 Nov 2023 23:01:53 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://de.hentai-gif-anime.com
Access-Control-Allow-Origin: https://de.hentai-gif-anime.com
Access-Control-Allow-Credentials: true
Location: https://compensationstout.com/watch.1134690932023.js?key=c56a3a0d78064cdb8bd27f6995fe3f3a&kw=%5B%22kagaku%22%2C%22na%22%2C%22yatsura%22%2C%22gifs%22%2C%22part%22%2C%2247%22%2C%22-%22%2C%22hentai%22%2C%22gif%22%5D&refer=https%3A%2F%2Fde.hentai-gif-anime.com%2Fimage%2Fkagaku-na-yatsura-gifs-47%2F&tz=0&dev=e&res=14.3095&uuid=9f539ebe-20f7-46e8-afaf-f3161e954842%3A1%3A1&shu=d4510f6c1e856ccbae24bb34ca4e5cae9bbe81a20ade799ef58c345f0994b65ec9cae72326d8330092fae5fc7ad9e1fbd7117cbaa0ec2d02078b9cb21cacf6c3725f691456c9b14f87ac22b472bd3f1b19f16651b4208a077de02dd5923e26&pst=1701126173&rmtc=t
Set-Cookie: u_pl=16486569; expires=Tue, 28 Nov 2023 23:01:53 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQ4NjU2OSwiayI6ImM1NmEzYTBkNzgwNjRjZGI4YmQyN2Y2OTk1ZmUzZjNhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjE5MzkwLCJwaWQiOjE0MjQ1NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJ6cXF3dHFyZ2JpIiwiY3BrcyI6eyIyOCI6ImEzZThkYzFlZGVjNDU5M2JiNmViMTgwMGY5OGQ3MTIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2RlLmhlbnRhaS1naWYtYW5pbWUuY29tL2ltYWdlL2thZ2FrdS1uYS15YXRzdXJhLWdpZnMtNDcvIn19.WNdtTzD4bHaBWv5U-azacoo_Z4Rv3XYcO4Zbk5C1IHI; expires=Mon, 27 Nov 2023 23:02:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: de05c8a9641ed93e55f18b538a1431a0
Strict-Transport-Security: max-age=0; includeSubdomains

banquetunarmedgrater.com/advertisers.js

104.21.86.121

200 OK

0 B

URL GET HTTP/2
banquetunarmedgrater.com/advertisers.js
IP
104.21.86.121:443
ASN
#13335 CLOUDFLARENET

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerGoogle Trust Services LLC
Subjectbanquetunarmedgrater.com
Fingerprint92:8E:AD:72:AC:AD:3B:21:99:CD:21:A0:9F:BD:F2:AF:0D:98:D8:57
ValidityThu, 09 Nov 2023 11:40:15 GMT - Wed, 07 Feb 2024 11:40:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:53 GMT
content-type: application/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=172800
x-request-id: 495ccc27c5f06b6107db94911454173f
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 27 Nov 2023 23:01:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57RE3NH%2F%2FhcbLkzhCDRU1SouTfByo%2FBA6pUUtqP9NleKrfipr9gUPLKC7xpea6nPjhXMXrzI6rsuv7gAxwyjwONlTWnWnr%2BgWlP9sEY8flqcXoS3deYvJTJphPsqunr27eO2KB02uhc18X0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfee1cbddb4ee-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

go.bbrdbr.com/i?campaignId=728cps2asgirl&creativeId=728cps2asgirl&tag=girls/asian&sourceId=728cps2asgirl&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&showButton=1&showModelName=1&showTitle=1&showLiveBadge=1&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}&landing=WidgetV4Universal

104.18.59.150

0 B

URL
go.bbrdbr.com/i?campaignId=728cps2asgirl&creativeId=728cps2asgirl&tag=girls/asian&sourceId=728cps2asgirl&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&showButton=1&showModelName=1&showTitle=1&showLiveBadge=1&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}&landing=WidgetV4Universal
IP
104.18.59.150:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /i?campaignId=728cps2asgirl&creativeId=728cps2asgirl&tag=girls/asian&sourceId=728cps2asgirl&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&showButton=1&showModelName=1&showTitle=1&showLiveBadge=1&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}&landing=WidgetV4Universal HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.trackwilltrk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 27 Nov 2023 23:01:53 GMT
content-length: 0
location: https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDFRFiBZBvMSLtrth8k2gcTaYMvv7YUV5kZDznVBz; SameSite=None; Secure; path=/; expires=Tue, 28-Nov-23 23:01:53 GMT; HttpOnly
server: cloudflare
cf-ray: 82cdfee248ca7129-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

grannyblowdos.com/pixel/nvwbdp?key=b8b73dce4dd569d1ae1f0e0c576ef179

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
grannyblowdos.com/pixel/nvwbdp?key=b8b73dce4dd569d1ae1f0e0c576ef179
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerLet's Encrypt
Subjectgrannyblowdos.com
Fingerprint55:02:7C:92:B3:93:88:91:F6:F4:E7:2E:E6:C4:3F:BE:25:2C:FA:DF
ValidityTue, 07 Nov 2023 07:40:13 GMT - Mon, 05 Feb 2024 07:40:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/nvwbdp?key=b8b73dce4dd569d1ae1f0e0c576ef179 HTTP/1.1
Host: grannyblowdos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 27 Nov 2023 23:01:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

104.18.59.150

0 B

URL
go.bbrdbr.com/i?campaignId=728cps2asgirl&creativeId=728cps2asgirl&tag=girls/asian&sourceId=728cps2asgirl&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&showButton=1&showModelName=1&showTitle=1&showLiveBadge=1&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}&landing=WidgetV4Universal
IP
104.18.59.150:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /i?campaignId=728cps2asgirl&creativeId=728cps2asgirl&tag=girls/asian&sourceId=728cps2asgirl&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&showButton=1&showModelName=1&showTitle=1&showLiveBadge=1&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}&landing=WidgetV4Universal HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.trackwilltrk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 27 Nov 2023 23:01:53 GMT
content-length: 0
location: https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28upDCGznfDm9XVE9SipefN9YVHPpfCMWbLjejdEc; SameSite=None; Secure; path=/; expires=Tue, 28-Nov-23 23:01:53 GMT; HttpOnly
server: cloudflare
cf-ray: 82cdfee268e77129-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

circumstantialplatoon.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRSeDUdDGkAU0MBJNCAl59378flIEQghKCLYzg9yPbszex48O7PM7N6eXVlEoJQnQQFU6%2B%2FsWISAsAQSDQit01iWkLwUyAWWECVUBNIgIbSXkw6eNN97b75XfN%2BbeX8rPSEuUnq8%2FKbeEFLSuU7Drb%2BwIhTTma0v3qh7bsM9V18Rar59rj6swAxe8txOw32x%2FjoP1vRc0%2FVc13O9%2BiVheKiHcxMWIr7b8xo9t9FuNrxOG0Pz%2F96mDix1wAYn5EkIVj66erAHERRQ0ZcXuV1LdHzmtSiVNNEGA7b7llpTOlOIZmVoHIRqdzoNbUtCPjoFrXanDqAH25UD%2BKIkzk8efLU7lQl%2FsPNQqS%2FBFXx2GtmgAJcFBC0Q6JsQ7IgAAcPiElR0e1GbjK4%2FZGnFlqT24D5EVpLaz09BRV9ckGJYv65lmgitLIZhDjEsIPoF4nQfyYYDke0jSN6FYD%2BQuQdXoKLtJSs1BMsn7oUoIMICko9ArYO0OsJBGjpIYwcRO67TTi903W7oh63WQjsIglYrCDoL86zDWu2F0EUaVPJGSOIRAjlCYDYRm02siQ9KQg5%2BPSJ3jsgYJv0edjWHZQ5sUhLn6iYGLEfGCTJLkFGCTBBkCUE2yHeYtE2b32bSpr43zc1pbuVjnfS36I5O%2BlyRrfiEPDFZ0d%2BjH7HGj%2Bv%2Bgt9tsYC3GevM95hHuRe63A063Xkeet0erMgh7KmJ6w1Rkqe%2F%2Fg6xKMmpM0P4dB9W7iMQj4OmHmg27jZd0NVxe8HFhvpqlauEirN9EZ6lSkS8EegITOeIkxqSdWdLnpBnJnpevvcHeHB4fu%2B395795urvCEyO2OR4W9wj6Mtb42s6I9vXdGbJ3lKciEhs0Oo5ryc04Y%2FceYOvZ9qwyxft6NNXgoqoyrs3uE2uUMWE6lvy2QXBGDeXtAk4%2BfayXeH%2BcmpXL6RGpfGV5VcvXY5iw60VWhWgoiSkeAeBKMnpf%2BLJV33efg5hCpg0R5QekmlA6AJBvAkbz%2FRbTWDkbMaPHWRpPjZNf3YpBYHks576Oex%2Fen9Wb9lb6JsaaHITKsoxMDkGMgeVI9j0sXESm8PzBx9X8Ql8WRv70tS2fWnkh5PlVvBXBX9WcB9WHNd5J3RD7ja5H%2Fb8sEtd1gvbPZ%2F2PN71O9RDYkvOn%2FvlXwAAAP%2F%2FAQAA%2F%2F%2FcEodQkQQAAA%3D%3D

173.233.137.52

200 OK

7 B

URL GET HTTP/1.1
circumstantialplatoon.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRSeDUdDGkAU0MBJNCAl59378flIEQghKCLYzg9yPbszex48O7PM7N6eXVlEoJQnQQFU6%2B%2FsWISAsAQSDQit01iWkLwUyAWWECVUBNIgIbSXkw6eNN97b75XfN%2BbeX8rPSEuUnq8%2FKbeEFLSuU7Drb%2BwIhTTma0v3qh7bsM9V18Rar59rj6swAxe8txOw32x%2FjoP1vRc0%2FVc13O9%2BiVheKiHcxMWIr7b8xo9t9FuNrxOG0Pz%2F96mDix1wAYn5EkIVj66erAHERRQ0ZcXuV1LdHzmtSiVNNEGA7b7llpTOlOIZmVoHIRqdzoNbUtCPjoFrXanDqAH25UD%2BKIkzk8efLU7lQl%2FsPNQqS%2FBFXx2GtmgAJcFBC0Q6JsQ7IgAAcPiElR0e1GbjK4%2FZGnFlqT24D5EVpLaz09BRV9ckGJYv65lmgitLIZhDjEsIPoF4nQfyYYDke0jSN6FYD%2BQuQdXoKLtJSs1BMsn7oUoIMICko9ArYO0OsJBGjpIYwcRO67TTi903W7oh63WQjsIglYrCDoL86zDWu2F0EUaVPJGSOIRAjlCYDYRm02siQ9KQg5%2BPSJ3jsgYJv0edjWHZQ5sUhLn6iYGLEfGCTJLkFGCTBBkCUE2yHeYtE2b32bSpr43zc1pbuVjnfS36I5O%2BlyRrfiEPDFZ0d%2BjH7HGj%2Bv%2Bgt9tsYC3GevM95hHuRe63A063Xkeet0erMgh7KmJ6w1Rkqe%2F%2Fg6xKMmpM0P4dB9W7iMQj4OmHmg27jZd0NVxe8HFhvpqlauEirN9EZ6lSkS8EegITOeIkxqSdWdLnpBnJnpevvcHeHB4fu%2B395795urvCEyO2OR4W9wj6Mtb42s6I9vXdGbJ3lKciEhs0Oo5ryc04Y%2FceYOvZ9qwyxft6NNXgoqoyrs3uE2uUMWE6lvy2QXBGDeXtAk4%2BfayXeH%2BcmpXL6RGpfGV5VcvXY5iw60VWhWgoiSkeAeBKMnpf%2BLJV33efg5hCpg0R5QekmlA6AJBvAkbz%2FRbTWDkbMaPHWRpPjZNf3YpBYHks576Oex%2Fen9Wb9lb6JsaaHITKsoxMDkGMgeVI9j0sXESm8PzBx9X8Ql8WRv70tS2fWnkh5PlVvBXBX9WcB9WHNd5J3RD7ja5H%2Fb8sEtd1gvbPZ%2F2PN71O9RDYkvOn%2FvlXwAAAP%2F%2FAQAA%2F%2F%2FcEodQkQQAAA%3D%3D
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerLet's Encrypt
Subjectcircumstantialplatoon.com
Fingerprint21:4C:19:A1:5F:8C:21:03:61:98:4C:18:28:B5:30:5A:48:99:04:AB
ValiditySat, 25 Nov 2023 08:05:28 GMT - Fri, 23 Feb 2024 08:05:27 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRSeDUdDGkAU0MBJNCAl59378flIEQghKCLYzg9yPbszex48O7PM7N6eXVlEoJQnQQFU6%2B%2FsWISAsAQSDQit01iWkLwUyAWWECVUBNIgIbSXkw6eNN97b75XfN%2BbeX8rPSEuUnq8%2FKbeEFLSuU7Drb%2BwIhTTma0v3qh7bsM9V18Rar59rj6swAxe8txOw32x%2FjoP1vRc0%2FVc13O9%2BiVheKiHcxMWIr7b8xo9t9FuNrxOG0Pz%2F96mDix1wAYn5EkIVj66erAHERRQ0ZcXuV1LdHzmtSiVNNEGA7b7llpTOlOIZmVoHIRqdzoNbUtCPjoFrXanDqAH25UD%2BKIkzk8efLU7lQl%2FsPNQqS%2FBFXx2GtmgAJcFBC0Q6JsQ7IgAAcPiElR0e1GbjK4%2FZGnFlqT24D5EVpLaz09BRV9ckGJYv65lmgitLIZhDjEsIPoF4nQfyYYDke0jSN6FYD%2BQuQdXoKLtJSs1BMsn7oUoIMICko9ArYO0OsJBGjpIYwcRO67TTi903W7oh63WQjsIglYrCDoL86zDWu2F0EUaVPJGSOIRAjlCYDYRm02siQ9KQg5%2BPSJ3jsgYJv0edjWHZQ5sUhLn6iYGLEfGCTJLkFGCTBBkCUE2yHeYtE2b32bSpr43zc1pbuVjnfS36I5O%2BlyRrfiEPDFZ0d%2BjH7HGj%2Bv%2Bgt9tsYC3GevM95hHuRe63A063Xkeet0erMgh7KmJ6w1Rkqe%2F%2Fg6xKMmpM0P4dB9W7iMQj4OmHmg27jZd0NVxe8HFhvpqlauEirN9EZ6lSkS8EegITOeIkxqSdWdLnpBnJnpevvcHeHB4fu%2B395795urvCEyO2OR4W9wj6Mtb42s6I9vXdGbJ3lKciEhs0Oo5ryc04Y%2FceYOvZ9qwyxft6NNXgoqoyrs3uE2uUMWE6lvy2QXBGDeXtAk4%2BfayXeH%2BcmpXL6RGpfGV5VcvXY5iw60VWhWgoiSkeAeBKMnpf%2BLJV33efg5hCpg0R5QekmlA6AJBvAkbz%2FRbTWDkbMaPHWRpPjZNf3YpBYHks576Oex%2Fen9Wb9lb6JsaaHITKsoxMDkGMgeVI9j0sXESm8PzBx9X8Ql8WRv70tS2fWnkh5PlVvBXBX9WcB9WHNd5J3RD7ja5H%2Fb8sEtd1gvbPZ%2F2PN71O9RDYkvOn%2FvlXwAAAP%2F%2FAQAA%2F%2F%2FcEodQkQQAAA%3D%3D HTTP/1.1
Host: circumstantialplatoon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 27 Nov 2023 23:01:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 78a232d890cb213e7a7390e89fcfdb0d
Strict-Transport-Security: max-age=0; includeSubdomains

respectableinjurefortunate.com/pixel/purst?dl=0&th=0&sc=0&rs=1675&rd=1675&fd=1162&bv=23.11.v.7&tmpl=70

173.233.139.164

200 OK

0 B

URL GET HTTP/1.1
respectableinjurefortunate.com/pixel/purst?dl=0&th=0&sc=0&rs=1675&rd=1675&fd=1162&bv=23.11.v.7&tmpl=70
IP
173.233.139.164:443
ASN
#7979 SERVERS-COM

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerLet's Encrypt
Subjectrespectableinjurefortunate.com
Fingerprint67:71:99:9F:7F:10:53:5D:93:31:75:F7:67:1B:7B:C2:5C:C0:59:40
ValiditySat, 25 Nov 2023 08:02:01 GMT - Fri, 23 Feb 2024 08:02:00 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1675&rd=1675&fd=1162&bv=23.11.v.7&tmpl=70 HTTP/1.1
Host: respectableinjurefortunate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 27 Nov 2023 23:01:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

192.243.59.13

307 Temporary Redirect

0 B

URL GET HTTP/1.1
mothwetcheater.com/watch.888152582863.js?key=466a4a49f3d5ab80a19d25d71d1aea47&kw=%5B%22kagaku%22%2C%22na%22%2C%22yatsura%22%2C%22gifs%22%2C%22part%22%2C%2247%22%2C%22-%22%2C%22hentai%22%2C%22gif%22%5D&refer=https%3A%2F%2Fde.hentai-gif-anime.com%2Fimage%2Fkagaku-na-yatsura-gifs-47%2F&tz=0&dev=e&res=14.3095&uuid=9f539ebe-20f7-46e8-afaf-f3161e954842%3A1%3A1
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerLet's Encrypt
Subjectmothwetcheater.com
FingerprintF1:9C:43:65:44:BC:E7:E8:83:A6:06:D7:16:D2:E0:93:A9:9C:2D:99
ValidityTue, 07 Nov 2023 07:43:43 GMT - Mon, 05 Feb 2024 07:43:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.888152582863.js?key=466a4a49f3d5ab80a19d25d71d1aea47&kw=%5B%22kagaku%22%2C%22na%22%2C%22yatsura%22%2C%22gifs%22%2C%22part%22%2C%2247%22%2C%22-%22%2C%22hentai%22%2C%22gif%22%5D&refer=https%3A%2F%2Fde.hentai-gif-anime.com%2Fimage%2Fkagaku-na-yatsura-gifs-47%2F&tz=0&dev=e&res=14.3095&uuid=9f539ebe-20f7-46e8-afaf-f3161e954842%3A1%3A1 HTTP/1.1
Host: mothwetcheater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://de.hentai-gif-anime.com
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 27 Nov 2023 23:01:53 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://de.hentai-gif-anime.com
Access-Control-Allow-Origin: https://de.hentai-gif-anime.com
Access-Control-Allow-Credentials: true
Location: https://mothwetcheater.com/watch.888152582863.js?key=466a4a49f3d5ab80a19d25d71d1aea47&kw=%5B%22kagaku%22%2C%22na%22%2C%22yatsura%22%2C%22gifs%22%2C%22part%22%2C%2247%22%2C%22-%22%2C%22hentai%22%2C%22gif%22%5D&refer=https%3A%2F%2Fde.hentai-gif-anime.com%2Fimage%2Fkagaku-na-yatsura-gifs-47%2F&tz=0&dev=e&res=14.3095&uuid=9f539ebe-20f7-46e8-afaf-f3161e954842%3A1%3A1&shu=d8e160da77f5241610255fbcb2464ef6265b61be37bad491819b805c7eeb7afcc0605c0eebc82fb508193bd26685ebc3a76be3ef05c28bafed88fd6ebe5f9be529d15cf13a544000164f9d8e274b172e259593ac54c1a036df1b00c85d30c5&pst=1701126173&rmtc=t
Set-Cookie: u_pl=16485857; expires=Tue, 28 Nov 2023 23:01:53 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQ4NTg1NywiayI6IjQ2NmE0YTQ5ZjNkNWFiODBhMTlkMjVkNzFkMWFlYTQ3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjE5MzkwLCJwaWQiOjE0MjQ1NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyNSwicHQiOjQsInBrIjoicThmcTNpcnNqIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZGUuaGVudGFpLWdpZi1hbmltZS5jb20vaW1hZ2Uva2FnYWt1LW5hLXlhdHN1cmEtZ2lmcy00Ny8ifX0.5TS0JJZgvto6xYNXjFWbiHLcnIg2nhRcdxRUaEPLYPs; expires=Mon, 27 Nov 2023 23:02:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1645570e9d377192163aa6a86fab38cc
Strict-Transport-Security: max-age=0; includeSubdomains

circumstantialplatoon.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkxR%2Btzn%2F%2BF%2Fei4kEvOuBlF3Yn3fORybiHaFwjwZhkPyQXL9Vd1ZMy1V1tVff0JKfgouzNAT2op86bZINrWAwoeFGks5cQENIeJAcD4lFPrrsXQaQnA9Ef1O%2Bj3u%2Fw3qv6YCs5JTYSerL8ptoQUtLJVs2uXlwRIVOpqS7eqjp2zb5aXRHhVPNqtV8m3XvJsVs1%2B1L1de6tqcm67di2YzvVOaG5r%2FqTIxQi2us4tY5da9ZrTquJvv7vbBILhlpgvVPyNAQr%2Fr96uA%2Fh5QiDL69xsxar6PJrQSJprDR6bPetcC1UaYjgvPW1BT%2FcHW9DmYKQTyagwt2xAqjedqkAriiI9ZMDN9wd04Tb2zlj6krwEC67gLSXg8scgubw1G0IdkwAj2FxCWFwd1HplK6fobREC1J5%2FBAiLUjl52cQBvdnpehXbyqZxEKFBn0%2Fg%2BjnEN0cUXKAeMOCSA%2Fgxe9BsB%2FI5OMFhMH2kpEKgmUj9ULkEH4OyQegxkJSHmEh8S0kkYWAnVRpq%2BPbdtt3%2FUZjuul5XqPhea3pKdZijea0byPxSnoDxNEAnhzA05uI9CbWxEcFIYe%2FHpN7x2QInXwPs5rBMAsmLoh1fRM9liHlBKkhSClBKgjSmCDtZTtMmrrJ7jJpEtcZ1%2Fq4NrKhirtbdEfFXR6SreiUPDWy6K%2FBj1jjJ1V32m03mMebjLWmOsyh3PFtbnut9hT3nXYHRmQQZmKkekMU5Nmvv0MkCjJxuQ%2BXHsDIA3jiSdDEAU2H7boNujpsTtvYCL9a5WFMxZWu8K%2FQUAS85qkATGWI4gridWtLnpLnRnxefvAQ3Dua2f%2Ft%2Fee%2Fuf47PJ0h0hneEQ8IuvLO8IZKyfYNlRqyvxTFIhAbtHzOmzGN%2Bf%2FuvcHXU6XZ%2FDUz%2BPwVrwTKdu8WN%2FECDZkIu4Z8MSsY43pOaY%2BTb%2BfNCneXE7M6m%2BgwiRaWX52bDyLNjREqzEFFQUj%2BLjxRkAt%2FR6Ov%2BqK5D6Fz6CRDkByRcUCoHF60CRMdzexdfJR%2F%2BPYlGEWg5fmOG1WQJtlQ193zSykIJD%2BfqZvB%2FGt2z%2FstcwddXQGNbyMMMvR0hp7MQOUAJnliGEf6aObw0zI%2BgysrQ1fqyrYrtfy4NPePMj0q059nXhtxUuUt3%2Fa5Xeeu33H9NrVZx292XNpxeNttUQexKTh%2F4Zd%2FAAAA%2F%2F8BAAD%2F%2F8u9xGuRBAAA

173.233.137.52

7 B

URL
circumstantialplatoon.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkxR%2Btzn%2F%2BF%2Fei4kEvOuBlF3Yn3fORybiHaFwjwZhkPyQXL9Vd1ZMy1V1tVff0JKfgouzNAT2op86bZINrWAwoeFGks5cQENIeJAcD4lFPrrsXQaQnA9Ef1O%2Bj3u%2Fw3qv6YCs5JTYSerL8ptoQUtLJVs2uXlwRIVOpqS7eqjp2zb5aXRHhVPNqtV8m3XvJsVs1%2B1L1de6tqcm67di2YzvVOaG5r%2FqTIxQi2us4tY5da9ZrTquJvv7vbBILhlpgvVPyNAQr%2Fr96uA%2Fh5QiDL69xsxar6PJrQSJprDR6bPetcC1UaYjgvPW1BT%2FcHW9DmYKQTyagwt2xAqjedqkAriiI9ZMDN9wd04Tb2zlj6krwEC67gLSXg8scgubw1G0IdkwAj2FxCWFwd1HplK6fobREC1J5%2FBAiLUjl52cQBvdnpehXbyqZxEKFBn0%2Fg%2BjnEN0cUXKAeMOCSA%2Fgxe9BsB%2FI5OMFhMH2kpEKgmUj9ULkEH4OyQegxkJSHmEh8S0kkYWAnVRpq%2BPbdtt3%2FUZjuul5XqPhea3pKdZijea0byPxSnoDxNEAnhzA05uI9CbWxEcFIYe%2FHpN7x2QInXwPs5rBMAsmLoh1fRM9liHlBKkhSClBKgjSmCDtZTtMmrrJ7jJpEtcZ1%2Fq4NrKhirtbdEfFXR6SreiUPDWy6K%2FBj1jjJ1V32m03mMebjLWmOsyh3PFtbnut9hT3nXYHRmQQZmKkekMU5Nmvv0MkCjJxuQ%2BXHsDIA3jiSdDEAU2H7boNujpsTtvYCL9a5WFMxZWu8K%2FQUAS85qkATGWI4gridWtLnpLnRnxefvAQ3Dua2f%2Ft%2Fee%2Fuf47PJ0h0hneEQ8IuvLO8IZKyfYNlRqyvxTFIhAbtHzOmzGN%2Bf%2FuvcHXU6XZ%2FDUz%2BPwVrwTKdu8WN%2FECDZkIu4Z8MSsY43pOaY%2BTb%2BfNCneXE7M6m%2BgwiRaWX52bDyLNjREqzEFFQUj%2BLjxRkAt%2FR6Ov%2BqK5D6Fz6CRDkByRcUCoHF60CRMdzexdfJR%2F%2BPYlGEWg5fmOG1WQJtlQ193zSykIJD%2BfqZvB%2FGt2z%2FstcwddXQGNbyMMMvR0hp7MQOUAJnliGEf6aObw0zI%2BgysrQ1fqyrYrtfy4NPePMj0q059nXhtxUuUt3%2Fa5Xeeu33H9NrVZx292XNpxeNttUQexKTh%2F4Zd%2FAAAA%2F%2F8BAAD%2F%2F8u9xGuRBAAA
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkxR%2Btzn%2F%2BF%2Fei4kEvOuBlF3Yn3fORybiHaFwjwZhkPyQXL9Vd1ZMy1V1tVff0JKfgouzNAT2op86bZINrWAwoeFGks5cQENIeJAcD4lFPrrsXQaQnA9Ef1O%2Bj3u%2Fw3qv6YCs5JTYSerL8ptoQUtLJVs2uXlwRIVOpqS7eqjp2zb5aXRHhVPNqtV8m3XvJsVs1%2B1L1de6tqcm67di2YzvVOaG5r%2FqTIxQi2us4tY5da9ZrTquJvv7vbBILhlpgvVPyNAQr%2Fr96uA%2Fh5QiDL69xsxar6PJrQSJprDR6bPetcC1UaYjgvPW1BT%2FcHW9DmYKQTyagwt2xAqjedqkAriiI9ZMDN9wd04Tb2zlj6krwEC67gLSXg8scgubw1G0IdkwAj2FxCWFwd1HplK6fobREC1J5%2FBAiLUjl52cQBvdnpehXbyqZxEKFBn0%2Fg%2BjnEN0cUXKAeMOCSA%2Fgxe9BsB%2FI5OMFhMH2kpEKgmUj9ULkEH4OyQegxkJSHmEh8S0kkYWAnVRpq%2BPbdtt3%2FUZjuul5XqPhea3pKdZijea0byPxSnoDxNEAnhzA05uI9CbWxEcFIYe%2FHpN7x2QInXwPs5rBMAsmLoh1fRM9liHlBKkhSClBKgjSmCDtZTtMmrrJ7jJpEtcZ1%2Fq4NrKhirtbdEfFXR6SreiUPDWy6K%2FBj1jjJ1V32m03mMebjLWmOsyh3PFtbnut9hT3nXYHRmQQZmKkekMU5Nmvv0MkCjJxuQ%2BXHsDIA3jiSdDEAU2H7boNujpsTtvYCL9a5WFMxZWu8K%2FQUAS85qkATGWI4gridWtLnpLnRnxefvAQ3Dua2f%2Ft%2Fee%2Fuf47PJ0h0hneEQ8IuvLO8IZKyfYNlRqyvxTFIhAbtHzOmzGN%2Bf%2FuvcHXU6XZ%2FDUz%2BPwVrwTKdu8WN%2FECDZkIu4Z8MSsY43pOaY%2BTb%2BfNCneXE7M6m%2BgwiRaWX52bDyLNjREqzEFFQUj%2BLjxRkAt%2FR6Ov%2BqK5D6Fz6CRDkByRcUCoHF60CRMdzexdfJR%2F%2BPYlGEWg5fmOG1WQJtlQ193zSykIJD%2BfqZvB%2FGt2z%2FstcwddXQGNbyMMMvR0hp7MQOUAJnliGEf6aObw0zI%2BgysrQ1fqyrYrtfy4NPePMj0q059nXhtxUuUt3%2Fa5Xeeu33H9NrVZx292XNpxeNttUQexKTh%2F4Zd%2FAAAA%2F%2F8BAAD%2F%2F8u9xGuRBAAA HTTP/1.1
Host: circumstantialplatoon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 27 Nov 2023 23:01:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ae3541069701994a6af326b77ecfd271
Strict-Transport-Security: max-age=0; includeSubdomains

compensationstout.com/watch.1134690932023.js?key=c56a3a0d78064cdb8bd27f6995fe3f3a&kw=%5B%22kagaku%22%2C%22na%22%2C%22yatsura%22%2C%22gifs%22%2C%22part%22%2C%2247%22%2C%22-%22%2C%22hentai%22%2C%22gif%22%5D&refer=https%3A%2F%2Fde.hentai-gif-anime.com%2Fimage%2Fkagaku-na-yatsura-gifs-47%2F&tz=0&dev=e&res=14.3095&uuid=9f539ebe-20f7-46e8-afaf-f3161e954842%3A1%3A1&shu=d4510f6c1e856ccbae24bb34ca4e5cae9bbe81a20ade799ef58c345f0994b65ec9cae72326d8330092fae5fc7ad9e1fbd7117cbaa0ec2d02078b9cb21cacf6c3725f691456c9b14f87ac22b472bd3f1b19f16651b4208a077de02dd5923e26&pst=1701126173&rmtc=t

192.243.59.20

200 OK

2.5 kB

URL GET HTTP/1.1
compensationstout.com/watch.1134690932023.js?key=c56a3a0d78064cdb8bd27f6995fe3f3a&kw=%5B%22kagaku%22%2C%22na%22%2C%22yatsura%22%2C%22gifs%22%2C%22part%22%2C%2247%22%2C%22-%22%2C%22hentai%22%2C%22gif%22%5D&refer=https%3A%2F%2Fde.hentai-gif-anime.com%2Fimage%2Fkagaku-na-yatsura-gifs-47%2F&tz=0&dev=e&res=14.3095&uuid=9f539ebe-20f7-46e8-afaf-f3161e954842%3A1%3A1&shu=d4510f6c1e856ccbae24bb34ca4e5cae9bbe81a20ade799ef58c345f0994b65ec9cae72326d8330092fae5fc7ad9e1fbd7117cbaa0ec2d02078b9cb21cacf6c3725f691456c9b14f87ac22b472bd3f1b19f16651b4208a077de02dd5923e26&pst=1701126173&rmtc=t
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerLet's Encrypt
Subjectcompensationstout.com
Fingerprint17:BF:27:E7:23:98:98:B0:17:8B:A9:3C:F5:EF:87:33:A0:B6:02:7C
ValidityTue, 07 Nov 2023 07:48:03 GMT - Mon, 05 Feb 2024 07:48:02 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (3166)
Size
2.5 kB (2475 bytes)
Hash
3f31620190a2ca9e5c9300bf94c7acf6
e9956e39bf4c07d67fbdf1914dcef31f5cbd556e
8fced8c9dda915ada53020feb1b43144bd3bf9c7074d64852ccc492bee52bfe7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1134690932023.js?key=c56a3a0d78064cdb8bd27f6995fe3f3a&kw=%5B%22kagaku%22%2C%22na%22%2C%22yatsura%22%2C%22gifs%22%2C%22part%22%2C%2247%22%2C%22-%22%2C%22hentai%22%2C%22gif%22%5D&refer=https%3A%2F%2Fde.hentai-gif-anime.com%2Fimage%2Fkagaku-na-yatsura-gifs-47%2F&tz=0&dev=e&res=14.3095&uuid=9f539ebe-20f7-46e8-afaf-f3161e954842%3A1%3A1&shu=d4510f6c1e856ccbae24bb34ca4e5cae9bbe81a20ade799ef58c345f0994b65ec9cae72326d8330092fae5fc7ad9e1fbd7117cbaa0ec2d02078b9cb21cacf6c3725f691456c9b14f87ac22b472bd3f1b19f16651b4208a077de02dd5923e26&pst=1701126173&rmtc=t HTTP/1.1
Host: compensationstout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://de.hentai-gif-anime.com
Referer: https://de.hentai-gif-anime.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=16486569; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQ4NjU2OSwiayI6ImM1NmEzYTBkNzgwNjRjZGI4YmQyN2Y2OTk1ZmUzZjNhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjE5MzkwLCJwaWQiOjE0MjQ1NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJ6cXF3dHFyZ2JpIiwiY3BrcyI6eyIyOCI6ImEzZThkYzFlZGVjNDU5M2JiNmViMTgwMGY5OGQ3MTIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2RlLmhlbnRhaS1naWYtYW5pbWUuY29tL2ltYWdlL2thZ2FrdS1uYS15YXRzdXJhLWdpZnMtNDcvIn19.WNdtTzD4bHaBWv5U-azacoo_Z4Rv3XYcO4Zbk5C1IHI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 27 Nov 2023 23:01:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://de.hentai-gif-anime.com
Access-Control-Allow-Origin: https://de.hentai-gif-anime.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=9f539ebe-20f7-46e8-afaf-f3161e954842:1:1; expires=Mon, 04 Dec 2023 23:01:53 GMT; secure; SameSite=None
iprcd7b5af9e8e0ee73279d99ba8da199b61=3569681; expires=Tue, 28 Nov 2023 03:01:53 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 28 Nov 2023 23:01:53 GMT; secure; SameSite=None
uncs=1; expires=Tue, 28 Nov 2023 23:01:53 GMT; secure; SameSite=None
pdhtkv5=true; expires=Tue, 28 Nov 2023 23:01:53 GMT; secure; SameSite=None
uncs5=1; expires=Tue, 28 Nov 2023 23:01:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bed6588c40fc2bda7a939bbd4367e177
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

circumstantialplatoon.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSPWwcxR%2Bdzf%2F%2BDWkAUUADJ9EkUnLevQ%2FfHSkCIQRFhHyjNDSzM7PnwbM7y8zu7dmVRQRKx0lQANX6nR2LYEVYAokGhNZpLEtIXgrkAkuIEipC0iAhtOeTDD9pfh%2FzfsV7b%2BaD1fSAuEjp%2FtU39bJUis51Gm79xC0ZcZ3Z%2BuWbdc9tuGfqt2Q03z5TH1XJDF%2Fy3E7DPVl%2FXbBFPdd0Pdf1XK9%2BQRoR6NHcFIWMN%2Fteo%2B822s2G12ljZP4729SBpQ748IA8DcnL%2Fy%2FsbEGyAlH45XlhFxMdn3otTBVNtMGQb7wVLUY6ixAetYFxEEQbs21oWxLyyTHoaGOmAHq4VimAL0vi%2FOTBjzZmNOEP1w%2BZ%2Bgoigs%2BPIxsWEKqApAWYvg3J9wjAOC5fQRTevaxNRpcOUVqhJak9fgiZlaT28zOIwvvnlBzVb2iVJlJHFqMghxwVkIMCcbqNZNmBzLbBkvcg%2BQ9k7vElROHaFas0JM%2Bn6qUsIIMCSoxBrYO0OtJBGjhIYwch36%2FTTj9w3W7gB61Wr80Ya7UY6%2FTmeYe32r3ARcoqemMk8RhMjcHMCmKzgkX5UUnIzq975N4emcCk38Mu5LDcgU1K4lxbwZDnyARBZgkySpBJgiwhyIb5Ole2afO7XNnU92a1OautfKKTwSpd18lARGQ1PiBPTS36a%2FwjFsV%2B3e%2F53RZnos15Z77PPSq8wBUu63TnReB1%2B7Ayh7THpqqXZUme%2Ffo7xLIkx06N4NNtWLUNJp8ETT3QbNJtuqALk3bPxXL01YKIEipPD2RwmkYyFA2mQ3CdI05qSJacVXVAnpvyefnBQwi2e3brt%2Fef%2F%2Bba72AmR2xyvCMfEAzUncl1nZG16zqzZOtKnMhQLtPqOW8kNBH%2Fu%2FeGWMq04RfP2%2FHnr7AKqNrNm8Iml2jEZTSw5ItzknNhLmjDBPn2or0l%2FKupXTiXmiiNL1199cLFMDbCWqmjAlSWhBTvgsmSHP87nn7VF%2B19SFPApDnCdJfMAlIXYPEKbLx7dvPEo%2BLDt0%2FCagKjjnb8uIYszSem6R9dKkmgxNFM%2FRz2X7N%2F1K%2FaOxiYGmhyG1GYY2hyDFUOqsaw6ROTJDa7Z3c%2BreIz%2BKo28ZWprfnKqI8rc%2F%2Bo0qMq%2FXnotZX79Y7XFj2%2F12Wc%2B4Jxr9ts9Vqu2%2BS83e0Lr4%2FElkK88Ms%2FAAAA%2F%2F8BAAD%2F%2F9%2B1So2RBAAA

173.233.137.52

200 OK

7 B

URL GET HTTP/1.1
circumstantialplatoon.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSPWwcxR%2Bdzf%2F%2BDWkAUUADJ9EkUnLevQ%2FfHSkCIQRFhHyjNDSzM7PnwbM7y8zu7dmVRQRKx0lQANX6nR2LYEVYAokGhNZpLEtIXgrkAkuIEipC0iAhtOeTDD9pfh%2FzfsV7b%2BaD1fSAuEjp%2FtU39bJUis51Gm79xC0ZcZ3Z%2BuWbdc9tuGfqt2Q03z5TH1XJDF%2Fy3E7DPVl%2FXbBFPdd0Pdf1XK9%2BQRoR6NHcFIWMN%2Fteo%2B822s2G12ljZP4729SBpQ748IA8DcnL%2Fy%2FsbEGyAlH45XlhFxMdn3otTBVNtMGQb7wVLUY6ixAetYFxEEQbs21oWxLyyTHoaGOmAHq4VimAL0vi%2FOTBjzZmNOEP1w%2BZ%2Bgoigs%2BPIxsWEKqApAWYvg3J9wjAOC5fQRTevaxNRpcOUVqhJak9fgiZlaT28zOIwvvnlBzVb2iVJlJHFqMghxwVkIMCcbqNZNmBzLbBkvcg%2BQ9k7vElROHaFas0JM%2Bn6qUsIIMCSoxBrYO0OtJBGjhIYwch36%2FTTj9w3W7gB61Wr80Ya7UY6%2FTmeYe32r3ARcoqemMk8RhMjcHMCmKzgkX5UUnIzq975N4emcCk38Mu5LDcgU1K4lxbwZDnyARBZgkySpBJgiwhyIb5Ole2afO7XNnU92a1OautfKKTwSpd18lARGQ1PiBPTS36a%2FwjFsV%2B3e%2F53RZnos15Z77PPSq8wBUu63TnReB1%2B7Ayh7THpqqXZUme%2Ffo7xLIkx06N4NNtWLUNJp8ETT3QbNJtuqALk3bPxXL01YKIEipPD2RwmkYyFA2mQ3CdI05qSJacVXVAnpvyefnBQwi2e3brt%2Fef%2F%2Bba72AmR2xyvCMfEAzUncl1nZG16zqzZOtKnMhQLtPqOW8kNBH%2Fu%2FeGWMq04RfP2%2FHnr7AKqNrNm8Iml2jEZTSw5ItzknNhLmjDBPn2or0l%2FKupXTiXmiiNL1199cLFMDbCWqmjAlSWhBTvgsmSHP87nn7VF%2B19SFPApDnCdJfMAlIXYPEKbLx7dvPEo%2BLDt0%2FCagKjjnb8uIYszSem6R9dKkmgxNFM%2FRz2X7N%2F1K%2FaOxiYGmhyG1GYY2hyDFUOqsaw6ROTJDa7Z3c%2BreIz%2BKo28ZWprfnKqI8rc%2F%2Bo0qMq%2FXnotZX79Y7XFj2%2F12Wc%2B4Jxr9ts9Vqu2%2BS83e0Lr4%2FElkK88Ms%2FAAAA%2F%2F8BAAD%2F%2F9%2B1So2RBAAA
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerLet's Encrypt
Subjectcircumstantialplatoon.com
Fingerprint21:4C:19:A1:5F:8C:21:03:61:98:4C:18:28:B5:30:5A:48:99:04:AB
ValiditySat, 25 Nov 2023 08:05:28 GMT - Fri, 23 Feb 2024 08:05:27 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSPWwcxR%2Bdzf%2F%2BDWkAUUADJ9EkUnLevQ%2FfHSkCIQRFhHyjNDSzM7PnwbM7y8zu7dmVRQRKx0lQANX6nR2LYEVYAokGhNZpLEtIXgrkAkuIEipC0iAhtOeTDD9pfh%2FzfsV7b%2BaD1fSAuEjp%2FtU39bJUis51Gm79xC0ZcZ3Z%2BuWbdc9tuGfqt2Q03z5TH1XJDF%2Fy3E7DPVl%2FXbBFPdd0Pdf1XK9%2BQRoR6NHcFIWMN%2Fteo%2B822s2G12ljZP4729SBpQ748IA8DcnL%2Fy%2FsbEGyAlH45XlhFxMdn3otTBVNtMGQb7wVLUY6ixAetYFxEEQbs21oWxLyyTHoaGOmAHq4VimAL0vi%2FOTBjzZmNOEP1w%2BZ%2Bgoigs%2BPIxsWEKqApAWYvg3J9wjAOC5fQRTevaxNRpcOUVqhJak9fgiZlaT28zOIwvvnlBzVb2iVJlJHFqMghxwVkIMCcbqNZNmBzLbBkvcg%2BQ9k7vElROHaFas0JM%2Bn6qUsIIMCSoxBrYO0OtJBGjhIYwch36%2FTTj9w3W7gB61Wr80Ya7UY6%2FTmeYe32r3ARcoqemMk8RhMjcHMCmKzgkX5UUnIzq975N4emcCk38Mu5LDcgU1K4lxbwZDnyARBZgkySpBJgiwhyIb5Ole2afO7XNnU92a1OautfKKTwSpd18lARGQ1PiBPTS36a%2FwjFsV%2B3e%2F53RZnos15Z77PPSq8wBUu63TnReB1%2B7Ayh7THpqqXZUme%2Ffo7xLIkx06N4NNtWLUNJp8ETT3QbNJtuqALk3bPxXL01YKIEipPD2RwmkYyFA2mQ3CdI05qSJacVXVAnpvyefnBQwi2e3brt%2Fef%2F%2Bba72AmR2xyvCMfEAzUncl1nZG16zqzZOtKnMhQLtPqOW8kNBH%2Fu%2FeGWMq04RfP2%2FHnr7AKqNrNm8Iml2jEZTSw5ItzknNhLmjDBPn2or0l%2FKupXTiXmiiNL1199cLFMDbCWqmjAlSWhBTvgsmSHP87nn7VF%2B19SFPApDnCdJfMAlIXYPEKbLx7dvPEo%2BLDt0%2FCagKjjnb8uIYszSem6R9dKkmgxNFM%2FRz2X7N%2F1K%2FaOxiYGmhyG1GYY2hyDFUOqsaw6ROTJDa7Z3c%2BreIz%2BKo28ZWprfnKqI8rc%2F%2Bo0qMq%2FXnotZX79Y7XFj2%2F12Wc%2B4Jxr9ts9Vqu2%2BS83e0Lr4%2FElkK88Ms%2FAAAA%2F%2F8BAAD%2F%2F9%2B1So2RBAAA HTTP/1.1
Host: circumstantialplatoon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 27 Nov 2023 23:01:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c72cdc71d0d4b74ecbd374e004f9f1d4
Strict-Transport-Security: max-age=0; includeSubdomains

192.243.59.12

0 B

URL
adjusteddrug.com/watch.1449866090802.js?key=c56a3a0d78064cdb8bd27f6995fe3f3a&kw=%5B%22kagaku%22%2C%22na%22%2C%22yatsura%22%2C%22gifs%22%2C%22part%22%2C%2247%22%2C%22-%22%2C%22hentai%22%2C%22gif%22%5D&refer=https%3A%2F%2Fde.hentai-gif-anime.com%2Fimage%2Fkagaku-na-yatsura-gifs-47%2F&tz=0&dev=e&res=14.3095&uuid=cb7de550-92b9-4fd1-91f1-e1bab9ca5745%3A2%3A1
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1449866090802.js?key=c56a3a0d78064cdb8bd27f6995fe3f3a&kw=%5B%22kagaku%22%2C%22na%22%2C%22yatsura%22%2C%22gifs%22%2C%22part%22%2C%2247%22%2C%22-%22%2C%22hentai%22%2C%22gif%22%5D&refer=https%3A%2F%2Fde.hentai-gif-anime.com%2Fimage%2Fkagaku-na-yatsura-gifs-47%2F&tz=0&dev=e&res=14.3095&uuid=cb7de550-92b9-4fd1-91f1-e1bab9ca5745%3A2%3A1 HTTP/1.1
Host: adjusteddrug.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://de.hentai-gif-anime.com
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 27 Nov 2023 23:01:53 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://de.hentai-gif-anime.com
Access-Control-Allow-Origin: https://de.hentai-gif-anime.com
Access-Control-Allow-Credentials: true
Location: https://adjusteddrug.com/watch.1449866090802.js?key=c56a3a0d78064cdb8bd27f6995fe3f3a&kw=%5B%22kagaku%22%2C%22na%22%2C%22yatsura%22%2C%22gifs%22%2C%22part%22%2C%2247%22%2C%22-%22%2C%22hentai%22%2C%22gif%22%5D&refer=https%3A%2F%2Fde.hentai-gif-anime.com%2Fimage%2Fkagaku-na-yatsura-gifs-47%2F&tz=0&dev=e&res=14.3095&uuid=cb7de550-92b9-4fd1-91f1-e1bab9ca5745%3A2%3A1&shu=6b87229e2c8c11d3bac3e002f42fb9388447c79ee6a1c6b8b58b8d9519b75169b06df0c80e09a3e0740339c0db4a099910a25b3e1e833ce45a7fa918a386ef659522c05e1dc151ed895e2f70fc724f78a362bba148bf1ca6eefcf5ff58b1f4&pst=1701126173&rmtc=t
Set-Cookie: u_pl=16486569; expires=Tue, 28 Nov 2023 23:01:53 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQ4NjU2OSwiayI6ImM1NmEzYTBkNzgwNjRjZGI4YmQyN2Y2OTk1ZmUzZjNhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjE5MzkwLCJwaWQiOjE0MjQ1NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJ6cXF3dHFyZ2JpIiwiY3BrcyI6eyIyOCI6ImEzZThkYzFlZGVjNDU5M2JiNmViMTgwMGY5OGQ3MTIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2RlLmhlbnRhaS1naWYtYW5pbWUuY29tL2ltYWdlL2thZ2FrdS1uYS15YXRzdXJhLWdpZnMtNDcvIn19.WNdtTzD4bHaBWv5U-azacoo_Z4Rv3XYcO4Zbk5C1IHI; expires=Mon, 27 Nov 2023 23:02:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c86ae4b09f36979209d404ae61256430
Strict-Transport-Security: max-age=0; includeSubdomains

192.243.59.12

307 Temporary Redirect

0 B

URL GET HTTP/1.1
hundredshands.com/watch.24171420547.js?key=466a4a49f3d5ab80a19d25d71d1aea47&kw=%5B%22kagaku%22%2C%22na%22%2C%22yatsura%22%2C%22gifs%22%2C%22part%22%2C%2247%22%2C%22-%22%2C%22hentai%22%2C%22gif%22%5D&refer=https%3A%2F%2Fde.hentai-gif-anime.com%2Fimage%2Fkagaku-na-yatsura-gifs-47%2F&tz=0&dev=e&res=14.3095&uuid=9f539ebe-20f7-46e8-afaf-f3161e954842%3A1%3A1
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerLet's Encrypt
Subjecthundredshands.com
Fingerprint68:49:71:81:D7:16:91:C6:33:E9:EA:03:8A:09:34:0E:05:19:90:EB
ValiditySat, 25 Nov 2023 07:48:53 GMT - Fri, 23 Feb 2024 07:48:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.24171420547.js?key=466a4a49f3d5ab80a19d25d71d1aea47&kw=%5B%22kagaku%22%2C%22na%22%2C%22yatsura%22%2C%22gifs%22%2C%22part%22%2C%2247%22%2C%22-%22%2C%22hentai%22%2C%22gif%22%5D&refer=https%3A%2F%2Fde.hentai-gif-anime.com%2Fimage%2Fkagaku-na-yatsura-gifs-47%2F&tz=0&dev=e&res=14.3095&uuid=9f539ebe-20f7-46e8-afaf-f3161e954842%3A1%3A1 HTTP/1.1
Host: hundredshands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://de.hentai-gif-anime.com
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 27 Nov 2023 23:01:53 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://de.hentai-gif-anime.com
Access-Control-Allow-Origin: https://de.hentai-gif-anime.com
Access-Control-Allow-Credentials: true
Location: https://hundredshands.com/watch.24171420547.js?key=466a4a49f3d5ab80a19d25d71d1aea47&kw=%5B%22kagaku%22%2C%22na%22%2C%22yatsura%22%2C%22gifs%22%2C%22part%22%2C%2247%22%2C%22-%22%2C%22hentai%22%2C%22gif%22%5D&refer=https%3A%2F%2Fde.hentai-gif-anime.com%2Fimage%2Fkagaku-na-yatsura-gifs-47%2F&tz=0&dev=e&res=14.3095&uuid=9f539ebe-20f7-46e8-afaf-f3161e954842%3A1%3A1&shu=1bb96b67f1468fe40540440b6f2a362ad7d10dd7d675599bd00f36a79cf5c4dfbb311d04ff33a135183d63b64e096615c1e5856115c7c43d514187f04c9f6107beedc1765448ef3e2fc5aec12f9343621e68c732b42ccdbee09ee6b57132dd&pst=1701126173&rmtc=t
Set-Cookie: u_pl=16485857; expires=Tue, 28 Nov 2023 23:01:53 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQ4NTg1NywiayI6IjQ2NmE0YTQ5ZjNkNWFiODBhMTlkMjVkNzFkMWFlYTQ3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjE5MzkwLCJwaWQiOjE0MjQ1NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyNSwicHQiOjQsInBrIjoicThmcTNpcnNqIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZGUuaGVudGFpLWdpZi1hbmltZS5jb20vaW1hZ2Uva2FnYWt1LW5hLXlhdHN1cmEtZ2lmcy00Ny8ifX0.5TS0JJZgvto6xYNXjFWbiHLcnIg2nhRcdxRUaEPLYPs; expires=Mon, 27 Nov 2023 23:02:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d3883746f8365b22b2beb918f27154ce
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.cloudimagesb.com/si/3c/a6/9a/3ca69a4ec5579fd98f5bf2c32dc4bf0c/1683357000.png

45.133.44.9

156 kB

URL
cdn.cloudimagesb.com/si/3c/a6/9a/3ca69a4ec5579fd98f5bf2c32dc4bf0c/1683357000.png
IP
45.133.44.9:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size
156 kB (155511 bytes)
Hash
4e4f25622c983e074eb908d4c15724bc
80f165b39dc08ebc204b390db0f7a3718b422a3d
12801ac20be4a4587a27149f756dd3123c9ba5d9555d73792a5c64df90bc4c05

HTTP Headers

GET /si/3c/a6/9a/3ca69a4ec5579fd98f5bf2c32dc4bf0c/1683357000.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:53 GMT
content-type: image/png
content-length: 155511
server: nginx/1.21.6
last-modified: Sat, 06 May 2023 07:10:08 GMT
etag: "6455fd50-25f77"
expires: Wed, 29 Nov 2023 23:01:53 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/f5/1a/51/f51a5127fdcd4dba8257a50bc502162f/1683356981.png

45.133.44.9

200 OK

128 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/f5/1a/51/f51a5127fdcd4dba8257a50bc502162f/1683356981.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size
128 kB (128338 bytes)
Hash
2e213fca84ea9e780c6bf1c25ec75b61
d8fc9898a7bc1031b1d4c350c0d827ce424e17d5
c4cc2ce592d14c491c0430f3a6263e489a680b75ffecf97f6fde10f96ba6a9dd

HTTP Headers

GET /si/f5/1a/51/f51a5127fdcd4dba8257a50bc502162f/1683356981.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:53 GMT
content-type: image/png
content-length: 128338
server: nginx/1.21.6
last-modified: Sat, 06 May 2023 07:09:51 GMT
etag: "6455fd3f-1f552"
expires: Wed, 29 Nov 2023 23:01:53 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/e7/65/91/e76591885426335875f96fec271ab416/1683357009.png

45.133.44.9

200 OK

118 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/e7/65/91/e76591885426335875f96fec271ab416/1683357009.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size
118 kB (118147 bytes)
Hash
42aa625f7b89a3d77b9fe771f1f1d3c3
9b3d290a8eba25e0c882692bc11c9c3ef4e52dbd
e85910c5985368e86dd68b62ca341599e65a4950383aa0a99e9336eecc47e122

HTTP Headers

GET /si/e7/65/91/e76591885426335875f96fec271ab416/1683357009.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:53 GMT
content-type: image/png
content-length: 118147
server: nginx/1.21.6
last-modified: Sat, 06 May 2023 07:10:21 GMT
etag: "6455fd5d-1cd83"
expires: Wed, 29 Nov 2023 23:01:53 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/9b/47/fb/9b47fb4316ad611bd932807c02c26cff/1683356991.png

45.133.44.9

139 kB

URL
cdn.cloudimagesb.com/si/9b/47/fb/9b47fb4316ad611bd932807c02c26cff/1683356991.png
IP
45.133.44.9:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size
139 kB (139050 bytes)
Hash
b5095853b4c6e16acd9d238c51c479ff
b7436311ee33f668d8a71e1300a60a4e11ff32e4
b47522a109caa660ee05c5278f3ffc9eecd1d290b4132b6388d5677f9ea372a7

HTTP Headers

GET /si/9b/47/fb/9b47fb4316ad611bd932807c02c26cff/1683356991.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:53 GMT
content-type: image/png
content-length: 139050
server: nginx/1.21.6
last-modified: Sat, 06 May 2023 07:10:00 GMT
etag: "6455fd48-21f2a"
expires: Wed, 29 Nov 2023 23:01:53 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/bb/16/b7/bb16b71b76fc43a6abd135721b32a822/1658915518.png

45.133.44.9

200 OK

145 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/bb/16/b7/bb16b71b76fc43a6abd135721b32a822/1658915518.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size
145 kB (145012 bytes)
Hash
620dee7dda3ab0a55fef5e66735e48e1
c03458e7950bed758e4352ec7a78bb434a3164b1
8552142726040854ba6a1d57037aa513e8cb424e3e5b96f017fb742f7c9255c3

HTTP Headers

GET /cti/bb/16/b7/bb16b71b76fc43a6abd135721b32a822/1658915518.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:54 GMT
content-type: image/png
content-length: 145012
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 09:52:06 GMT
etag: "62e10ac6-23674"
expires: Wed, 29 Nov 2023 23:01:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

circumstantialplatoon.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRidNUdDGkAU0MBJNCAl59378flIEQghKCLEzg9yPbszex48O7PM7N6eXVlEoJQnQQFU63d2LEKEYgkkGhBap7EsIXkpkAssIUqoCKRBQmgvJx180nw%2F877ivTfz4VZ6Qlyk9Hj5bb0hpKTznYZbf2lFKKYzW79yo%2B65DfdsfUWohfbZ%2BrBKZvCK53Ya7sv1N3mwpuebrue6nuvVLwrDQz2cn6AQ8d2e1%2Bi5jXaz4XXaGJr%2FzzZ1YKkDNjghT0Ow8vHVgz2IoICK7l3gdi3R8ek3olTSRBsM2O47ak3pTCGataFxEKrd6Ta0LQn5ZA5a7U4VQA%2B2KwXwRUmcnzz4andKE%2F5g5xFTX4Ir%2BOwUskEBLgsIWiDQNyHYEQEChitLUNHtK9pkdP0RSiu0JLWHDyCyktR%2BfgYq%2BvK8FMP6dS3TRGhlMQxziGEB0S8Qp%2FtINhyIbB9B8j4E%2B4HMP7wMFW0vWakhWD5RL0QBERaQfARqHaTVEQ7S0EEaO4jYcZ12eqHrdkM%2FbLUW20EQtFpB0FlcYB3Wai%2BGLtKgojdCEo8QyBECs4nYbGJNfFQScvDrEblzRMYw6fewqzksc2CTkjhXNzFgOTJOkFmCjBJkgiBLCLJBvsOkbdr8NpM29b1pbU5rKx%2FrpL9Fd3TS54psxSfkqYlFf49%2BxBo%2FrvuLfrfFAt5mrLPQYx7lXuhyN%2Bh0F3jodXuwIoewcxPVG6Ikz379HWJRkrnTQ%2Fh0H1buIxBPgqYeaDbuNl3Q1XF70cWG%2BmqVq4SKM30RnqFKRLwR6AhM54iTGpJ1Z0uekOcmfF69%2Fxd4cHhu77cPnv%2Fm6u8ITI7Y5HhX3Cfoy1vjazoj29d0ZsneUpyISGzQ6jmvJzThj915i69n2rBLF%2Bzo89eCCqjauze4TS5TxYTqW%2FLFecEYNxe1CTj59pJd4f5yalfPp0al8eXl1y9eimLDrRVaFaCiJKR4D4Eoyal%2F4slXfdHegzAFTJojSg%2FJNCB0gSDehI1n%2FK0mMHK248dzyNJ8bJr%2B7FIKAslnM%2FVz2P%2FM%2FqzfsrfQNzXQ5CZUlGNgcgxkDipHsOkT4yQ2h%2BcOPq3iM%2FiyNvalqW370siPK3P%2FmDhcpT%2Br9ABWHNd5J3RD7ja5H%2Fb8sEtd1gvbPZ%2F2PN71O9RDYkvOX%2FjlXwAAAP%2F%2FAQAA%2F%2F8%2B%2FFCekQQAAA%3D%3D

192.243.61.227

7 B

URL
circumstantialplatoon.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRidNUdDGkAU0MBJNCAl59378flIEQghKCLEzg9yPbszex48O7PM7N6eXVlEoJQnQQFU63d2LEKEYgkkGhBap7EsIXkpkAssIUqoCKRBQmgvJx180nw%2F877ivTfz4VZ6Qlyk9Hj5bb0hpKTznYZbf2lFKKYzW79yo%2B65DfdsfUWohfbZ%2BrBKZvCK53Ya7sv1N3mwpuebrue6nuvVLwrDQz2cn6AQ8d2e1%2Bi5jXaz4XXaGJr%2FzzZ1YKkDNjghT0Ow8vHVgz2IoICK7l3gdi3R8ek3olTSRBsM2O47ak3pTCGataFxEKrd6Ta0LQn5ZA5a7U4VQA%2B2KwXwRUmcnzz4andKE%2F5g5xFTX4Ir%2BOwUskEBLgsIWiDQNyHYEQEChitLUNHtK9pkdP0RSiu0JLWHDyCyktR%2BfgYq%2BvK8FMP6dS3TRGhlMQxziGEB0S8Qp%2FtINhyIbB9B8j4E%2B4HMP7wMFW0vWakhWD5RL0QBERaQfARqHaTVEQ7S0EEaO4jYcZ12eqHrdkM%2FbLUW20EQtFpB0FlcYB3Wai%2BGLtKgojdCEo8QyBECs4nYbGJNfFQScvDrEblzRMYw6fewqzksc2CTkjhXNzFgOTJOkFmCjBJkgiBLCLJBvsOkbdr8NpM29b1pbU5rKx%2FrpL9Fd3TS54psxSfkqYlFf49%2BxBo%2FrvuLfrfFAt5mrLPQYx7lXuhyN%2Bh0F3jodXuwIoewcxPVG6Ikz379HWJRkrnTQ%2Fh0H1buIxBPgqYeaDbuNl3Q1XF70cWG%2BmqVq4SKM30RnqFKRLwR6AhM54iTGpJ1Z0uekOcmfF69%2Fxd4cHhu77cPnv%2Fm6u8ITI7Y5HhX3Cfoy1vjazoj29d0ZsneUpyISGzQ6jmvJzThj915i69n2rBLF%2Bzo89eCCqjauze4TS5TxYTqW%2FLFecEYNxe1CTj59pJd4f5yalfPp0al8eXl1y9eimLDrRVaFaCiJKR4D4Eoyal%2F4slXfdHegzAFTJojSg%2FJNCB0gSDehI1n%2FK0mMHK248dzyNJ8bJr%2B7FIKAslnM%2FVz2P%2FM%2FqzfsrfQNzXQ5CZUlGNgcgxkDipHsOkT4yQ2h%2BcOPq3iM%2FiyNvalqW370siPK3P%2FmDhcpT%2Br9ABWHNd5J3RD7ja5H%2Fb8sEtd1gvbPZ%2F2PN71O9RDYkvOX%2FjlXwAAAP%2F%2FAQAA%2F%2F8%2B%2FFCekQQAAA%3D%3D
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRidNUdDGkAU0MBJNCAl59378flIEQghKCLEzg9yPbszex48O7PM7N6eXVlEoJQnQQFU63d2LEKEYgkkGhBap7EsIXkpkAssIUqoCKRBQmgvJx180nw%2F877ivTfz4VZ6Qlyk9Hj5bb0hpKTznYZbf2lFKKYzW79yo%2B65DfdsfUWohfbZ%2BrBKZvCK53Ya7sv1N3mwpuebrue6nuvVLwrDQz2cn6AQ8d2e1%2Bi5jXaz4XXaGJr%2FzzZ1YKkDNjghT0Ow8vHVgz2IoICK7l3gdi3R8ek3olTSRBsM2O47ak3pTCGataFxEKrd6Ta0LQn5ZA5a7U4VQA%2B2KwXwRUmcnzz4andKE%2F5g5xFTX4Ir%2BOwUskEBLgsIWiDQNyHYEQEChitLUNHtK9pkdP0RSiu0JLWHDyCyktR%2BfgYq%2BvK8FMP6dS3TRGhlMQxziGEB0S8Qp%2FtINhyIbB9B8j4E%2B4HMP7wMFW0vWakhWD5RL0QBERaQfARqHaTVEQ7S0EEaO4jYcZ12eqHrdkM%2FbLUW20EQtFpB0FlcYB3Wai%2BGLtKgojdCEo8QyBECs4nYbGJNfFQScvDrEblzRMYw6fewqzksc2CTkjhXNzFgOTJOkFmCjBJkgiBLCLJBvsOkbdr8NpM29b1pbU5rKx%2FrpL9Fd3TS54psxSfkqYlFf49%2BxBo%2FrvuLfrfFAt5mrLPQYx7lXuhyN%2Bh0F3jodXuwIoewcxPVG6Ikz379HWJRkrnTQ%2Fh0H1buIxBPgqYeaDbuNl3Q1XF70cWG%2BmqVq4SKM30RnqFKRLwR6AhM54iTGpJ1Z0uekOcmfF69%2Fxd4cHhu77cPnv%2Fm6u8ITI7Y5HhX3Cfoy1vjazoj29d0ZsneUpyISGzQ6jmvJzThj915i69n2rBLF%2Bzo89eCCqjauze4TS5TxYTqW%2FLFecEYNxe1CTj59pJd4f5yalfPp0al8eXl1y9eimLDrRVaFaCiJKR4D4Eoyal%2F4slXfdHegzAFTJojSg%2FJNCB0gSDehI1n%2FK0mMHK248dzyNJ8bJr%2B7FIKAslnM%2FVz2P%2FM%2FqzfsrfQNzXQ5CZUlGNgcgxkDipHsOkT4yQ2h%2BcOPq3iM%2FiyNvalqW370siPK3P%2FmDhcpT%2Br9ABWHNd5J3RD7ja5H%2Fb8sEtd1gvbPZ%2F2PN71O9RDYkvOX%2FjlXwAAAP%2F%2FAQAA%2F%2F8%2B%2FFCekQQAAA%3D%3D HTTP/1.1
Host: circumstantialplatoon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 27 Nov 2023 23:01:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 370686eb07d9c0585d6eb31d3aa16a3d
Strict-Transport-Security: max-age=0; includeSubdomains

circumstantialplatoon.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRSeDUdDGkAU0MBJNCAl59378d2RIhBCUERInB%2FkenZm9jx4dmeZ2b09u7KIQClPggKo1t%2FZsQgBYQkkGhBap7EsIXkpkAssIUqoCKRBQmgvJx08ab733nyv%2BL438%2F5mekxcpPRo6U29LpWiC52GW39hWUZcZ7Z%2B%2BUbdcxvumfqyjBbbZ%2BqjCszwJc%2FtNNwX668LtqoXmq7nup7r1S9IIwI9WpiykPHdvtfou412s%2BF12hiZ%2F%2Fc2dWCpAz48Jk9C8vLRlf1dSFYgCr88L%2BxqouNTr4Wpook2GPKdt6LVSGcRwnkZGAdBtDObhrYlIR%2BdgI52Zg6gh1uVA%2FiyJM5PHvxoZyYT%2FnD7oVJfQUTw%2BUlkwwJCFZC0ANM3IfkhARjH5SuIwtuXtcno2kOWVmxJag%2FuQ2Ylqf38FKLwi3NKjurXtUoTqSOLUZBDjgrIQYE43UOy7kBme2DJu5D8B7Lw4BKicOuKVRqS51P3UhaQQQElxqDWQVod6SANHKSxg5Af1WmnH7huN%2FCDVqvXZoy1Wox1eou8w1vtXuAiZZW8MZJ4DKbGYGYDsdnAqvygJGT%2F10Ny55BMYNLvYVdyWO7AJiVxrm5gyHNkgiCzBBklyCRBlhBkw3ybK9u0%2BW2ubOp7s9yc5VY%2B0clgk27rZCAishkfkyemK%2Fp7%2FCNWxVHd7%2FndFmeizXlnsc89KrzAFS7rdBdF4HX7sDKHtCemrtdlSZ7%2B%2BjvEsiQnTo3g0z1YtQcmHwdNPdBs0m26oCuTds%2FFevTViogSKk8PZHCaRjIUDaZDcJ0jTmpI1pxNdUyemep5%2Bd4fEOzg7O5v7z37zdXfwUyO2OR4W94jGKhbk2s6I1vXdGbJ7pU4kaFcp9VzXk9oIh6584ZYy7ThF8%2Fb8aevsIqoyrs3hE0u0YjLaGDJZ%2Bck58Jc0IYJ8u1Fuyz8pdSunEtNlMaXll69cDGMjbBW6qgAlSUhxTtgsiQn%2F4mnX%2FV5%2BzmkKWDSHGF6QGYBqQuweAM2nuu3msCo%2BYwfO8jSfGKa%2FvxSSQIl5j31c9j%2F9P683rS3MDA10OQmojDH0OQYqhxUjWHTxyZJbA7O7n9cxSfwVW3iK1Pb8pVRH06XW8FfFfxZwX1YeVTveG3R83tdxrkvGPe6zVav5bpNztvdvvD6SGwpxHO%2F%2FAsAAP%2F%2FAQAA%2F%2F%2FIGgm2kQQAAA%3D%3D

192.243.61.227

200 OK

7 B

URL GET HTTP/1.1
circumstantialplatoon.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRSeDUdDGkAU0MBJNCAl59378d2RIhBCUERInB%2FkenZm9jx4dmeZ2b09u7KIQClPggKo1t%2FZsQgBYQkkGhBap7EsIXkpkAssIUqoCKRBQmgvJx08ab733nyv%2BL438%2F5mekxcpPRo6U29LpWiC52GW39hWUZcZ7Z%2B%2BUbdcxvumfqyjBbbZ%2BqjCszwJc%2FtNNwX668LtqoXmq7nup7r1S9IIwI9WpiykPHdvtfou412s%2BF12hiZ%2F%2Fc2dWCpAz48Jk9C8vLRlf1dSFYgCr88L%2BxqouNTr4Wpook2GPKdt6LVSGcRwnkZGAdBtDObhrYlIR%2BdgI52Zg6gh1uVA%2FiyJM5PHvxoZyYT%2FnD7oVJfQUTw%2BUlkwwJCFZC0ANM3IfkhARjH5SuIwtuXtcno2kOWVmxJag%2FuQ2Ylqf38FKLwi3NKjurXtUoTqSOLUZBDjgrIQYE43UOy7kBme2DJu5D8B7Lw4BKicOuKVRqS51P3UhaQQQElxqDWQVod6SANHKSxg5Af1WmnH7huN%2FCDVqvXZoy1Wox1eou8w1vtXuAiZZW8MZJ4DKbGYGYDsdnAqvygJGT%2F10Ny55BMYNLvYVdyWO7AJiVxrm5gyHNkgiCzBBklyCRBlhBkw3ybK9u0%2BW2ubOp7s9yc5VY%2B0clgk27rZCAishkfkyemK%2Fp7%2FCNWxVHd7%2FndFmeizXlnsc89KrzAFS7rdBdF4HX7sDKHtCemrtdlSZ7%2B%2BjvEsiQnTo3g0z1YtQcmHwdNPdBs0m26oCuTds%2FFevTViogSKk8PZHCaRjIUDaZDcJ0jTmpI1pxNdUyemep5%2Bd4fEOzg7O5v7z37zdXfwUyO2OR4W94jGKhbk2s6I1vXdGbJ7pU4kaFcp9VzXk9oIh6584ZYy7ThF8%2Fb8aevsIqoyrs3hE0u0YjLaGDJZ%2Bck58Jc0IYJ8u1Fuyz8pdSunEtNlMaXll69cDGMjbBW6qgAlSUhxTtgsiQn%2F4mnX%2FV5%2BzmkKWDSHGF6QGYBqQuweAM2nuu3msCo%2BYwfO8jSfGKa%2FvxSSQIl5j31c9j%2F9P683rS3MDA10OQmojDH0OQYqhxUjWHTxyZJbA7O7n9cxSfwVW3iK1Pb8pVRH06XW8FfFfxZwX1YeVTveG3R83tdxrkvGPe6zVav5bpNztvdvvD6SGwpxHO%2F%2FAsAAP%2F%2FAQAA%2F%2F%2FIGgm2kQQAAA%3D%3D
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerLet's Encrypt
Subjectcircumstantialplatoon.com
Fingerprint21:4C:19:A1:5F:8C:21:03:61:98:4C:18:28:B5:30:5A:48:99:04:AB
ValiditySat, 25 Nov 2023 08:05:28 GMT - Fri, 23 Feb 2024 08:05:27 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRSeDUdDGkAU0MBJNCAl59378d2RIhBCUERInB%2FkenZm9jx4dmeZ2b09u7KIQClPggKo1t%2FZsQgBYQkkGhBap7EsIXkpkAssIUqoCKRBQmgvJx08ab733nyv%2BL438%2F5mekxcpPRo6U29LpWiC52GW39hWUZcZ7Z%2B%2BUbdcxvumfqyjBbbZ%2BqjCszwJc%2FtNNwX668LtqoXmq7nup7r1S9IIwI9WpiykPHdvtfou412s%2BF12hiZ%2F%2Fc2dWCpAz48Jk9C8vLRlf1dSFYgCr88L%2BxqouNTr4Wpook2GPKdt6LVSGcRwnkZGAdBtDObhrYlIR%2BdgI52Zg6gh1uVA%2FiyJM5PHvxoZyYT%2FnD7oVJfQUTw%2BUlkwwJCFZC0ANM3IfkhARjH5SuIwtuXtcno2kOWVmxJag%2FuQ2Ylqf38FKLwi3NKjurXtUoTqSOLUZBDjgrIQYE43UOy7kBme2DJu5D8B7Lw4BKicOuKVRqS51P3UhaQQQElxqDWQVod6SANHKSxg5Af1WmnH7huN%2FCDVqvXZoy1Wox1eou8w1vtXuAiZZW8MZJ4DKbGYGYDsdnAqvygJGT%2F10Ny55BMYNLvYVdyWO7AJiVxrm5gyHNkgiCzBBklyCRBlhBkw3ybK9u0%2BW2ubOp7s9yc5VY%2B0clgk27rZCAishkfkyemK%2Fp7%2FCNWxVHd7%2FndFmeizXlnsc89KrzAFS7rdBdF4HX7sDKHtCemrtdlSZ7%2B%2BjvEsiQnTo3g0z1YtQcmHwdNPdBs0m26oCuTds%2FFevTViogSKk8PZHCaRjIUDaZDcJ0jTmpI1pxNdUyemep5%2Bd4fEOzg7O5v7z37zdXfwUyO2OR4W94jGKhbk2s6I1vXdGbJ7pU4kaFcp9VzXk9oIh6584ZYy7ThF8%2Fb8aevsIqoyrs3hE0u0YjLaGDJZ%2Bck58Jc0IYJ8u1Fuyz8pdSunEtNlMaXll69cDGMjbBW6qgAlSUhxTtgsiQn%2F4mnX%2FV5%2BzmkKWDSHGF6QGYBqQuweAM2nuu3msCo%2BYwfO8jSfGKa%2FvxSSQIl5j31c9j%2F9P683rS3MDA10OQmojDH0OQYqhxUjWHTxyZJbA7O7n9cxSfwVW3iK1Pb8pVRH06XW8FfFfxZwX1YeVTveG3R83tdxrkvGPe6zVav5bpNztvdvvD6SGwpxHO%2F%2FAsAAP%2F%2FAQAA%2F%2F%2FIGgm2kQQAAA%3D%3D HTTP/1.1
Host: circumstantialplatoon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 27 Nov 2023 23:01:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d5dbee33d18c8ed9f8247e82a24df614
Strict-Transport-Security: max-age=0; includeSubdomains

circumstantialplatoon.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSPWwcxR%2BdTe7f%2FNMAooAGTqIBKTnv3ofPR4pACEERwXY%2BkOvZndnz4NmZZWb39uzKIgKlPAkKoFq%2Fs2MRIsASSDQgtE5jWULyUiAXWEKUUBFIg4TQXk46%2BEnz%2B5j3K957M%2B9tpSfERUqPl9%2FQG0JKOtdpuPXnV4RiOrP1xZt1z2245%2BsrQs23z9eHVTKDFz2303BfqL%2FGgzU913Q91%2FVcr35ZGB7q4dwEhYjv9bxGz220mw2v08bQ%2FHe2qQNLHbDBCXkCgpX%2FWz3YgwgKqOiLS9yuJTo%2B%2B2qUSppogwHbfVOtKZ0pRLM2NA5CtTvdhrYlIR%2Begla7UwXQg%2B1KAXxREudHD77andKEP9h5xNSX4Ao%2BO4NsUIDLAoIWCPQtCHZEgIBhcQkqurOoTUbXH6G0QktSe%2FgAIitJ7acnoaLPLkoxrN%2FQMk2EVhbDMIcYFhD9AnG6j2TDgcj2ESTvQLDvydzDq1DR9pKVGoLlE%2FVCFBBhAclHoNZBWh3hIA0dpLGDiB3XaacXum439MNWa6EdBEGrFQSdhXnWYa32QugiDSp6IyTxCIEcITCbiM0m1sT7JSEHvxyRu0dkDJN%2BB7uawzIHNimJc20TA5Yj4wSZJcgoQSYIsoQgG%2BQ7TNqmze8waVPfm9bmtLbysU76W3RHJ32uyFZ8Qh6fWPTX6Aes8eO6v%2BB3WyzgbcY68z3mUe6FLneDTneeh163BytyCHtqonpDlOSpr75FLEpy6uwQPt2HlfsIxGOgqQeajbtNF3R13F5wsaG%2BXOUqoeJcX4TnqBIRbwQ6AtM54qSGZN3Zkifk6Qmfl%2B7%2FAR4cXtj79d1nvr72GwKTIzY53hL3Cfry9vi6zsj2dZ1ZsrcUJyISG7R6zhsJTfjpu6%2Fz9UwbduWSHX3yclABVXvvJrfJVaqYUH1LPr0oGOPmsjYBJ99csSvcX07t6sXUqDS%2BuvzK5StRbLi1QqsCVJSEFG8jECU583c8%2BarP2c8hTAGT5ojSQzINCF0giDdh4xl%2FqwmMnO348WlkaT42TX92KQWB5LOZ%2Bjnsv2Z%2F1m%2FZ2%2BibGmhyCyrKMTA5BjIHlSPY9P%2FjJDaHFw4%2BquJj%2BLI29qWpbfvSyA8qc3%2Bv0p8Tm6v0AFYc13kndEPuNrkf9vywS13WC9s9n%2FY83vU71ENiS86f%2FfkfAAAA%2F%2F8BAAD%2F%2F99UriqRBAAA

192.243.61.227

7 B

URL
circumstantialplatoon.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSPWwcxR%2BdTe7f%2FNMAooAGTqIBKTnv3ofPR4pACEERwXY%2BkOvZndnz4NmZZWb39uzKIgKlPAkKoFq%2Fs2MRIsASSDQgtE5jWULyUiAXWEKUUBFIg4TQXk46%2BEnz%2B5j3K957M%2B9tpSfERUqPl9%2FQG0JKOtdpuPXnV4RiOrP1xZt1z2245%2BsrQs23z9eHVTKDFz2303BfqL%2FGgzU913Q91%2FVcr35ZGB7q4dwEhYjv9bxGz220mw2v08bQ%2FHe2qQNLHbDBCXkCgpX%2FWz3YgwgKqOiLS9yuJTo%2B%2B2qUSppogwHbfVOtKZ0pRLM2NA5CtTvdhrYlIR%2Begla7UwXQg%2B1KAXxREudHD77andKEP9h5xNSX4Ao%2BO4NsUIDLAoIWCPQtCHZEgIBhcQkqurOoTUbXH6G0QktSe%2FgAIitJ7acnoaLPLkoxrN%2FQMk2EVhbDMIcYFhD9AnG6j2TDgcj2ESTvQLDvydzDq1DR9pKVGoLlE%2FVCFBBhAclHoNZBWh3hIA0dpLGDiB3XaacXum439MNWa6EdBEGrFQSdhXnWYa32QugiDSp6IyTxCIEcITCbiM0m1sT7JSEHvxyRu0dkDJN%2BB7uawzIHNimJc20TA5Yj4wSZJcgoQSYIsoQgG%2BQ7TNqmze8waVPfm9bmtLbysU76W3RHJ32uyFZ8Qh6fWPTX6Aes8eO6v%2BB3WyzgbcY68z3mUe6FLneDTneeh163BytyCHtqonpDlOSpr75FLEpy6uwQPt2HlfsIxGOgqQeajbtNF3R13F5wsaG%2BXOUqoeJcX4TnqBIRbwQ6AtM54qSGZN3Zkifk6Qmfl%2B7%2FAR4cXtj79d1nvr72GwKTIzY53hL3Cfry9vi6zsj2dZ1ZsrcUJyISG7R6zhsJTfjpu6%2Fz9UwbduWSHX3yclABVXvvJrfJVaqYUH1LPr0oGOPmsjYBJ99csSvcX07t6sXUqDS%2BuvzK5StRbLi1QqsCVJSEFG8jECU583c8%2BarP2c8hTAGT5ojSQzINCF0giDdh4xl%2FqwmMnO348WlkaT42TX92KQWB5LOZ%2Bjnsv2Z%2F1m%2FZ2%2BibGmhyCyrKMTA5BjIHlSPY9P%2FjJDaHFw4%2BquJj%2BLI29qWpbfvSyA8qc3%2Bv0p8Tm6v0AFYc13kndEPuNrkf9vywS13WC9s9n%2FY83vU71ENiS86f%2FfkfAAAA%2F%2F8BAAD%2F%2F99UriqRBAAA
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSPWwcxR%2BdTe7f%2FNMAooAGTqIBKTnv3ofPR4pACEERwXY%2BkOvZndnz4NmZZWb39uzKIgKlPAkKoFq%2Fs2MRIsASSDQgtE5jWULyUiAXWEKUUBFIg4TQXk46%2BEnz%2B5j3K957M%2B9tpSfERUqPl9%2FQG0JKOtdpuPXnV4RiOrP1xZt1z2245%2BsrQs23z9eHVTKDFz2303BfqL%2FGgzU913Q91%2FVcr35ZGB7q4dwEhYjv9bxGz220mw2v08bQ%2FHe2qQNLHbDBCXkCgpX%2FWz3YgwgKqOiLS9yuJTo%2B%2B2qUSppogwHbfVOtKZ0pRLM2NA5CtTvdhrYlIR%2Begla7UwXQg%2B1KAXxREudHD77andKEP9h5xNSX4Ao%2BO4NsUIDLAoIWCPQtCHZEgIBhcQkqurOoTUbXH6G0QktSe%2FgAIitJ7acnoaLPLkoxrN%2FQMk2EVhbDMIcYFhD9AnG6j2TDgcj2ESTvQLDvydzDq1DR9pKVGoLlE%2FVCFBBhAclHoNZBWh3hIA0dpLGDiB3XaacXum439MNWa6EdBEGrFQSdhXnWYa32QugiDSp6IyTxCIEcITCbiM0m1sT7JSEHvxyRu0dkDJN%2BB7uawzIHNimJc20TA5Yj4wSZJcgoQSYIsoQgG%2BQ7TNqmze8waVPfm9bmtLbysU76W3RHJ32uyFZ8Qh6fWPTX6Aes8eO6v%2BB3WyzgbcY68z3mUe6FLneDTneeh163BytyCHtqonpDlOSpr75FLEpy6uwQPt2HlfsIxGOgqQeajbtNF3R13F5wsaG%2BXOUqoeJcX4TnqBIRbwQ6AtM54qSGZN3Zkifk6Qmfl%2B7%2FAR4cXtj79d1nvr72GwKTIzY53hL3Cfry9vi6zsj2dZ1ZsrcUJyISG7R6zhsJTfjpu6%2Fz9UwbduWSHX3yclABVXvvJrfJVaqYUH1LPr0oGOPmsjYBJ99csSvcX07t6sXUqDS%2BuvzK5StRbLi1QqsCVJSEFG8jECU583c8%2BarP2c8hTAGT5ojSQzINCF0giDdh4xl%2FqwmMnO348WlkaT42TX92KQWB5LOZ%2Bjnsv2Z%2F1m%2FZ2%2BibGmhyCyrKMTA5BjIHlSPY9P%2FjJDaHFw4%2BquJj%2BLI29qWpbfvSyA8qc3%2Bv0p8Tm6v0AFYc13kndEPuNrkf9vywS13WC9s9n%2FY83vU71ENiS86f%2FfkfAAAA%2F%2F8BAAD%2F%2F99UriqRBAAA HTTP/1.1
Host: circumstantialplatoon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 27 Nov 2023 23:01:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 02b744fbf9fcc5fa267e556281c02679
Strict-Transport-Security: max-age=0; includeSubdomains

adjusteddrug.com/watch.1449866090802.js?key=c56a3a0d78064cdb8bd27f6995fe3f3a&kw=%5B%22kagaku%22%2C%22na%22%2C%22yatsura%22%2C%22gifs%22%2C%22part%22%2C%2247%22%2C%22-%22%2C%22hentai%22%2C%22gif%22%5D&refer=https%3A%2F%2Fde.hentai-gif-anime.com%2Fimage%2Fkagaku-na-yatsura-gifs-47%2F&tz=0&dev=e&res=14.3095&uuid=cb7de550-92b9-4fd1-91f1-e1bab9ca5745%3A2%3A1&shu=6b87229e2c8c11d3bac3e002f42fb9388447c79ee6a1c6b8b58b8d9519b75169b06df0c80e09a3e0740339c0db4a099910a25b3e1e833ce45a7fa918a386ef659522c05e1dc151ed895e2f70fc724f78a362bba148bf1ca6eefcf5ff58b1f4&pst=1701126173&rmtc=t

192.243.59.12

200 OK

2.5 kB

URL GET HTTP/1.1
adjusteddrug.com/watch.1449866090802.js?key=c56a3a0d78064cdb8bd27f6995fe3f3a&kw=%5B%22kagaku%22%2C%22na%22%2C%22yatsura%22%2C%22gifs%22%2C%22part%22%2C%2247%22%2C%22-%22%2C%22hentai%22%2C%22gif%22%5D&refer=https%3A%2F%2Fde.hentai-gif-anime.com%2Fimage%2Fkagaku-na-yatsura-gifs-47%2F&tz=0&dev=e&res=14.3095&uuid=cb7de550-92b9-4fd1-91f1-e1bab9ca5745%3A2%3A1&shu=6b87229e2c8c11d3bac3e002f42fb9388447c79ee6a1c6b8b58b8d9519b75169b06df0c80e09a3e0740339c0db4a099910a25b3e1e833ce45a7fa918a386ef659522c05e1dc151ed895e2f70fc724f78a362bba148bf1ca6eefcf5ff58b1f4&pst=1701126173&rmtc=t
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerLet's Encrypt
Subjectadjusteddrug.com
FingerprintDD:0A:53:1B:50:72:B2:7B:9D:40:39:3F:08:AF:31:0D:35:94:25:2B
ValiditySat, 25 Nov 2023 07:59:15 GMT - Fri, 23 Feb 2024 07:59:14 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (3169)
Size
2.5 kB (2480 bytes)
Hash
15535aadeb480efe96073304c421703a
ad1d2ec88f49f98e7c911abaa4282d887fc7dc6e
769a3605edc841eadd53e73764fd9f9396bc83f892840b2277c92c2b621cef3f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1449866090802.js?key=c56a3a0d78064cdb8bd27f6995fe3f3a&kw=%5B%22kagaku%22%2C%22na%22%2C%22yatsura%22%2C%22gifs%22%2C%22part%22%2C%2247%22%2C%22-%22%2C%22hentai%22%2C%22gif%22%5D&refer=https%3A%2F%2Fde.hentai-gif-anime.com%2Fimage%2Fkagaku-na-yatsura-gifs-47%2F&tz=0&dev=e&res=14.3095&uuid=cb7de550-92b9-4fd1-91f1-e1bab9ca5745%3A2%3A1&shu=6b87229e2c8c11d3bac3e002f42fb9388447c79ee6a1c6b8b58b8d9519b75169b06df0c80e09a3e0740339c0db4a099910a25b3e1e833ce45a7fa918a386ef659522c05e1dc151ed895e2f70fc724f78a362bba148bf1ca6eefcf5ff58b1f4&pst=1701126173&rmtc=t HTTP/1.1
Host: adjusteddrug.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://de.hentai-gif-anime.com
Referer: https://de.hentai-gif-anime.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=16486569; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQ4NjU2OSwiayI6ImM1NmEzYTBkNzgwNjRjZGI4YmQyN2Y2OTk1ZmUzZjNhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjE5MzkwLCJwaWQiOjE0MjQ1NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJ6cXF3dHFyZ2JpIiwiY3BrcyI6eyIyOCI6ImEzZThkYzFlZGVjNDU5M2JiNmViMTgwMGY5OGQ3MTIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2RlLmhlbnRhaS1naWYtYW5pbWUuY29tL2ltYWdlL2thZ2FrdS1uYS15YXRzdXJhLWdpZnMtNDcvIn19.WNdtTzD4bHaBWv5U-azacoo_Z4Rv3XYcO4Zbk5C1IHI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 27 Nov 2023 23:01:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://de.hentai-gif-anime.com
Access-Control-Allow-Origin: https://de.hentai-gif-anime.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=cb7de550-92b9-4fd1-91f1-e1bab9ca5745:2:1; expires=Mon, 04 Dec 2023 23:01:54 GMT; secure; SameSite=None
iprc03a4cedb434ac029e7c012581131d98c=3569681; expires=Tue, 28 Nov 2023 03:01:54 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 28 Nov 2023 23:01:54 GMT; secure; SameSite=None
uncs=1; expires=Tue, 28 Nov 2023 23:01:54 GMT; secure; SameSite=None
pdhtkv5=true; expires=Tue, 28 Nov 2023 23:01:54 GMT; secure; SameSite=None
uncs5=1; expires=Tue, 28 Nov 2023 23:01:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b5348922c4de7ef332f38166026690e8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

hundredshands.com/watch.24171420547.js?key=466a4a49f3d5ab80a19d25d71d1aea47&kw=%5B%22kagaku%22%2C%22na%22%2C%22yatsura%22%2C%22gifs%22%2C%22part%22%2C%2247%22%2C%22-%22%2C%22hentai%22%2C%22gif%22%5D&refer=https%3A%2F%2Fde.hentai-gif-anime.com%2Fimage%2Fkagaku-na-yatsura-gifs-47%2F&tz=0&dev=e&res=14.3095&uuid=9f539ebe-20f7-46e8-afaf-f3161e954842%3A1%3A1&shu=1bb96b67f1468fe40540440b6f2a362ad7d10dd7d675599bd00f36a79cf5c4dfbb311d04ff33a135183d63b64e096615c1e5856115c7c43d514187f04c9f6107beedc1765448ef3e2fc5aec12f9343621e68c732b42ccdbee09ee6b57132dd&pst=1701126173&rmtc=t

192.243.59.12

200 OK

2.1 kB

URL GET HTTP/1.1
hundredshands.com/watch.24171420547.js?key=466a4a49f3d5ab80a19d25d71d1aea47&kw=%5B%22kagaku%22%2C%22na%22%2C%22yatsura%22%2C%22gifs%22%2C%22part%22%2C%2247%22%2C%22-%22%2C%22hentai%22%2C%22gif%22%5D&refer=https%3A%2F%2Fde.hentai-gif-anime.com%2Fimage%2Fkagaku-na-yatsura-gifs-47%2F&tz=0&dev=e&res=14.3095&uuid=9f539ebe-20f7-46e8-afaf-f3161e954842%3A1%3A1&shu=1bb96b67f1468fe40540440b6f2a362ad7d10dd7d675599bd00f36a79cf5c4dfbb311d04ff33a135183d63b64e096615c1e5856115c7c43d514187f04c9f6107beedc1765448ef3e2fc5aec12f9343621e68c732b42ccdbee09ee6b57132dd&pst=1701126173&rmtc=t
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerLet's Encrypt
Subjecthundredshands.com
Fingerprint68:49:71:81:D7:16:91:C6:33:E9:EA:03:8A:09:34:0E:05:19:90:EB
ValiditySat, 25 Nov 2023 07:48:53 GMT - Fri, 23 Feb 2024 07:48:52 GMT

File type
HTML document, ASCII text, with very long lines (2573)
Size
2.1 kB (2077 bytes)
Hash
ffc7848b7379fde45302c61e8b573fbf
f7051874c259ade827712e3763c27f3535a86314
93d44d126bbf126d0ebcec9f2fa6b86239594d1cd130b3e30bc0b8bdac104369

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.24171420547.js?key=466a4a49f3d5ab80a19d25d71d1aea47&kw=%5B%22kagaku%22%2C%22na%22%2C%22yatsura%22%2C%22gifs%22%2C%22part%22%2C%2247%22%2C%22-%22%2C%22hentai%22%2C%22gif%22%5D&refer=https%3A%2F%2Fde.hentai-gif-anime.com%2Fimage%2Fkagaku-na-yatsura-gifs-47%2F&tz=0&dev=e&res=14.3095&uuid=9f539ebe-20f7-46e8-afaf-f3161e954842%3A1%3A1&shu=1bb96b67f1468fe40540440b6f2a362ad7d10dd7d675599bd00f36a79cf5c4dfbb311d04ff33a135183d63b64e096615c1e5856115c7c43d514187f04c9f6107beedc1765448ef3e2fc5aec12f9343621e68c732b42ccdbee09ee6b57132dd&pst=1701126173&rmtc=t HTTP/1.1
Host: hundredshands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://de.hentai-gif-anime.com
Referer: https://de.hentai-gif-anime.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=16485857; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQ4NTg1NywiayI6IjQ2NmE0YTQ5ZjNkNWFiODBhMTlkMjVkNzFkMWFlYTQ3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjE5MzkwLCJwaWQiOjE0MjQ1NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyNSwicHQiOjQsInBrIjoicThmcTNpcnNqIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZGUuaGVudGFpLWdpZi1hbmltZS5jb20vaW1hZ2Uva2FnYWt1LW5hLXlhdHN1cmEtZ2lmcy00Ny8ifX0.5TS0JJZgvto6xYNXjFWbiHLcnIg2nhRcdxRUaEPLYPs
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 27 Nov 2023 23:01:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://de.hentai-gif-anime.com
Access-Control-Allow-Origin: https://de.hentai-gif-anime.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=9f539ebe-20f7-46e8-afaf-f3161e954842:1:1; expires=Mon, 04 Dec 2023 23:01:54 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 28 Nov 2023 23:01:54 GMT; secure; SameSite=None
uncs=1; expires=Tue, 28 Nov 2023 23:01:54 GMT; secure; SameSite=None
pdhtkv25=true; expires=Tue, 28 Nov 2023 23:01:54 GMT; secure; SameSite=None
uncs25=1; expires=Tue, 28 Nov 2023 23:01:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3f0158036ab2087c61cf83636d1b693a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

circumstantialplatoon.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitXseLuah40IsOeFFIZrvnZ2fGHKIxRoIx%2F7Ln6qrq2XKru9qq7unZPS0GJccBPain3je7WYxBsqDgRZHeXJYFYduD7MEF8agno7kIIj0ZGP2gvp963%2BG9V%2FXhZnpMXKT06Mrbel0qRRc7Dbf%2B0rKMuM5s%2FdKNuuc23NP1ZRkttU%2FXR1Uyw1c8t9NwX66%2FKdiqXmy6nut6rlc%2FL40I9GhxikLGd%2Fteo%2B822s2G12ljZP4%2F29SBpQ748Jg8DcnLx1f2dyFZgSi8d07Y1UTHJ98IU0UTbTDkO%2B9Eq5HOIoTzNjAOgmhntg1tS0I%2BWYCOdmYKoIdblQL4siTOTx78aGdGE%2F5w%2BxFTX0FE8PkJZMMCQhWQtADTNyH5IQEYx6XLiMLbl7TJ6NojlFZoSWoPH0BmJan9%2FAyi8MuzSo7q17VKE6kji1GQQ44KyEGBON1Dsu5AZntgyfuQ%2FAey%2BPAionDrslUakudT9VIWkEEBJcag1kFaHekgDRyksYOQH9Vppx%2B4bjfwg1ar12aMtVqMdXpLvMNb7V7gImUVvTGSeAymxmBmA7HZwKr8qCRk%2F9dDcueQTGDS72FXcljuwCYlca5uYMhzZIIgswQZJcgkQZYQZMN8myvbtPltrmzqe7PanNVWPtHJYJNu62QgIrIZH5Onphb9Pf4Rq%2BKo7vf8bosz0ea8s9TnHhVe4AqXdbpLIvC6fViZQ9qFqep1WZJnv%2F4OsSzJwskRfLoHq%2FbA5JOgqQeaTbpNF3Rl0u65WI%2B%2BWhFRQuWpgQxO0UiGosF0CK5zxEkNyZqzqY7Jc1M%2Br97%2FC4IdnNn97YPnv7n6O5jJEZsc78r7BAN1a3JNZ2Trms4s2b0cJzKU67R6zusJTcRjd94Sa5k2%2FMI5O%2F78NVYBVXv3hrDJRRpxGQ0s%2BeKs5FyY89owQb69YJeFfyW1K2dTE6XxxSuvn78QxkZYK3VUgMqSkOI9MFmSE%2F%2FE06%2F6or0HaQqYNEeYHpBZQOoCLN6Ajef8rSYwar7jxwvI0nximv78UkkCJeYz9XPY%2F8z%2BvN%2B0tzAwNdDkJqIwx9DkGKocVI1h0ycmSWwOzux%2FWsVn8FVt4itT2%2FKVUR9X5v4xdbhKf1bpAaw8qne8tuj5vS7j3BeMe91mq9dy3Sbn7W5feH0kthTihV%2F%2BBQAA%2F%2F8BAAD%2F%2Fyr03niRBAAA

192.243.61.227

200 OK

7 B

URL GET HTTP/1.1
circumstantialplatoon.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitXseLuah40IsOeFFIZrvnZ2fGHKIxRoIx%2F7Ln6qrq2XKru9qq7unZPS0GJccBPain3je7WYxBsqDgRZHeXJYFYduD7MEF8agno7kIIj0ZGP2gvp963%2BG9V%2FXhZnpMXKT06Mrbel0qRRc7Dbf%2B0rKMuM5s%2FdKNuuc23NP1ZRkttU%2FXR1Uyw1c8t9NwX66%2FKdiqXmy6nut6rlc%2FL40I9GhxikLGd%2Fteo%2B822s2G12ljZP4%2F29SBpQ748Jg8DcnLx1f2dyFZgSi8d07Y1UTHJ98IU0UTbTDkO%2B9Eq5HOIoTzNjAOgmhntg1tS0I%2BWYCOdmYKoIdblQL4siTOTx78aGdGE%2F5w%2BxFTX0FE8PkJZMMCQhWQtADTNyH5IQEYx6XLiMLbl7TJ6NojlFZoSWoPH0BmJan9%2FAyi8MuzSo7q17VKE6kji1GQQ44KyEGBON1Dsu5AZntgyfuQ%2FAey%2BPAionDrslUakudT9VIWkEEBJcag1kFaHekgDRyksYOQH9Vppx%2B4bjfwg1ar12aMtVqMdXpLvMNb7V7gImUVvTGSeAymxmBmA7HZwKr8qCRk%2F9dDcueQTGDS72FXcljuwCYlca5uYMhzZIIgswQZJcgkQZYQZMN8myvbtPltrmzqe7PanNVWPtHJYJNu62QgIrIZH5Onphb9Pf4Rq%2BKo7vf8bosz0ea8s9TnHhVe4AqXdbpLIvC6fViZQ9qFqep1WZJnv%2F4OsSzJwskRfLoHq%2FbA5JOgqQeaTbpNF3Rl0u65WI%2B%2BWhFRQuWpgQxO0UiGosF0CK5zxEkNyZqzqY7Jc1M%2Br97%2FC4IdnNn97YPnv7n6O5jJEZsc78r7BAN1a3JNZ2Trms4s2b0cJzKU67R6zusJTcRjd94Sa5k2%2FMI5O%2F78NVYBVXv3hrDJRRpxGQ0s%2BeKs5FyY89owQb69YJeFfyW1K2dTE6XxxSuvn78QxkZYK3VUgMqSkOI9MFmSE%2F%2FE06%2F6or0HaQqYNEeYHpBZQOoCLN6Ajef8rSYwar7jxwvI0nximv78UkkCJeYz9XPY%2F8z%2BvN%2B0tzAwNdDkJqIwx9DkGKocVI1h0ycmSWwOzux%2FWsVn8FVt4itT2%2FKVUR9X5v4xdbhKf1bpAaw8qne8tuj5vS7j3BeMe91mq9dy3Sbn7W5feH0kthTihV%2F%2BBQAA%2F%2F8BAAD%2F%2Fyr03niRBAAA
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerLet's Encrypt
Subjectcircumstantialplatoon.com
Fingerprint21:4C:19:A1:5F:8C:21:03:61:98:4C:18:28:B5:30:5A:48:99:04:AB
ValiditySat, 25 Nov 2023 08:05:28 GMT - Fri, 23 Feb 2024 08:05:27 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitXseLuah40IsOeFFIZrvnZ2fGHKIxRoIx%2F7Ln6qrq2XKru9qq7unZPS0GJccBPain3je7WYxBsqDgRZHeXJYFYduD7MEF8agno7kIIj0ZGP2gvp963%2BG9V%2FXhZnpMXKT06Mrbel0qRRc7Dbf%2B0rKMuM5s%2FdKNuuc23NP1ZRkttU%2FXR1Uyw1c8t9NwX66%2FKdiqXmy6nut6rlc%2FL40I9GhxikLGd%2Fteo%2B822s2G12ljZP4%2F29SBpQ748Jg8DcnLx1f2dyFZgSi8d07Y1UTHJ98IU0UTbTDkO%2B9Eq5HOIoTzNjAOgmhntg1tS0I%2BWYCOdmYKoIdblQL4siTOTx78aGdGE%2F5w%2BxFTX0FE8PkJZMMCQhWQtADTNyH5IQEYx6XLiMLbl7TJ6NojlFZoSWoPH0BmJan9%2FAyi8MuzSo7q17VKE6kji1GQQ44KyEGBON1Dsu5AZntgyfuQ%2FAey%2BPAionDrslUakudT9VIWkEEBJcag1kFaHekgDRyksYOQH9Vppx%2B4bjfwg1ar12aMtVqMdXpLvMNb7V7gImUVvTGSeAymxmBmA7HZwKr8qCRk%2F9dDcueQTGDS72FXcljuwCYlca5uYMhzZIIgswQZJcgkQZYQZMN8myvbtPltrmzqe7PanNVWPtHJYJNu62QgIrIZH5Onphb9Pf4Rq%2BKo7vf8bosz0ea8s9TnHhVe4AqXdbpLIvC6fViZQ9qFqep1WZJnv%2F4OsSzJwskRfLoHq%2FbA5JOgqQeaTbpNF3Rl0u65WI%2B%2BWhFRQuWpgQxO0UiGosF0CK5zxEkNyZqzqY7Jc1M%2Br97%2FC4IdnNn97YPnv7n6O5jJEZsc78r7BAN1a3JNZ2Trms4s2b0cJzKU67R6zusJTcRjd94Sa5k2%2FMI5O%2F78NVYBVXv3hrDJRRpxGQ0s%2BeKs5FyY89owQb69YJeFfyW1K2dTE6XxxSuvn78QxkZYK3VUgMqSkOI9MFmSE%2F%2FE06%2F6or0HaQqYNEeYHpBZQOoCLN6Ajef8rSYwar7jxwvI0nximv78UkkCJeYz9XPY%2F8z%2BvN%2B0tzAwNdDkJqIwx9DkGKocVI1h0ycmSWwOzux%2FWsVn8FVt4itT2%2FKVUR9X5v4xdbhKf1bpAaw8qne8tuj5vS7j3BeMe91mq9dy3Sbn7W5feH0kthTihV%2F%2BBQAA%2F%2F8BAAD%2F%2Fyr03niRBAAA HTTP/1.1
Host: circumstantialplatoon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 27 Nov 2023 23:01:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 24bc3d3b743c30d848e456f2c20fce5a
Strict-Transport-Security: max-age=0; includeSubdomains

circumstantialplatoon.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSPWwcxR%2BdTe7f%2FNMAooAGTqIBKTnv3ofvjhSBEIIiQuJ8INezM7PnwbM7y8zu7dmVRQRKeRIUQLV%2BZ8ciRIAlkGhAaJ3GsoTkpUAusIQooSKQBgmhvZx08JPm9zHvV7z3Zt7bTI%2BJi5QeLb2h16VSdKHTcOvPL8uI68zWr9yse27DPVtfltFi%2B2x9VCUzfNFzOw33hfprgq3qhabrua7nevWL0ohAjxamKGR8r%2B81%2Bm6j3Wx4nTZG5r%2BzTR1Y6oAPj8kTkLz838r%2BLiQrEIVfXBB2NdHx6VfDVNFEGwz5zpvRaqSzCOG8DYyDINqZbUPbkpAPT0BHOzMF0MOtSgF8WRLnRw9%2BtDOjCX%2B4%2FYipryAi%2BPwUsmEBoQpIWoDpW5D8kACM48pVROGdK9pkdO0RSiu0JLWHDyCzktR%2BehJR%2BNl5JUf1G1qlidSRxSjIIUcF5KBAnO4hWXcgsz2w5B1I%2Fj1ZeHgZUbh11SoNyfOpeikLyKCAEmNQ6yCtjnSQBg7S2EHIj%2Bq00w9ctxv4QavVazPGWi3GOr1F3uGtdi9wkbKK3hhJPAZTYzCzgdhsYFW%2BXxKy%2F8shuXtIJjDpd7ArOSx3YJOSONc2MOQ5MkGQWYKMEmSSIEsIsmG%2BzZVt2vwOVzb1vVltzmorn%2BhksEm3dTIQEdmMj8njU4v%2BGv%2BAVXFU93t%2Bt8WZaHPeWexzjwovcIXLOt1FEXjdPqzMIe2Jqep1WZKnvvoWsSzJidMj%2BHQPVu2BycdAUw80m3SbLujKpN1zsR59uSKihMozAxmcoZEMRYPpEFzniJMakjVnUx2Tp6d8Xrr%2FBwQ7OLf767vPfH3tNzCTIzY53pL3CQbq9uS6zsjWdZ1Zsns1TmQo12n1nDcSmoiTd18Xa5k2%2FNIFO%2F7kZVYBVXvvprDJZRpxGQ0s%2BfS85FyYi9owQb65ZJeFv5TalfOpidL48tIrFy%2BFsRHWSh0VoLIkpHgbTJbk1N%2Fx9Ks%2BZz%2BHNAVMmiNMD8gsIHUBFm%2FAxnP%2BVhMYNd%2Fx45PI0nximv78UkkCJeYz9XPYf83%2BvN%2B0tzEwNdDkFqIwx9DkGKocVI1h0%2F9PktgcnNv%2FqIqP4avaxFemtuUroz6ozP29Sn9Oba7SA1h5VO94bdHze13GuS8Y97rNVq%2Fluk3O292%2B8PpIbCnEsz%2F%2FAwAA%2F%2F8BAAD%2F%2F8tcIMyRBAAA

192.243.61.227

200 OK

7 B

URL GET HTTP/1.1
circumstantialplatoon.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSPWwcxR%2BdTe7f%2FNMAooAGTqIBKTnv3ofvjhSBEIIiQuJ8INezM7PnwbM7y8zu7dmVRQRKeRIUQLV%2BZ8ciRIAlkGhAaJ3GsoTkpUAusIQooSKQBgmhvZx08JPm9zHvV7z3Zt7bTI%2BJi5QeLb2h16VSdKHTcOvPL8uI68zWr9yse27DPVtfltFi%2B2x9VCUzfNFzOw33hfprgq3qhabrua7nevWL0ohAjxamKGR8r%2B81%2Bm6j3Wx4nTZG5r%2BzTR1Y6oAPj8kTkLz838r%2BLiQrEIVfXBB2NdHx6VfDVNFEGwz5zpvRaqSzCOG8DYyDINqZbUPbkpAPT0BHOzMF0MOtSgF8WRLnRw9%2BtDOjCX%2B4%2FYipryAi%2BPwUsmEBoQpIWoDpW5D8kACM48pVROGdK9pkdO0RSiu0JLWHDyCzktR%2BehJR%2BNl5JUf1G1qlidSRxSjIIUcF5KBAnO4hWXcgsz2w5B1I%2Fj1ZeHgZUbh11SoNyfOpeikLyKCAEmNQ6yCtjnSQBg7S2EHIj%2Bq00w9ctxv4QavVazPGWi3GOr1F3uGtdi9wkbKK3hhJPAZTYzCzgdhsYFW%2BXxKy%2F8shuXtIJjDpd7ArOSx3YJOSONc2MOQ5MkGQWYKMEmSSIEsIsmG%2BzZVt2vwOVzb1vVltzmorn%2BhksEm3dTIQEdmMj8njU4v%2BGv%2BAVXFU93t%2Bt8WZaHPeWexzjwovcIXLOt1FEXjdPqzMIe2Jqep1WZKnvvoWsSzJidMj%2BHQPVu2BycdAUw80m3SbLujKpN1zsR59uSKihMozAxmcoZEMRYPpEFzniJMakjVnUx2Tp6d8Xrr%2FBwQ7OLf767vPfH3tNzCTIzY53pL3CQbq9uS6zsjWdZ1Zsns1TmQo12n1nDcSmoiTd18Xa5k2%2FNIFO%2F7kZVYBVXvvprDJZRpxGQ0s%2BfS85FyYi9owQb65ZJeFv5TalfOpidL48tIrFy%2BFsRHWSh0VoLIkpHgbTJbk1N%2Fx9Ks%2BZz%2BHNAVMmiNMD8gsIHUBFm%2FAxnP%2BVhMYNd%2Fx45PI0nximv78UkkCJeYz9XPYf83%2BvN%2B0tzEwNdDkFqIwx9DkGKocVI1h0%2F9PktgcnNv%2FqIqP4avaxFemtuUroz6ozP29Sn9Oba7SA1h5VO94bdHze13GuS8Y97rNVq%2Fluk3O292%2B8PpIbCnEsz%2F%2FAwAA%2F%2F8BAAD%2F%2F8tcIMyRBAAA
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerLet's Encrypt
Subjectcircumstantialplatoon.com
Fingerprint21:4C:19:A1:5F:8C:21:03:61:98:4C:18:28:B5:30:5A:48:99:04:AB
ValiditySat, 25 Nov 2023 08:05:28 GMT - Fri, 23 Feb 2024 08:05:27 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSPWwcxR%2BdTe7f%2FNMAooAGTqIBKTnv3ofvjhSBEIIiQuJ8INezM7PnwbM7y8zu7dmVRQRKeRIUQLV%2BZ8ciRIAlkGhAaJ3GsoTkpUAusIQooSKQBgmhvZx08JPm9zHvV7z3Zt7bTI%2BJi5QeLb2h16VSdKHTcOvPL8uI68zWr9yse27DPVtfltFi%2B2x9VCUzfNFzOw33hfprgq3qhabrua7nevWL0ohAjxamKGR8r%2B81%2Bm6j3Wx4nTZG5r%2BzTR1Y6oAPj8kTkLz838r%2BLiQrEIVfXBB2NdHx6VfDVNFEGwz5zpvRaqSzCOG8DYyDINqZbUPbkpAPT0BHOzMF0MOtSgF8WRLnRw9%2BtDOjCX%2B4%2FYipryAi%2BPwUsmEBoQpIWoDpW5D8kACM48pVROGdK9pkdO0RSiu0JLWHDyCzktR%2BehJR%2BNl5JUf1G1qlidSRxSjIIUcF5KBAnO4hWXcgsz2w5B1I%2Fj1ZeHgZUbh11SoNyfOpeikLyKCAEmNQ6yCtjnSQBg7S2EHIj%2Bq00w9ctxv4QavVazPGWi3GOr1F3uGtdi9wkbKK3hhJPAZTYzCzgdhsYFW%2BXxKy%2F8shuXtIJjDpd7ArOSx3YJOSONc2MOQ5MkGQWYKMEmSSIEsIsmG%2BzZVt2vwOVzb1vVltzmorn%2BhksEm3dTIQEdmMj8njU4v%2BGv%2BAVXFU93t%2Bt8WZaHPeWexzjwovcIXLOt1FEXjdPqzMIe2Jqep1WZKnvvoWsSzJidMj%2BHQPVu2BycdAUw80m3SbLujKpN1zsR59uSKihMozAxmcoZEMRYPpEFzniJMakjVnUx2Tp6d8Xrr%2FBwQ7OLf767vPfH3tNzCTIzY53pL3CQbq9uS6zsjWdZ1Zsns1TmQo12n1nDcSmoiTd18Xa5k2%2FNIFO%2F7kZVYBVXvvprDJZRpxGQ0s%2BfS85FyYi9owQb65ZJeFv5TalfOpidL48tIrFy%2BFsRHWSh0VoLIkpHgbTJbk1N%2Fx9Ks%2BZz%2BHNAVMmiNMD8gsIHUBFm%2FAxnP%2BVhMYNd%2Fx45PI0nximv78UkkCJeYz9XPYf83%2BvN%2B0tzEwNdDkFqIwx9DkGKocVI1h0%2F9PktgcnNv%2FqIqP4avaxFemtuUroz6ozP29Sn9Oba7SA1h5VO94bdHze13GuS8Y97rNVq%2Fluk3O292%2B8PpIbCnEsz%2F%2FAwAA%2F%2F8BAAD%2F%2F8tcIMyRBAAA HTTP/1.1
Host: circumstantialplatoon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 27 Nov 2023 23:01:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 83291e3cb625403cf67850ccea03f0cf
Strict-Transport-Security: max-age=0; includeSubdomains

mothwetcheater.com/sbar.json?key=bf3a3af4dd0c8d985f1accd648d117c1&uuid=9f539ebe-20f7-46e8-afaf-f3161e954842%3A1%3A1

192.243.59.13

3.4 kB

URL
mothwetcheater.com/sbar.json?key=bf3a3af4dd0c8d985f1accd648d117c1&uuid=9f539ebe-20f7-46e8-afaf-f3161e954842%3A1%3A1
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

Certificate
IssuerLet's Encrypt
Subjectmothwetcheater.com
FingerprintF1:9C:43:65:44:BC:E7:E8:83:A6:06:D7:16:D2:E0:93:A9:9C:2D:99
ValidityTue, 07 Nov 2023 07:43:43 GMT - Mon, 05 Feb 2024 07:43:42 GMT

File type
JSON data\012- , ASCII text, with very long lines (6142), with no line terminators
Size
3.4 kB (3411 bytes)
Hash
49c7b0527e1f4927b04301418f1dbdae
d36b836f2b72c9c8ac60945fa44ec177e69d8e12
94b5e90612262f22777d4f96b09e6b47bd5d1d47f6daae6ce723c26f0c46b56b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=bf3a3af4dd0c8d985f1accd648d117c1&uuid=9f539ebe-20f7-46e8-afaf-f3161e954842%3A1%3A1 HTTP/1.1
Host: mothwetcheater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://de.hentai-gif-anime.com
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: u_pl=16485857; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQ4NTg1NywiayI6IjQ2NmE0YTQ5ZjNkNWFiODBhMTlkMjVkNzFkMWFlYTQ3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjE5MzkwLCJwaWQiOjE0MjQ1NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyNSwicHQiOjQsInBrIjoicThmcTNpcnNqIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZGUuaGVudGFpLWdpZi1hbmltZS5jb20vaW1hZ2Uva2FnYWt1LW5hLXlhdHN1cmEtZ2lmcy00Ny8ifX0.5TS0JJZgvto6xYNXjFWbiHLcnIg2nhRcdxRUaEPLYPs
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 27 Nov 2023 23:01:54 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://de.hentai-gif-anime.com
Access-Control-Allow-Origin: https://de.hentai-gif-anime.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16485857,16484306; expires=Tue, 28 Nov 2023 23:01:54 GMT; secure; SameSite=None
uid_id2=9f539ebe-20f7-46e8-afaf-f3161e954842:1:1; expires=Mon, 04 Dec 2023 23:01:54 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 28 Nov 2023 23:01:54 GMT; secure; SameSite=None
uncs=1; expires=Tue, 28 Nov 2023 23:01:54 GMT; secure; SameSite=None
pdhtkv29=true; expires=Tue, 28 Nov 2023 23:01:54 GMT; secure; SameSite=None
uncs29=1; expires=Tue, 28 Nov 2023 23:01:54 GMT; secure; SameSite=None
slecbf3a3af4dd0c8d985f1accd648d117c1=[4714199]; expires=Mon, 27 Nov 2023 23:01:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8e6aceb2862b3c1267cf76065f9e0743
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

poweredby.jads.co/adshow.php?adzone=818803

185.94.236.246

1.6 kB

URL
poweredby.jads.co/adshow.php?adzone=818803
IP
185.94.236.246:0
ASN
#42567 Mojohost B.v.

Certificate
IssuerSectigo Limited
Subject*.jads.co
Fingerprint9E:B2:20:AC:19:4B:72:8F:12:D9:D6:5A:6A:B5:BE:EE:46:13:48:EB
ValidityMon, 26 Dec 2022 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (380), with CRLF, LF line terminators
Size
1.6 kB (1645 bytes)
Hash
4e949fa300c2259b2f456deb3a6a9563
03ee895f66e9b42753940bec84ec5c157c310094
5b4644a7163c1231c7794231fdf0b746e1b5888c4611315c00d3e649a84caa14

HTTP Headers

GET /adshow.php?adzone=818803 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: surferid=aee59885584b512221750c8318820276; juicy_data_1=YTowOnt9; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 23:01:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: juicy_data_1=YTowOnt9; expires=Thu, 30-Nov-2023 23:01:53 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Thu, 30-Nov-2023 23:01:53 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip

cdn.cloudimagesb.com/cti/bb/16/b7/bb16b71b76fc43a6abd135721b32a822/1658915518.png

45.133.44.9

200 OK

145 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/bb/16/b7/bb16b71b76fc43a6abd135721b32a822/1658915518.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size
145 kB (145012 bytes)
Hash
620dee7dda3ab0a55fef5e66735e48e1
c03458e7950bed758e4352ec7a78bb434a3164b1
8552142726040854ba6a1d57037aa513e8cb424e3e5b96f017fb742f7c9255c3

HTTP Headers

GET /cti/bb/16/b7/bb16b71b76fc43a6abd135721b32a822/1658915518.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:54 GMT
content-type: image/png
content-length: 145012
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 09:52:06 GMT
etag: "62e10ac6-23674"
expires: Wed, 29 Nov 2023 23:01:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

mothwetcheater.com/watch.888152582863.js?key=466a4a49f3d5ab80a19d25d71d1aea47&kw=%5B%22kagaku%22%2C%22na%22%2C%22yatsura%22%2C%22gifs%22%2C%22part%22%2C%2247%22%2C%22-%22%2C%22hentai%22%2C%22gif%22%5D&refer=https%3A%2F%2Fde.hentai-gif-anime.com%2Fimage%2Fkagaku-na-yatsura-gifs-47%2F&tz=0&dev=e&res=14.3095&uuid=9f539ebe-20f7-46e8-afaf-f3161e954842%3A1%3A1&shu=d8e160da77f5241610255fbcb2464ef6265b61be37bad491819b805c7eeb7afcc0605c0eebc82fb508193bd26685ebc3a76be3ef05c28bafed88fd6ebe5f9be529d15cf13a544000164f9d8e274b172e259593ac54c1a036df1b00c85d30c5&pst=1701126173&rmtc=t

173.233.137.60

2.0 kB

URL
mothwetcheater.com/watch.888152582863.js?key=466a4a49f3d5ab80a19d25d71d1aea47&kw=%5B%22kagaku%22%2C%22na%22%2C%22yatsura%22%2C%22gifs%22%2C%22part%22%2C%2247%22%2C%22-%22%2C%22hentai%22%2C%22gif%22%5D&refer=https%3A%2F%2Fde.hentai-gif-anime.com%2Fimage%2Fkagaku-na-yatsura-gifs-47%2F&tz=0&dev=e&res=14.3095&uuid=9f539ebe-20f7-46e8-afaf-f3161e954842%3A1%3A1&shu=d8e160da77f5241610255fbcb2464ef6265b61be37bad491819b805c7eeb7afcc0605c0eebc82fb508193bd26685ebc3a76be3ef05c28bafed88fd6ebe5f9be529d15cf13a544000164f9d8e274b172e259593ac54c1a036df1b00c85d30c5&pst=1701126173&rmtc=t
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

Certificate
IssuerLet's Encrypt
Subjectmothwetcheater.com
FingerprintF1:9C:43:65:44:BC:E7:E8:83:A6:06:D7:16:D2:E0:93:A9:9C:2D:99
ValidityTue, 07 Nov 2023 07:43:43 GMT - Mon, 05 Feb 2024 07:43:42 GMT

File type
HTML document, ASCII text, with very long lines (2537)
Size
2.0 kB (2047 bytes)
Hash
58618a60d1d3c63e24e67a9658cd7423
07cc664f741cc55cb3bd317fcb0e7ca13f822a49
4b960e4d99bc7c2979ab49108211413a327920b82664b00645089b454c6e8b46

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.888152582863.js?key=466a4a49f3d5ab80a19d25d71d1aea47&kw=%5B%22kagaku%22%2C%22na%22%2C%22yatsura%22%2C%22gifs%22%2C%22part%22%2C%2247%22%2C%22-%22%2C%22hentai%22%2C%22gif%22%5D&refer=https%3A%2F%2Fde.hentai-gif-anime.com%2Fimage%2Fkagaku-na-yatsura-gifs-47%2F&tz=0&dev=e&res=14.3095&uuid=9f539ebe-20f7-46e8-afaf-f3161e954842%3A1%3A1&shu=d8e160da77f5241610255fbcb2464ef6265b61be37bad491819b805c7eeb7afcc0605c0eebc82fb508193bd26685ebc3a76be3ef05c28bafed88fd6ebe5f9be529d15cf13a544000164f9d8e274b172e259593ac54c1a036df1b00c85d30c5&pst=1701126173&rmtc=t HTTP/1.1
Host: mothwetcheater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://de.hentai-gif-anime.com
Referer: https://de.hentai-gif-anime.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=16485857; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQ4NTg1NywiayI6IjQ2NmE0YTQ5ZjNkNWFiODBhMTlkMjVkNzFkMWFlYTQ3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjE5MzkwLCJwaWQiOjE0MjQ1NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyNSwicHQiOjQsInBrIjoicThmcTNpcnNqIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZGUuaGVudGFpLWdpZi1hbmltZS5jb20vaW1hZ2Uva2FnYWt1LW5hLXlhdHN1cmEtZ2lmcy00Ny8ifX0.5TS0JJZgvto6xYNXjFWbiHLcnIg2nhRcdxRUaEPLYPs
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 27 Nov 2023 23:01:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://de.hentai-gif-anime.com
Access-Control-Allow-Origin: https://de.hentai-gif-anime.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=9f539ebe-20f7-46e8-afaf-f3161e954842:1:1; expires=Mon, 04 Dec 2023 23:01:54 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 28 Nov 2023 23:01:54 GMT; secure; SameSite=None
uncs=1; expires=Tue, 28 Nov 2023 23:01:54 GMT; secure; SameSite=None
pdhtkv25=true; expires=Tue, 28 Nov 2023 23:01:54 GMT; secure; SameSite=None
uncs25=1; expires=Tue, 28 Nov 2023 23:01:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ada9e7f9cbf567acfb92d2f2c24e7c33
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75

104.18.59.150

29 kB

URL
creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
IP
104.18.59.150:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
29 kB (29189 bytes)
Hash
7dc4b59430c5e6bd357fc95b52fa36d5
6b6d88a5bd83c1fea6103706ec9d5db26f3e0747
e23b82a266f7b480a9b04198808f7ecbb63f9d0109930b683fcf26aed908b493

HTTP Headers

GET /widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75 HTTP/1.1
Host: creative.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://r.trackwilltrk.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:54 GMT
content-type: text/html
last-modified: Thu, 23 Nov 2023 14:37:17 GMT
expires: Mon, 27 Nov 2023 23:01:58 GMT
cache-control: max-age=10
strict-transport-security: max-age=15768000
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age":  1048576 }
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: HIT
age: 1
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfee48bdc56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

creative.bbrdbr.com/widgets/v4/Universal/main.672e6e87c69b0c60653e.js

104.18.59.150

80 kB

URL
creative.bbrdbr.com/widgets/v4/Universal/main.672e6e87c69b0c60653e.js
IP
104.18.59.150:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (32011), with LF, NEL line terminators
Size
80 kB (80318 bytes)
Hash
149fd3a87101adfb731800f02f11e73b
9a9a0f6f14028d913e63fc012a80378a5c4d5896
420332e58487b55b58db2c2edbe69162c5d23170061d16addce87762ef224f4b

HTTP Headers

GET /widgets/v4/Universal/main.672e6e87c69b0c60653e.js HTTP/1.1
Host: creative.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 23 Nov 2023 14:38:50 GMT
etag: W/"655f63fa-44bd4"
expires: Mon, 27 Nov 2023 23:01:51 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 8
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfee68d1956bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

i.jads.co/ads/user11892/ad1687293-1698894439.png

205.185.216.42

200 OK

138 kB

URL GET HTTP/1.1
i.jads.co/ads/user11892/ad1687293-1698894439.png
IP
205.185.216.42:443
ASN
#20446 STACKPATH-CDN

Requested by
https://poweredby.jads.co/adshow.php?adzone=818803
Certificate
IssuerSectigo Limited
Subject*.jads.co
Fingerprint9E:B2:20:AC:19:4B:72:8F:12:D9:D6:5A:6A:B5:BE:EE:46:13:48:EB
ValidityMon, 26 Dec 2022 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
PNG image data, 160 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size
138 kB (138340 bytes)
Hash
31a4e478a53af247e37536af54104ec4
499a2895d7ff4b72cf70990d1ab43e9e332ae99c
ed0f2a89c79916c641f0a0d48fad504392569420b306c2d39a4135b841a5022a

HTTP Headers

GET /ads/user11892/ad1687293-1698894439.png HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=aee59885584b512221750c8318820276; juicy_data_1=YTowOnt9; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 27 Nov 2023 23:01:54 GMT
Connection: Keep-Alive
ETag: "1698894439"
Cache-Control: max-age=29304560
Content-Length: 138340
Content-Type: image/png
Last-Modified: Thu, 02 Nov 2023 03:07:19 GMT
Accept-Ranges: bytes
X-HW: 1701126114.dop022.sk1.t,1701126114.cds226.sk1.shn,1701126114.dop022.sk1.t,1701126114.cds247.sk1.c

video.ktkjmp.com/adsbygoogle.js

104.18.62.235

16 B

URL
video.ktkjmp.com/adsbygoogle.js
IP
104.18.62.235:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
16 B (16 bytes)
Hash
3d7f7a60216d40dea48e495fef6903c9
fecdb5184f55cf012563d78940eb97b10b9cc99b
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f

HTTP Headers

GET /adsbygoogle.js HTTP/1.1
Host: video.ktkjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:54 GMT
content-type: application/javascript
content-length: 16
x-amz-id-2: Uy+BI0f9xi3njNOl7P4PsULkPp0g6ssxBGHnYb4mQe+eet3x2+C470ZEAYzLvRraWhXf8LMEGWU=
x-amz-request-id: WWWZDEMQD0DJ51HX
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://creative.bbrdbr.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 3488
expires: Tue, 28 Nov 2023 03:01:54 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfee8da5456ba-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

hentai-cosplays.com/api/w/?m=html&search_type=merge&language=de&count=4&domain=hentai-cosplays.com&tag[]=yatsura

104.21.80.76

200 OK

19 B

URL POST HTTP/2
hentai-cosplays.com/api/w/?m=html&search_type=merge&language=de&count=4&domain=hentai-cosplays.com&tag[]=yatsura
IP
104.21.80.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerGoogle Trust Services LLC
Subjecthentai-cosplays.com
Fingerprint05:31:58:C9:F5:CE:1F:91:F4:5E:B2:5E:E5:6D:DD:FE:0E:64:4B:77
ValiditySat, 21 Oct 2023 16:43:48 GMT - Fri, 19 Jan 2024 16:43:47 GMT

File type
data
Size
19 B (19 bytes)
Hash
d6a3bf62fbb61888e40b0535b9cfe13f
d800e5300f255b2361b5a03e814f1878eafe1d13
ca90414310440fc7c5f9104deec6c43cb6c840c01922806abc144fbfeac869a7

HTTP Headers

POST /api/w/?m=html&search_type=merge&language=de&count=4&domain=hentai-cosplays.com&tag[]=yatsura HTTP/1.1
Host: hentai-cosplays.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://de.hentai-gif-anime.com
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:53 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, User-Agent, User-Agent
access-control-allow-origin: *
fastcgi-cache: HIT
x-frame-options: SAMEORIGIN, SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXtE8XrOpsfKokPKXjBGtEy2Q%2BYpfXqL3NSCpg%2FD7moc30%2FgV5eRoOqjnJdesH9f%2BPxzXPde6MaDGNAA42vF09tvWDwzRHkUOaoNV9zi8xIXifHKOVF6E39mzkPfRmqj53gGva2D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82cdfee0cfe07129-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.yourwebbars.com/sb/interstitial/games/hentai-heroes/adult/5/index.html

104.26.6.19

200 OK

54 kB

URL GET HTTP/2
cdn.yourwebbars.com/sb/interstitial/games/hentai-heroes/adult/5/index.html
IP
104.26.6.19:443
ASN
#13335 CLOUDFLARENET

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:82:6E:35:03:D4:C4:FC:BA:08:CD:C8:E6:A3:97:A9:20:2F:F5:49
ValiditySun, 23 Jul 2023 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
54 kB (53517 bytes)
Hash
cd05586c337f34349a10591e2c8ebeaa
3a38225bfa12f67392af3c29ce175ed63455f5c7
6bb3be12f94ca448fe88aee52abb8e5da43f3edd3360ed063c53378900293e21

HTTP Headers

GET /sb/interstitial/games/hentai-heroes/adult/5/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://de.hentai-gif-anime.com
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:54 GMT
content-type: text/html
last-modified: Thu, 19 Oct 2023 15:52:25 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 164858
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHmjnG8jHU394SoZsXo2FcVKvGHo%2BpY5SrgDGHM2Kt7YE575FRNSDzNAsx6gk43K5b%2BBtQJDA8RwBx2Ka9C2PT9ULER0136YVaB4CTbQVV%2FyOUL6ZoflxObaNi9HMZ%2BALAEBT44%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfee788ea56c5-OSL
content-encoding: br
X-Firefox-Spdy: h2

de.hentai-gif-anime.com/favicon.ico

104.21.235.190

200 OK

43 B

URL GET HTTP/3
de.hentai-gif-anime.com/favicon.ico
IP
104.21.235.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:F5:E5:EA:61:30:D5:1C:EF:D7:18:ED:EC:FC:32:D2:89:CC:04:BE
ValidityMon, 27 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: de.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Cookie: previous_detail=106002; adsense=pc-interstitial%3D20231128080151; pvcla=1; _ga_W7HH4WJX2S=GS1.1.1701126116.1.0.1701126116.0.0.0; _ga=GA1.1.151459118.1701126116; dom3ic8zudi28v8lr6fgphwffqoz0j6c=9f539ebe-20f7-46e8-afaf-f3161e954842%3A1%3A1; m5a4xojbcp2nx3gptmm633qal3gzmadn=displeaseddietstair.com; pp_main_5bdaa2a05be747d86f4b99c1bcc4cd6c=1; sb_main_bf3a3af4dd0c8d985f1accd648d117c1=1; sb_count_bf3a3af4dd0c8d985f1accd648d117c1=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=mothwetcheater.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:54 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 404905
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkh0C2nNbYoJIOxoIOE6qGHXi6X8kxBf3qiuvRrhoW6eTplCQOiw3NO%2F8lkSnC%2F2NFBpMxW%2F8U%2BplI96%2BDDOfE1nKNAp%2FfmiX7Nx2o1G1fgw3%2B4NOKiRS7gxvVxqzcfY7SIR3dRLfA%2BaHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82cdfee9fd4b70f9-HEL
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/interstitial/games/hentai-heroes/adult/5/img/a1.mp4

172.64.108.10

145 kB

URL
cdn.creative-bars1.com/sb/interstitial/games/hentai-heroes/adult/5/img/a1.mp4
IP
172.64.108.10:0
ASN
#13335 CLOUDFLARENET

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size
145 kB (145200 bytes)
Hash
4ca5d20e6d71e1eef9eb9293aa5688af
8aae8af8585b27e6de5c9446235157d6f119a83a
fe70cb3cb3a55ea52ab8f88b03f6c30c183e71ec66bbe308d475d7c6608f9167

HTTP Headers

GET /sb/interstitial/games/hentai-heroes/adult/5/img/a1.mp4 HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 206 Partial Content
date: Mon, 27 Nov 2023 23:01:55 GMT
content-type: video/mp4
content-length: 145200
last-modified: Fri, 18 Aug 2023 09:17:00 GMT
etag: "64df370c-23730"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5999757
content-range: bytes 0-145199/145200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZ6B4huqcsfZpdejtpVz6eK7m9wvvvrtqmfn0NNhFfuA%2Bp4MhfrBI922HI4rHJjwt62olMgEdNYI0GTTKukIh6PlZGDRNPbNJnhz6WQquwaiFrCMD9a4LEMBHf1WgazAwzhn1jP0n00U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfeeb4a72670b-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/interstitial/games/hentai-heroes/adult/5/img/a2.mp4

172.64.108.10

206 Partial Content

154 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/interstitial/games/hentai-heroes/adult/5/img/a2.mp4
IP
172.64.108.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size
154 kB (153667 bytes)
Hash
d89d84bdc33a23cea709e20710bad578
0384b57a350abbd839bdb0d72145449fd9b8f8fc
d442f1f38abe2ef213d4130f385da3705276d9a97d06bd928f921daaa0868b8a

HTTP Headers

GET /sb/interstitial/games/hentai-heroes/adult/5/img/a2.mp4 HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 206 Partial Content
date: Mon, 27 Nov 2023 23:01:55 GMT
content-type: video/mp4
content-length: 153667
last-modified: Thu, 19 Oct 2023 15:53:09 GMT
etag: "653150e5-25843"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1375819
content-range: bytes 0-153666/153667
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9onzM2wFHol9CsLSBCwHQ0JOiMPzg55JVJEZP8MDQH2xIOvpH6WGPHOFtDUR2cq1RNakvHB8kAi8Ifcoy5ugi7ZvXT1oNkI7fvLp24TwFdHNWzkU6fBHXKi10mWfBee%2BhnjX3gNWWdrQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfeeb4a70670b-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/interstitial/games/hentai-heroes/adult/5/img/logo.png

172.64.108.10

8.6 kB

URL
cdn.creative-bars1.com/sb/interstitial/games/hentai-heroes/adult/5/img/logo.png
IP
172.64.108.10:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 381 x 73, 8-bit/color RGBA, non-interlaced\012- data
Size
8.6 kB (8642 bytes)
Hash
e41d990778ed03dcc30e189ac819a513
ebfa80eb3559ec57c897ccd36f95b8f008a2896c
84ce8b03bab03aea70c16274561aa2b873498fab120ab14e409a4eb889586a61

HTTP Headers

GET /sb/interstitial/games/hentai-heroes/adult/5/img/logo.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:55 GMT
content-type: image/png
content-length: 8642
last-modified: Thu, 19 Oct 2023 15:53:10 GMT
etag: "653150e6-21c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2313125
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wGPXI9Yv6ygtFrbuUi5%2FqkIzAfZjia0FS9aORXBkcWla1UeJ6PpP9nNIirf1Vmi94mTNauBqbZyasnLeXnhTCvuoUt8WorZHxKmC%2B%2FPPJSkKZVvx9jW200uvybOsUBxNLqEIOW6eJeCl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfeeb4a77670b-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/interstitial/games/hentai-heroes/adult/5/img/a3.mp4

172.64.108.10

293 kB

URL
cdn.creative-bars1.com/sb/interstitial/games/hentai-heroes/adult/5/img/a3.mp4
IP
172.64.108.10:0
ASN
#13335 CLOUDFLARENET

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size
293 kB (293354 bytes)
Hash
18a63e27907b1bc1cd6b97be3e6ec554
0a6b463e976480008996503facfb83357281999c
cee65e8eee25651e1ff277a2004b4d1dd5da010cb7b28e49fa9318be5d35db1d

HTTP Headers

GET /sb/interstitial/games/hentai-heroes/adult/5/img/a3.mp4 HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 206 Partial Content
date: Mon, 27 Nov 2023 23:01:55 GMT
content-type: video/mp4
content-length: 293354
last-modified: Thu, 19 Oct 2023 15:53:10 GMT
etag: "653150e6-479ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2305611
content-range: bytes 0-293353/293354
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFZa9vK%2BIJkpeYlScI1igpDD%2BrsNM1daA9%2BX%2FPxRUa5k1ywMxBydBCTRCjDWSGbr1HYtd6iCC3788BlH4aYd2XSyN8Q9vn7vJ0b%2FF3tyQYxC%2BIvVqYf0N9TyanihBhnH4yXbX9KCbB7n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfeeb4a71670b-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

go.bbrdbr.com/app/domain-checker/get-check

104.18.59.150

200 OK

580 B

URL GET HTTP/3
go.bbrdbr.com/app/domain-checker/get-check
IP
104.18.59.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text
Size
580 B (580 bytes)
Hash
f44ee68f484781b6c99c30607bf9fb52
a4b54edf0f152ed49b6d6b76bc9aeb482f802738
f2b425db3ad136aa8800ff2cfeb26c90e9d8284510b685b0a3d8179d476e1e19

HTTP Headers

GET /app/domain-checker/get-check HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:55 GMT
content-type: application/json
access-control-allow-origin: https://creative.bbrdbr.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDFRFiBZBvMSLtrt9a1bWqoF8S1xaZstKPrYhR2cL; SameSite=None; Secure; path=/; expires=Tue, 28-Nov-23 23:01:55 GMT; HttpOnly
server: cloudflare
cf-ray: 82cdfeeb29a856bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/interstitial/games/hentai-heroes/adult/5/img/close.svg

172.64.108.10

9.0 kB

URL
cdn.creative-bars1.com/sb/interstitial/games/hentai-heroes/adult/5/img/close.svg
IP
172.64.108.10:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Size
9.0 kB (8994 bytes)
Hash
7f48af62f4b37ce2c6f6e8d86c51c212
46495aa7eaa3ec2d2a8fee1518e9aadd88229fc0
7993615cd83103e693c812f8d32d348956dd02096c82bc1fcb32b613722c8614

HTTP Headers

GET /sb/interstitial/games/hentai-heroes/adult/5/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:55 GMT
content-type: image/svg+xml
last-modified: Thu, 19 Oct 2023 15:53:09 GMT
etag: W/"653150e5-4fc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1462588
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFpKEdbM52RF1SOxpSaI2PpN%2B0%2ByboKjpsiteA8WvapyeciQrxR1axx2p%2FWV8huVuA5HnkF63Py1EpYadeHtNsLe95ZNxtlj%2BH9DXbVmLv9ue%2FMpUW5vbSXE3bhadvu7WBwU8KSFrwYC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfeeb4a7d670b-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.strpst.com/thumbs/1701126060/135586754_webp

104.18.63.124

8.4 kB

URL
img.strpst.com/thumbs/1701126060/135586754_webp
IP
104.18.63.124:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.4 kB (8422 bytes)
Hash
3c8b77bdf5ab7fa7c98429052b19fbbc
193c5e736da8262357f508c5f572323e0908b0f0
e402cab419e66cbdb1ea353bd806ceadbe764c5918a363516a04ebcf76b6a7c3

HTTP Headers

GET /thumbs/1701126060/135586754_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:55 GMT
content-type: image/webp
content-length: 8422
etag: "3c8b77bdf5ab7fa7c98429052b19fbbc"
last-modified: Mon, 27 Nov 2023 23:00:16 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 47
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfeee9f977127-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.strpst.com/thumbs/1701126060/105515374_webp

104.18.63.124

9.9 kB

URL
img.strpst.com/thumbs/1701126060/105515374_webp
IP
104.18.63.124:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.9 kB (9862 bytes)
Hash
55715383229e156bd25ef7e44f3245f1
d029b0737682c099c7cb4dc5a7db51210243d618
3fccb1d079f5e88dda62bcefd255f594852d401b1c65d37f1e5de2d53ded3309

HTTP Headers

GET /thumbs/1701126060/105515374_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:55 GMT
content-type: image/webp
content-length: 9862
etag: "55715383229e156bd25ef7e44f3245f1"
last-modified: Mon, 27 Nov 2023 23:00:27 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 54
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfeee9f9c7127-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.strpst.com/thumbs/1701126060/92103719_webp

104.18.63.124

200 OK

20 kB

URL GET HTTP/2
img.strpst.com/thumbs/1701126060/92103719_webp
IP
104.18.63.124:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectimg.strpst.com
FingerprintED:62:74:FE:E4:F5:89:43:B3:49:55:FE:18:19:0D:29:24:96:75:BC
ValidityMon, 03 Apr 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 648x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
20 kB (20512 bytes)
Hash
d0d8d91a285dfa57da0fbe27ee52d64b
9ab16f05dddca11c1130bf8acbfa33a230a985b5
9cc441a2dbdd92a7bc3a4943707ee4a26d7e473f00bf3cdd88d7277369a41362

HTTP Headers

GET /thumbs/1701126060/92103719_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:55 GMT
content-type: image/webp
content-length: 20512
etag: "d0d8d91a285dfa57da0fbe27ee52d64b"
last-modified: Mon, 27 Nov 2023 23:00:15 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 54
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfeee9f9a7127-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.strpst.com/thumbs/1701126060/114701234_webp

104.18.63.124

200 OK

4.5 kB

URL GET HTTP/2
img.strpst.com/thumbs/1701126060/114701234_webp
IP
104.18.63.124:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectimg.strpst.com
FingerprintED:62:74:FE:E4:F5:89:43:B3:49:55:FE:18:19:0D:29:24:96:75:BC
ValidityMon, 03 Apr 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 270x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.5 kB (4514 bytes)
Hash
baf5a715187222afdf3c114bd64348e8
4e6256822ac4c103d9b88a79f2a08b1271dfdab6
d61e8ef95e0c21e8ec71dd8dba3072e6ff3a6c346a74d5a0fd6bd058a85bfc80

HTTP Headers

GET /thumbs/1701126060/114701234_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:55 GMT
content-type: image/webp
content-length: 4514
etag: "baf5a715187222afdf3c114bd64348e8"
last-modified: Mon, 27 Nov 2023 23:00:41 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 46
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfeee9f997127-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.strpst.com/thumbs/1701126060/7536780_webp

104.18.63.124

200 OK

13 kB

URL GET HTTP/2
img.strpst.com/thumbs/1701126060/7536780_webp
IP
104.18.63.124:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectimg.strpst.com
FingerprintED:62:74:FE:E4:F5:89:43:B3:49:55:FE:18:19:0D:29:24:96:75:BC
ValidityMon, 03 Apr 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
13 kB (12626 bytes)
Hash
140bb6852d3c9585ea1c0fa6f5ec5a68
7af84e394bceb9cc3c85277e2fed056fc4dbc787
64d8c4449a4c294346f262c3028b918e8429f2062c2a712b6879e46c896f1978

HTTP Headers

GET /thumbs/1701126060/7536780_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:55 GMT
content-type: image/webp
content-length: 12626
etag: "140bb6852d3c9585ea1c0fa6f5ec5a68"
last-modified: Mon, 27 Nov 2023 23:00:06 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 47
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfeeecfb77127-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.strpst.com/thumbs/1701126060/136195660_webp

104.18.63.124

200 OK

16 kB

URL GET HTTP/2
img.strpst.com/thumbs/1701126060/136195660_webp
IP
104.18.63.124:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectimg.strpst.com
FingerprintED:62:74:FE:E4:F5:89:43:B3:49:55:FE:18:19:0D:29:24:96:75:BC
ValidityMon, 03 Apr 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
16 kB (15504 bytes)
Hash
861fece628cb6766508cfd7c0a763afd
f3fdd7dc2be3609ba3d823605cce97a9a2419697
45c20c39a0e199e9dd788a56d60a1f10da86d0cda9b3cfc30aab45a3ac7d0e10

HTTP Headers

GET /thumbs/1701126060/136195660_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:55 GMT
content-type: image/webp
content-length: 15504
etag: "861fece628cb6766508cfd7c0a763afd"
last-modified: Mon, 27 Nov 2023 23:00:24 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 54
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfeeecfb97127-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/interstitial/games/hentai-heroes/adult/5/js/jquery-3.3.1.min.js

172.64.108.10

52 kB

URL
cdn.creative-bars1.com/sb/interstitial/games/hentai-heroes/adult/5/js/jquery-3.3.1.min.js
IP
172.64.108.10:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65451)
Size
52 kB (51793 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /sb/interstitial/games/hentai-heroes/adult/5/js/jquery-3.3.1.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:55 GMT
content-type: application/javascript
last-modified: Thu, 19 Oct 2023 15:53:14 GMT
etag: W/"653150ea-1538f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2405349
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtyuRAJcXFNnnypZIE2oRh7pyC0pQIaUeT7FmLe3UHc4lhQEgOV%2Fi%2FoBombKDkYVsnFsXE7%2BZGwi%2FoI0gkjSO9tKA21JXYA1F4PZ7z8G5wLJItdXBSLnan8NGoCzPuMCq68ONDLJg6b1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfeeb3a6f670b-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.strpst.com/thumbs/1701126060/114701234_webp

104.18.63.124

200 OK

4.5 kB

URL GET HTTP/2
img.strpst.com/thumbs/1701126060/114701234_webp
IP
104.18.63.124:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectimg.strpst.com
FingerprintED:62:74:FE:E4:F5:89:43:B3:49:55:FE:18:19:0D:29:24:96:75:BC
ValidityMon, 03 Apr 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 270x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.5 kB (4514 bytes)
Hash
baf5a715187222afdf3c114bd64348e8
4e6256822ac4c103d9b88a79f2a08b1271dfdab6
d61e8ef95e0c21e8ec71dd8dba3072e6ff3a6c346a74d5a0fd6bd058a85bfc80

HTTP Headers

GET /thumbs/1701126060/114701234_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:55 GMT
content-type: image/webp
content-length: 4514
etag: "baf5a715187222afdf3c114bd64348e8"
last-modified: Mon, 27 Nov 2023 23:00:41 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 46
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfeeedfbe7127-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Luckiest+Guy&display=swap

142.250.74.106

200 OK

13 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Luckiest+Guy&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
gzip compressed data, max compression\012- data
Size
13 kB (12923 bytes)
Hash
3e903ee372b4db01f13077c80f697f1e
5fc92700f1c3563312db032a4c9702cb343a131e
3fe2dcd6b6e02472c3d351c4493d6b99d4bdd76b6f789ecfcced89d65e33c7c7

HTTP Headers

GET /css2?family=Luckiest+Guy&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 27 Nov 2023 23:01:55 GMT
date: Mon, 27 Nov 2023 23:01:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img.strpst.com/thumbs/1701126060/136195660_webp

104.18.63.124

200 OK

16 kB

URL GET HTTP/2
img.strpst.com/thumbs/1701126060/136195660_webp
IP
104.18.63.124:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectimg.strpst.com
FingerprintED:62:74:FE:E4:F5:89:43:B3:49:55:FE:18:19:0D:29:24:96:75:BC
ValidityMon, 03 Apr 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
16 kB (15504 bytes)
Hash
861fece628cb6766508cfd7c0a763afd
f3fdd7dc2be3609ba3d823605cce97a9a2419697
45c20c39a0e199e9dd788a56d60a1f10da86d0cda9b3cfc30aab45a3ac7d0e10

HTTP Headers

GET /thumbs/1701126060/136195660_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:55 GMT
content-type: image/webp
content-length: 15504
etag: "861fece628cb6766508cfd7c0a763afd"
last-modified: Mon, 27 Nov 2023 23:00:24 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 54
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfeeeffd17127-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.strpst.com/thumbs/1701126060/105515374_webp

104.18.63.124

9.9 kB

URL
img.strpst.com/thumbs/1701126060/105515374_webp
IP
104.18.63.124:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.9 kB (9862 bytes)
Hash
55715383229e156bd25ef7e44f3245f1
d029b0737682c099c7cb4dc5a7db51210243d618
3fccb1d079f5e88dda62bcefd255f594852d401b1c65d37f1e5de2d53ded3309

HTTP Headers

GET /thumbs/1701126060/105515374_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:55 GMT
content-type: image/webp
content-length: 9862
etag: "55715383229e156bd25ef7e44f3245f1"
last-modified: Mon, 27 Nov 2023 23:00:27 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 54
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfeef1ff17127-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

go.xxxviijmp.com/checkUrl

104.18.59.150

15 B

URL
go.xxxviijmp.com/checkUrl
IP
104.18.59.150:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
15 B (15 bytes)
Hash
7fb97eb7c8636552ad068f6d56b5ea34
b69679936779fb02503bc0fe1374a737cc762ecb
e78008828abaa93c4462e326ef384dcda1443352a0f24bdeedada6a6fdbfd1d5

HTTP Headers

GET /checkUrl HTTP/1.1
Host: go.xxxviijmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:55 GMT
content-type: application/json
content-length: 15
access-control-allow-origin: https://creative.bbrdbr.com
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDFRFiBZBvMSLtr56RXfnndb8PqaK98tTWadtMuPi; SameSite=None; Secure; path=/; expires=Tue, 28-Nov-23 23:01:55 GMT; HttpOnly
server: cloudflare
cf-ray: 82cdfeef0b3d0b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

superchat.live/checkUrl

104.18.63.130

200 OK

15 B

URL GET HTTP/2
superchat.live/checkUrl
IP
104.18.63.130:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsuperchat.live
Fingerprint71:53:3C:18:FA:AE:A0:62:7C:C3:FB:CC:31:67:5B:C1:13:D8:60:87
ValidityWed, 23 Aug 2023 00:00:00 GMT - Thu, 22 Aug 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
15 B (15 bytes)
Hash
7fb97eb7c8636552ad068f6d56b5ea34
b69679936779fb02503bc0fe1374a737cc762ecb
e78008828abaa93c4462e326ef384dcda1443352a0f24bdeedada6a6fdbfd1d5

HTTP Headers

GET /checkUrl HTTP/1.1
Host: superchat.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:55 GMT
content-type: application/json
content-length: 15
access-control-allow-origin: https://creative.bbrdbr.com
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28vf6sQBvhykduxTL3KtyBAnQ2zUZ1M3U6jKF8CQC; SameSite=None; Secure; path=/; expires=Tue, 28-Nov-23 23:01:55 GMT; HttpOnly
server: cloudflare
cf-ray: 82cdfeef0d6fb51d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

go.bbrdbr.com/app/domain-checker/check-result

104.18.59.150

204 No Content

0 B

URL POST HTTP/3
go.bbrdbr.com/app/domain-checker/check-result
IP
104.18.59.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /app/domain-checker/check-result HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 174
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Mon, 27 Nov 2023 23:01:56 GMT
access-control-allow-origin: https://creative.bbrdbr.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDFRFiBZBvMSLtsgHAphT8dt9Y3eaB17nBF3u6WYc; SameSite=None; Secure; path=/; expires=Tue, 28-Nov-23 23:01:56 GMT; HttpOnly
server: cloudflare
cf-ray: 82cdfef179ba56bd-OSL
alt-svc: h3=":443"; ma=86400

go.bbrdbr.com/app/domain-checker/check-result

104.18.59.150

204 No Content

0 B

URL POST HTTP/3
go.bbrdbr.com/app/domain-checker/check-result
IP
104.18.59.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /app/domain-checker/check-result HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 173
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Mon, 27 Nov 2023 23:01:56 GMT
access-control-allow-origin: https://creative.bbrdbr.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDFRFiBZBvMSLtrsnD7QZBLqqpmg3yKMnhf8ZD8QL; SameSite=None; Secure; path=/; expires=Tue, 28-Nov-23 23:01:56 GMT; HttpOnly
server: cloudflare
cf-ray: 82cdfef179bb56bd-OSL
alt-svc: h3=":443"; ma=86400

b-hls-10.doppiocdn.com/hls/135586754/135586754_480p_init_duc4rMMAvVF2kpTQ.mp4

104.18.63.134

200 OK

1.2 kB

URL GET HTTP/2
b-hls-10.doppiocdn.com/hls/135586754/135586754_480p_init_duc4rMMAvVF2kpTQ.mp4
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
ISO Media, MP4 Base Media v5 \012- data
Size
1.2 kB (1218 bytes)
Hash
6b5797c6c875d29631baaee559ea21d3
c3e01d126cde8b9f0718715a548c329078c4d3f2
3327593730e719c4d6a584a01f1026c924bf4f296e50b9d9890e8951c8525939

HTTP Headers

GET /hls/135586754/135586754_480p_init_duc4rMMAvVF2kpTQ.mp4 HTTP/1.1
Host: b-hls-10.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:56 GMT
content-type: video/mp4
content-length: 1218
last-modified: Mon, 27 Nov 2023 21:12:59 GMT
etag: "6565065b-4c2"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 4
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfef1c99f5690-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

b-hls-10.doppiocdn.com/hls/135586754/135586754_480p_init_duc4rMMAvVF2kpTQ.mp4

104.18.63.134

200 OK

1.2 kB

URL GET HTTP/2
b-hls-10.doppiocdn.com/hls/135586754/135586754_480p_init_duc4rMMAvVF2kpTQ.mp4
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
ISO Media, MP4 Base Media v5 \012- data
Size
1.2 kB (1218 bytes)
Hash
6b5797c6c875d29631baaee559ea21d3
c3e01d126cde8b9f0718715a548c329078c4d3f2
3327593730e719c4d6a584a01f1026c924bf4f296e50b9d9890e8951c8525939

HTTP Headers

GET /hls/135586754/135586754_480p_init_duc4rMMAvVF2kpTQ.mp4 HTTP/1.1
Host: b-hls-10.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:56 GMT
content-type: video/mp4
content-length: 1218
last-modified: Mon, 27 Nov 2023 21:12:59 GMT
etag: "6565065b-4c2"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 4
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfef1c9a35690-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

edge-hls.doppiocdn.com/hls/135586754/master/135586754_480p.m3u8

104.18.63.134

200 OK

318 kB

URL GET HTTP/2
edge-hls.doppiocdn.com/hls/135586754/master/135586754_480p.m3u8
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
318 kB (318330 bytes)
Hash
81ecf58e79ecb8d0469493756feb95d6
726c0cf8bab90fb8ed6e2da48e49cc2c210ebef9
9d08918d4a7739b5c597b48ee17a9c58b326e41ceacb721e8bae9b216f83911c

HTTP Headers

GET /hls/135586754/master/135586754_480p.m3u8 HTTP/1.1
Host: edge-hls.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:55 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 27 Nov 2023 23:01:52 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=3, s-maxage=3
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 82cdfeef78085690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=9f539ebe-20f7-46e8-afaf-f3161e954842&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=bf3a3af4dd0c8d985f1accd648d117c1&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23

192.243.59.12

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=9f539ebe-20f7-46e8-afaf-f3161e954842&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=bf3a3af4dd0c8d985f1accd648d117c1&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint79:45:7F:58:D5:82:45:0A:7D:1E:FF:7A:98:05:26:E9:D6:FE:91:14
ValidityWed, 22 Nov 2023 07:56:28 GMT - Tue, 20 Feb 2024 07:56:27 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=9f539ebe-20f7-46e8-afaf-f3161e954842&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=bf3a3af4dd0c8d985f1accd648d117c1&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 27 Nov 2023 23:01:56 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 94582cc8113379990498f53de8c37b7a
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=9f539ebe-20f7-46e8-afaf-f3161e954842&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=5bdaa2a05be747d86f4b99c1bcc4cd6c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23

192.243.59.12

1 B

URL
unseenreport.com/pxf.gif?uuid=9f539ebe-20f7-46e8-afaf-f3161e954842&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=5bdaa2a05be747d86f4b99c1bcc4cd6c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint79:45:7F:58:D5:82:45:0A:7D:1E:FF:7A:98:05:26:E9:D6:FE:91:14
ValidityWed, 22 Nov 2023 07:56:28 GMT - Tue, 20 Feb 2024 07:56:27 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=9f539ebe-20f7-46e8-afaf-f3161e954842&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=5bdaa2a05be747d86f4b99c1bcc4cd6c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 27 Nov 2023 23:01:56 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1ebbb4382bc8f443c6d953db4b9cd2ec
Strict-Transport-Security: max-age=0; includeSubdomains

b-hls-10.doppiocdn.com/hls/135586754/135586754_480p_3264_ooOhzTi2xinB6PE1_1701126107.mp4

104.18.63.134

200 OK

318 kB

URL GET HTTP/2
b-hls-10.doppiocdn.com/hls/135586754/135586754_480p_3264_ooOhzTi2xinB6PE1_1701126107.mp4
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
data
Size
318 kB (318140 bytes)
Hash
e8c852cab6ff472fd863f5d291379423
04165dadebb3aabd6894f0180543a849cced693e
dcd22ed7a336206f68a79fb55bc62c3e4ae389f2fa9802b6007709a81e153f64

HTTP Headers

GET /hls/135586754/135586754_480p_3264_ooOhzTi2xinB6PE1_1701126107.mp4 HTTP/1.1
Host: b-hls-10.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:56 GMT
content-type: video/mp4
content-length: 318140
last-modified: Mon, 27 Nov 2023 23:01:50 GMT
etag: "65651fde-4dabc"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 5
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfef229e05690-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

mothwetcheater.com/pixel/sbs?c=1

173.233.137.60

0 B

URL
mothwetcheater.com/pixel/sbs?c=1
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

Certificate
IssuerLet's Encrypt
Subjectmothwetcheater.com
FingerprintF1:9C:43:65:44:BC:E7:E8:83:A6:06:D7:16:D2:E0:93:A9:9C:2D:99
ValidityTue, 07 Nov 2023 07:43:43 GMT - Mon, 05 Feb 2024 07:43:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: mothwetcheater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: u_pl=16485857,16484306; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQ4NTg1NywiayI6IjQ2NmE0YTQ5ZjNkNWFiODBhMTlkMjVkNzFkMWFlYTQ3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjE5MzkwLCJwaWQiOjE0MjQ1NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyNSwicHQiOjQsInBrIjoicThmcTNpcnNqIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZGUuaGVudGFpLWdpZi1hbmltZS5jb20vaW1hZ2Uva2FnYWt1LW5hLXlhdHN1cmEtZ2lmcy00Ny8ifX0.5TS0JJZgvto6xYNXjFWbiHLcnIg2nhRcdxRUaEPLYPs; uid_id2=9f539ebe-20f7-46e8-afaf-f3161e954842:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; pdhtkv25=true; uncs25=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 27 Nov 2023 23:01:56 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

fonts.googleapis.com/css2?family=Roboto&display=swap

142.250.74.106

200 OK

1.1 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
gzip compressed data, max compression\012- data
Size
1.1 kB (1070 bytes)
Hash
0a69106d3dfd23705f288b38d9c41aa0
901ba35db226f82a79f8914758f4956484baa595
30e5afb2f705b15a73eb0b3d859ade6ee042f1082bfe932ef7697f2164e921ef

HTTP Headers

GET /css2?family=Roboto&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 27 Nov 2023 23:01:55 GMT
date: Mon, 27 Nov 2023 23:01:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/luckiestguy/v22/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2

142.250.74.67

200 OK

17 kB

URL GET HTTP/2
fonts.gstatic.com/s/luckiestguy/v22/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 17360, version 1.0\012- data
Size
17 kB (17360 bytes)
Hash
70322c317b1f4e2e17dbc6b672f95f5f
f3dff7c50e1aea33814c6aeeca177ae3ff900bfc
3877b522181765adf66ba89bd68d288ecb9f2483b441baab3424646b0c7aaa0a

HTTP Headers

GET /s/luckiestguy/v22/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://de.hentai-gif-anime.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17360
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 23:23:49 GMT
expires: Fri, 22 Nov 2024 23:23:49 GMT
cache-control: public, max-age=31536000
age: 344287
last-modified: Thu, 24 Aug 2023 21:07:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

b-hls-10.doppiocdn.com/hls/135586754/135586754_480p_3265_XW7Jxfh5QruDwnyr_1701126110.mp4

104.18.63.134

200 OK

328 kB

URL GET HTTP/3
b-hls-10.doppiocdn.com/hls/135586754/135586754_480p_3265_XW7Jxfh5QruDwnyr_1701126110.mp4
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
data
Size
328 kB (328364 bytes)
Hash
617419d2795a3aeab236eb62e97f852b
ed719bcdb0e378c63dbd8e022de1e860f6f0f166
230502fff9315f9eed974620a8fc46eddac821034461efb3002dfc89b1e3cc13

HTTP Headers

GET /hls/135586754/135586754_480p_3265_XW7Jxfh5QruDwnyr_1701126110.mp4 HTTP/1.1
Host: b-hls-10.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:56 GMT
content-type: video/mp4
content-length: 328364
last-modified: Mon, 27 Nov 2023 23:01:51 GMT
etag: "65651fdf-502ac"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 3
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfef2f8bb56b4-OSL
alt-svc: h3=":443"; ma=86400

b-hls-10.doppiocdn.com/hls/135586754/135586754_480p_3265_XW7Jxfh5QruDwnyr_1701126110.mp4

104.18.63.134

200 OK

328 kB

URL GET HTTP/3
b-hls-10.doppiocdn.com/hls/135586754/135586754_480p_3265_XW7Jxfh5QruDwnyr_1701126110.mp4
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
data
Size
328 kB (328364 bytes)
Hash
617419d2795a3aeab236eb62e97f852b
ed719bcdb0e378c63dbd8e022de1e860f6f0f166
230502fff9315f9eed974620a8fc46eddac821034461efb3002dfc89b1e3cc13

HTTP Headers

GET /hls/135586754/135586754_480p_3265_XW7Jxfh5QruDwnyr_1701126110.mp4 HTTP/1.1
Host: b-hls-10.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:56 GMT
content-type: video/mp4
content-length: 328364
last-modified: Mon, 27 Nov 2023 23:01:51 GMT
etag: "65651fdf-502ac"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 3
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfef308c256b4-OSL
alt-svc: h3=":443"; ma=86400

b-hls-12.doppiocdn.com/hls/114701234/114701234_480p_init_IIxMyVLTXSfWwl0z.mp4

104.18.63.134

1.2 kB

URL
b-hls-12.doppiocdn.com/hls/114701234/114701234_480p_init_IIxMyVLTXSfWwl0z.mp4
IP
104.18.63.134:0
ASN
#13335 CLOUDFLARENET

File type
ISO Media, MP4 Base Media v5 \012- data
Size
1.2 kB (1217 bytes)
Hash
e7871065f6d8c61a47386db13f0a82bc
f060b500ebb910bc81702d843d64e1fa297567f9
ada313b72f1e05d7f685f53280be70688ce8ff1834e358584717fb28959f5b90

HTTP Headers

GET /hls/114701234/114701234_480p_init_IIxMyVLTXSfWwl0z.mp4 HTTP/1.1
Host: b-hls-12.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:56 GMT
content-type: video/mp4
content-length: 1217
last-modified: Mon, 27 Nov 2023 22:46:47 GMT
etag: "65651c57-4c1"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 47
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfef3b93856b4-OSL
alt-svc: h3=":443"; ma=86400

b-hls-12.doppiocdn.com/hls/114701234/114701234_480p_init_IIxMyVLTXSfWwl0z.mp4

104.18.63.134

1.2 kB

URL
b-hls-12.doppiocdn.com/hls/114701234/114701234_480p_init_IIxMyVLTXSfWwl0z.mp4
IP
104.18.63.134:0
ASN
#13335 CLOUDFLARENET

File type
ISO Media, MP4 Base Media v5 \012- data
Size
1.2 kB (1217 bytes)
Hash
e7871065f6d8c61a47386db13f0a82bc
f060b500ebb910bc81702d843d64e1fa297567f9
ada313b72f1e05d7f685f53280be70688ce8ff1834e358584717fb28959f5b90

HTTP Headers

GET /hls/114701234/114701234_480p_init_IIxMyVLTXSfWwl0z.mp4 HTTP/1.1
Host: b-hls-12.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:56 GMT
content-type: video/mp4
content-length: 1217
last-modified: Mon, 27 Nov 2023 22:46:47 GMT
etag: "65651c57-4c1"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 47
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfef3d95556b4-OSL
alt-svc: h3=":443"; ma=86400

b-hls-12.doppiocdn.com/hls/114701234/114701234_480p_450_w0nTVxhby2Kmirmt_1701126107.mp4

104.18.63.134

200 OK

306 kB

URL GET HTTP/3
b-hls-12.doppiocdn.com/hls/114701234/114701234_480p_450_w0nTVxhby2Kmirmt_1701126107.mp4
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
data
Size
306 kB (306121 bytes)
Hash
300d05e3e1ec023343f98e013561e13b
f8e1ed86342d409ac3c85e94044cc13d3649534e
b5482e9bb2851bf10743689fd9b587de969f21a51a484ef12e6d552a7e287f0f

HTTP Headers

GET /hls/114701234/114701234_480p_450_w0nTVxhby2Kmirmt_1701126107.mp4 HTTP/1.1
Host: b-hls-12.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:56 GMT
content-type: video/mp4
content-length: 306121
last-modified: Mon, 27 Nov 2023 23:01:49 GMT
etag: "65651fdd-4abc9"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 5
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfef3f97456b4-OSL
alt-svc: h3=":443"; ma=86400

b-hls-12.doppiocdn.com/hls/114701234/114701234_480p_450_w0nTVxhby2Kmirmt_1701126107.mp4

104.18.63.134

200 OK

306 kB

URL GET HTTP/3
b-hls-12.doppiocdn.com/hls/114701234/114701234_480p_450_w0nTVxhby2Kmirmt_1701126107.mp4
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
data
Size
306 kB (306121 bytes)
Hash
300d05e3e1ec023343f98e013561e13b
f8e1ed86342d409ac3c85e94044cc13d3649534e
b5482e9bb2851bf10743689fd9b587de969f21a51a484ef12e6d552a7e287f0f

HTTP Headers

GET /hls/114701234/114701234_480p_450_w0nTVxhby2Kmirmt_1701126107.mp4 HTTP/1.1
Host: b-hls-12.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:56 GMT
content-type: video/mp4
content-length: 306121
last-modified: Mon, 27 Nov 2023 23:01:49 GMT
etag: "65651fdd-4abc9"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 5
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfef4499c56b4-OSL
alt-svc: h3=":443"; ma=86400

b-hls-12.doppiocdn.com/hls/114701234/114701234_480p_451_y3YiXFFmqAaKgwJW_1701126109.mp4

104.18.63.134

200 OK

322 kB

URL GET HTTP/3
b-hls-12.doppiocdn.com/hls/114701234/114701234_480p_451_y3YiXFFmqAaKgwJW_1701126109.mp4
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
data
Size
322 kB (322264 bytes)
Hash
14d4d43ef306d3de093c0ef4b6889151
da5953e3b785a1520ac3742f7c6f09f8702c3c56
dbf7bf6aa9abe49d5986e21b9d9e113cd652f22d0906442b6c2218475fac5669

HTTP Headers

GET /hls/114701234/114701234_480p_451_y3YiXFFmqAaKgwJW_1701126109.mp4 HTTP/1.1
Host: b-hls-12.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:56 GMT
content-type: video/mp4
content-length: 322264
last-modified: Mon, 27 Nov 2023 23:01:51 GMT
etag: "65651fdf-4ead8"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 3
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfef479af56b4-OSL
alt-svc: h3=":443"; ma=86400

b-hls-12.doppiocdn.com/hls/114701234/114701234_480p_451_y3YiXFFmqAaKgwJW_1701126109.mp4

104.18.63.134

200 OK

322 kB

URL GET HTTP/3
b-hls-12.doppiocdn.com/hls/114701234/114701234_480p_451_y3YiXFFmqAaKgwJW_1701126109.mp4
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
data
Size
322 kB (322264 bytes)
Hash
14d4d43ef306d3de093c0ef4b6889151
da5953e3b785a1520ac3742f7c6f09f8702c3c56
dbf7bf6aa9abe49d5986e21b9d9e113cd652f22d0906442b6c2218475fac5669

HTTP Headers

GET /hls/114701234/114701234_480p_451_y3YiXFFmqAaKgwJW_1701126109.mp4 HTTP/1.1
Host: b-hls-12.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:56 GMT
content-type: video/mp4
content-length: 322264
last-modified: Mon, 27 Nov 2023 23:01:51 GMT
etag: "65651fdf-4ead8"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 3
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfef4b9d856b4-OSL
alt-svc: h3=":443"; ma=86400

b-hls-01.doppiocdn.com/hls/92103719/92103719_init_m1SATnuOVmIObxrc.mp4

104.18.63.134

200 OK

1.2 kB

URL GET HTTP/3
b-hls-01.doppiocdn.com/hls/92103719/92103719_init_m1SATnuOVmIObxrc.mp4
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
ISO Media, MP4 Base Media v5 \012- data
Size
1.2 kB (1214 bytes)
Hash
1e855352608cf8c4a46865b4e7d7db20
aa271a1f9847077fa414f4a32a80d58440bd67a7
a7396171efc8322997f0aedec5c71de565ea2fa8f86b8c42ae8067700fa4bab7

HTTP Headers

GET /hls/92103719/92103719_init_m1SATnuOVmIObxrc.mp4 HTTP/1.1
Host: b-hls-01.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:56 GMT
content-type: video/mp4
content-length: 1214
last-modified: Mon, 27 Nov 2023 21:39:29 GMT
etag: "65650c91-4be"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 46
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfef57a3d56b4-OSL
alt-svc: h3=":443"; ma=86400

b-hls-01.doppiocdn.com/hls/92103719/92103719_init_m1SATnuOVmIObxrc.mp4

104.18.63.134

200 OK

1.2 kB

URL GET HTTP/3
b-hls-01.doppiocdn.com/hls/92103719/92103719_init_m1SATnuOVmIObxrc.mp4
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
ISO Media, MP4 Base Media v5 \012- data
Size
1.2 kB (1214 bytes)
Hash
1e855352608cf8c4a46865b4e7d7db20
aa271a1f9847077fa414f4a32a80d58440bd67a7
a7396171efc8322997f0aedec5c71de565ea2fa8f86b8c42ae8067700fa4bab7

HTTP Headers

GET /hls/92103719/92103719_init_m1SATnuOVmIObxrc.mp4 HTTP/1.1
Host: b-hls-01.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:56 GMT
content-type: video/mp4
content-length: 1214
last-modified: Mon, 27 Nov 2023 21:39:29 GMT
etag: "65650c91-4be"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 46
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfef59a5056b4-OSL
alt-svc: h3=":443"; ma=86400

b-hls-01.doppiocdn.com/hls/92103719/92103719_2469_2w0oEFJxI1zKEYY5_1701126107.mp4

104.18.63.134

200 OK

325 kB

URL GET HTTP/3
b-hls-01.doppiocdn.com/hls/92103719/92103719_2469_2w0oEFJxI1zKEYY5_1701126107.mp4
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
data
Size
325 kB (324733 bytes)
Hash
d41ef82b24d6de6c0b7db7bf06281a2e
96b41294e87a7d7ba2648e3a09077d38544d2418
5e6e54f243e84eff62acc40cd35d9d857b0b6945e7642a1d13be068e78953e7a

HTTP Headers

GET /hls/92103719/92103719_2469_2w0oEFJxI1zKEYY5_1701126107.mp4 HTTP/1.1
Host: b-hls-01.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:56 GMT
content-type: video/mp4
content-length: 324733
last-modified: Mon, 27 Nov 2023 23:01:49 GMT
etag: "65651fdd-4f47d"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 4
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfef5ca6f56b4-OSL
alt-svc: h3=":443"; ma=86400

b-hls-01.doppiocdn.com/hls/92103719/92103719_2469_2w0oEFJxI1zKEYY5_1701126107.mp4

104.18.63.134

200 OK

325 kB

URL GET HTTP/3
b-hls-01.doppiocdn.com/hls/92103719/92103719_2469_2w0oEFJxI1zKEYY5_1701126107.mp4
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
data
Size
325 kB (324733 bytes)
Hash
d41ef82b24d6de6c0b7db7bf06281a2e
96b41294e87a7d7ba2648e3a09077d38544d2418
5e6e54f243e84eff62acc40cd35d9d857b0b6945e7642a1d13be068e78953e7a

HTTP Headers

GET /hls/92103719/92103719_2469_2w0oEFJxI1zKEYY5_1701126107.mp4 HTTP/1.1
Host: b-hls-01.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:56 GMT
content-type: video/mp4
content-length: 324733
last-modified: Mon, 27 Nov 2023 23:01:49 GMT
etag: "65651fdd-4f47d"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 4
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfef5fa9456b4-OSL
alt-svc: h3=":443"; ma=86400

b-hls-01.doppiocdn.com/hls/92103719/92103719_2470_2dKi8SB6fysHOAcX_1701126109.mp4

104.18.63.134

200 OK

326 kB

URL GET HTTP/3
b-hls-01.doppiocdn.com/hls/92103719/92103719_2470_2dKi8SB6fysHOAcX_1701126109.mp4
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
data
Size
326 kB (325758 bytes)
Hash
7ee699bdb8d66bb6c3da3e3352ac010b
c8af698c2d0ded443335458300e4300c6727ab91
eac80910b89ca5c32840a075e126b47356e76d62df5fd531f64439a4209d33fd

HTTP Headers

GET /hls/92103719/92103719_2470_2dKi8SB6fysHOAcX_1701126109.mp4 HTTP/1.1
Host: b-hls-01.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:56 GMT
content-type: video/mp4
content-length: 325758
last-modified: Mon, 27 Nov 2023 23:01:51 GMT
etag: "65651fdf-4f87e"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 2
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfef64abf56b4-OSL
alt-svc: h3=":443"; ma=86400

b-hls-01.doppiocdn.com/hls/92103719/92103719_2470_2dKi8SB6fysHOAcX_1701126109.mp4

104.18.63.134

200 OK

326 kB

URL GET HTTP/3
b-hls-01.doppiocdn.com/hls/92103719/92103719_2470_2dKi8SB6fysHOAcX_1701126109.mp4
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
data
Size
326 kB (325758 bytes)
Hash
7ee699bdb8d66bb6c3da3e3352ac010b
c8af698c2d0ded443335458300e4300c6727ab91
eac80910b89ca5c32840a075e126b47356e76d62df5fd531f64439a4209d33fd

HTTP Headers

GET /hls/92103719/92103719_2470_2dKi8SB6fysHOAcX_1701126109.mp4 HTTP/1.1
Host: b-hls-01.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:56 GMT
content-type: video/mp4
content-length: 325758
last-modified: Mon, 27 Nov 2023 23:01:51 GMT
etag: "65651fdf-4f87e"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 2
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfef67ad656b4-OSL
alt-svc: h3=":443"; ma=86400

b-hls-12.doppiocdn.com/hls/105515374/105515374_480p_init_IgsRtsJARq61koWH.mp4

104.18.63.134

1.2 kB

URL
b-hls-12.doppiocdn.com/hls/105515374/105515374_480p_init_IgsRtsJARq61koWH.mp4
IP
104.18.63.134:0
ASN
#13335 CLOUDFLARENET

File type
ISO Media, MP4 Base Media v5 \012- data
Size
1.2 kB (1218 bytes)
Hash
6b5797c6c875d29631baaee559ea21d3
c3e01d126cde8b9f0718715a548c329078c4d3f2
3327593730e719c4d6a584a01f1026c924bf4f296e50b9d9890e8951c8525939

HTTP Headers

GET /hls/105515374/105515374_480p_init_IgsRtsJARq61koWH.mp4 HTTP/1.1
Host: b-hls-12.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:56 GMT
content-type: video/mp4
content-length: 1218
last-modified: Mon, 27 Nov 2023 22:50:39 GMT
etag: "65651d3f-4c2"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 46
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfef6db2f56b4-OSL
alt-svc: h3=":443"; ma=86400

b-hls-12.doppiocdn.com/hls/105515374/105515374_480p_init_IgsRtsJARq61koWH.mp4

104.18.63.134

1.2 kB

URL
b-hls-12.doppiocdn.com/hls/105515374/105515374_480p_init_IgsRtsJARq61koWH.mp4
IP
104.18.63.134:0
ASN
#13335 CLOUDFLARENET

File type
ISO Media, MP4 Base Media v5 \012- data
Size
1.2 kB (1218 bytes)
Hash
6b5797c6c875d29631baaee559ea21d3
c3e01d126cde8b9f0718715a548c329078c4d3f2
3327593730e719c4d6a584a01f1026c924bf4f296e50b9d9890e8951c8525939

HTTP Headers

GET /hls/105515374/105515374_480p_init_IgsRtsJARq61koWH.mp4 HTTP/1.1
Host: b-hls-12.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:56 GMT
content-type: video/mp4
content-length: 1218
last-modified: Mon, 27 Nov 2023 22:50:39 GMT
etag: "65651d3f-4c2"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 46
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfef72b5656b4-OSL
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/interstitial/games/hentai-heroes/adult/5/css/styles.css

172.64.108.10

200 OK

313 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/interstitial/games/hentai-heroes/adult/5/css/styles.css
IP
172.64.108.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
ASCII text
Size
313 kB (312998 bytes)
Hash
a6d31539dcdf6c376422f7deba072f6c
fc6e358a2d34ffc1eeb18ec04addd07c73207b15
006e318221fdade29af95f9e9ea2766b911d160b69dad051bc71f21a9db692e9

HTTP Headers

GET /sb/interstitial/games/hentai-heroes/adult/5/css/styles.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://de.hentai-gif-anime.com
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Nov 2023 23:01:55 GMT
content-type: text/css
last-modified: Thu, 19 Oct 2023 15:53:07 GMT
etag: W/"653150e3-1286"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u1GD%2FMDGxn00iq3%2FqVfgRi4u64CRoS%2BNR2sqAaXZpjumIlkXUNtDUeh5bQJrhLoXfPBeoMza0HfQTXH%2B0JH6Jml5qQyJLH4bac5A%2FrZcd8kcg9%2BaKer4kYLl5CS0r%2F4bNLl3j4CUCyVZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfee96ddd886b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

b-hls-12.doppiocdn.com/hls/105515374/105515374_480p_334_owWClBjGy5jK3YCX_1701126109.mp4

104.18.63.134

200 OK

312 kB

URL GET HTTP/3
b-hls-12.doppiocdn.com/hls/105515374/105515374_480p_334_owWClBjGy5jK3YCX_1701126109.mp4
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
data
Size
312 kB (311774 bytes)
Hash
038923f4ca198bd744337abba510d7cd
2bb25b4c3a5dca1e81130b825113a736c3b9ef9a
7c1784aeaa2535d4979b39ef7ff90c400db6a6a8789c7a60969a5e405489d4a3

HTTP Headers

GET /hls/105515374/105515374_480p_334_owWClBjGy5jK3YCX_1701126109.mp4 HTTP/1.1
Host: b-hls-12.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:57 GMT
content-type: video/mp4
content-length: 311774
last-modified: Mon, 27 Nov 2023 23:01:51 GMT
etag: "65651fdf-4c1de"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 5
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfef76b8556b4-OSL
alt-svc: h3=":443"; ma=86400

b-hls-12.doppiocdn.com/hls/105515374/105515374_480p_335_JSz90i6ybswi3HnQ_1701126111.mp4

104.18.63.134

200 OK

323 kB

URL GET HTTP/3
b-hls-12.doppiocdn.com/hls/105515374/105515374_480p_335_JSz90i6ybswi3HnQ_1701126111.mp4
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
data
Size
323 kB (323395 bytes)
Hash
5105f2a73c0ccbc0d96a9c70aafaf004
3e7bb1dc23a0973355a50c9f7bab6923baba19a0
3227c2dff9ac81a6b1e089b821a9487df9307c821f518275570aa192090f35a1

HTTP Headers

GET /hls/105515374/105515374_480p_335_JSz90i6ybswi3HnQ_1701126111.mp4 HTTP/1.1
Host: b-hls-12.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:57 GMT
content-type: video/mp4
content-length: 323395
last-modified: Mon, 27 Nov 2023 23:01:53 GMT
etag: "65651fe1-4ef43"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 3
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfef79ba256b4-OSL
alt-svc: h3=":443"; ma=86400

b-hls-12.doppiocdn.com/hls/105515374/105515374_480p_335_JSz90i6ybswi3HnQ_1701126111.mp4

104.18.63.134

200 OK

323 kB

URL GET HTTP/3
b-hls-12.doppiocdn.com/hls/105515374/105515374_480p_335_JSz90i6ybswi3HnQ_1701126111.mp4
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
data
Size
323 kB (323395 bytes)
Hash
5105f2a73c0ccbc0d96a9c70aafaf004
3e7bb1dc23a0973355a50c9f7bab6923baba19a0
3227c2dff9ac81a6b1e089b821a9487df9307c821f518275570aa192090f35a1

HTTP Headers

GET /hls/105515374/105515374_480p_335_JSz90i6ybswi3HnQ_1701126111.mp4 HTTP/1.1
Host: b-hls-12.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:57 GMT
content-type: video/mp4
content-length: 323395
last-modified: Mon, 27 Nov 2023 23:01:53 GMT
etag: "65651fe1-4ef43"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 3
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfef7fbe156b4-OSL
alt-svc: h3=":443"; ma=86400

b-hls-24.doppiocdn.com/hls/7536780/7536780_480p_init_9EACojjwzlF2upH5.mp4

104.18.63.134

200 OK

1.2 kB

URL GET HTTP/3
b-hls-24.doppiocdn.com/hls/7536780/7536780_480p_init_9EACojjwzlF2upH5.mp4
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
ISO Media, MP4 Base Media v5 \012- data
Size
1.2 kB (1218 bytes)
Hash
6b5797c6c875d29631baaee559ea21d3
c3e01d126cde8b9f0718715a548c329078c4d3f2
3327593730e719c4d6a584a01f1026c924bf4f296e50b9d9890e8951c8525939

HTTP Headers

GET /hls/7536780/7536780_480p_init_9EACojjwzlF2upH5.mp4 HTTP/1.1
Host: b-hls-24.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:57 GMT
content-type: video/mp4
content-length: 1218
last-modified: Mon, 27 Nov 2023 21:58:35 GMT
etag: "6565110b-4c2"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 46
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfef89c4256b4-OSL
alt-svc: h3=":443"; ma=86400

b-hls-24.doppiocdn.com/hls/7536780/7536780_480p_init_9EACojjwzlF2upH5.mp4

104.18.63.134

200 OK

1.2 kB

URL GET HTTP/3
b-hls-24.doppiocdn.com/hls/7536780/7536780_480p_init_9EACojjwzlF2upH5.mp4
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
ISO Media, MP4 Base Media v5 \012- data
Size
1.2 kB (1218 bytes)
Hash
6b5797c6c875d29631baaee559ea21d3
c3e01d126cde8b9f0718715a548c329078c4d3f2
3327593730e719c4d6a584a01f1026c924bf4f296e50b9d9890e8951c8525939

HTTP Headers

GET /hls/7536780/7536780_480p_init_9EACojjwzlF2upH5.mp4 HTTP/1.1
Host: b-hls-24.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:57 GMT
content-type: video/mp4
content-length: 1218
last-modified: Mon, 27 Nov 2023 21:58:35 GMT
etag: "6565110b-4c2"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 46
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfef89c4656b4-OSL
alt-svc: h3=":443"; ma=86400

b-hls-24.doppiocdn.com/hls/7536780/7536780_480p_1897_nz8m11JEGmsMtxQn_1701126109.mp4

104.18.63.134

200 OK

332 kB

URL GET HTTP/3
b-hls-24.doppiocdn.com/hls/7536780/7536780_480p_1897_nz8m11JEGmsMtxQn_1701126109.mp4
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
data
Size
332 kB (331866 bytes)
Hash
39b942e4c48bf1314980180db105d775
c108c1f9a2466904ceb67a082cfb8446397824bb
873cb96af97f1a7c3a32d79978e254703d1faf7ba2cf8596a07650c4d1aff6c3

HTTP Headers

GET /hls/7536780/7536780_480p_1897_nz8m11JEGmsMtxQn_1701126109.mp4 HTTP/1.1
Host: b-hls-24.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:57 GMT
content-type: video/mp4
content-length: 331866
last-modified: Mon, 27 Nov 2023 23:01:51 GMT
etag: "65651fdf-5105a"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 4
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfef8cc6656b4-OSL
alt-svc: h3=":443"; ma=86400

b-hls-24.doppiocdn.com/hls/7536780/7536780_480p_1897_nz8m11JEGmsMtxQn_1701126109.mp4

104.18.63.134

200 OK

332 kB

URL GET HTTP/3
b-hls-24.doppiocdn.com/hls/7536780/7536780_480p_1897_nz8m11JEGmsMtxQn_1701126109.mp4
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
data
Size
332 kB (331866 bytes)
Hash
39b942e4c48bf1314980180db105d775
c108c1f9a2466904ceb67a082cfb8446397824bb
873cb96af97f1a7c3a32d79978e254703d1faf7ba2cf8596a07650c4d1aff6c3

HTTP Headers

GET /hls/7536780/7536780_480p_1897_nz8m11JEGmsMtxQn_1701126109.mp4 HTTP/1.1
Host: b-hls-24.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:57 GMT
content-type: video/mp4
content-length: 331866
last-modified: Mon, 27 Nov 2023 23:01:51 GMT
etag: "65651fdf-5105a"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 4
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfef8cc6756b4-OSL
alt-svc: h3=":443"; ma=86400

edge-hls.doppiocdn.com/hls/7536780/master/7536780_480p.m3u8

104.18.63.134

314 kB

URL
edge-hls.doppiocdn.com/hls/7536780/master/7536780_480p.m3u8
IP
104.18.63.134:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
314 kB (313811 bytes)
Hash
f80417581ce51688921ac34642906cc2
5d1e087ad30d5e7e0e1a01db5a016e55915f62ec
aa543ec17023a4fb99406bff8942cdd28d0a36829412c5f88180d3bd8c498e1a

HTTP Headers

GET /hls/7536780/master/7536780_480p.m3u8 HTTP/1.1
Host: edge-hls.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:57 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 27 Nov 2023 23:01:55 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=3, s-maxage=3
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
set-cookie: __cflb=02DiuDqTDHWLb7zSddG9z9dnCh3o3hTZUWavj6pHsgAZA; SameSite=None; Secure; path=/; expires=Tue, 28-Nov-23 23:01:57 GMT; HttpOnly
server: cloudflare
cf-ray: 82cdfef79baa56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

b-hls-24.doppiocdn.com/hls/7536780/7536780_480p_1898_lwMaRnoWztQbizg9_1701126111.mp4

104.18.63.134

200 OK

314 kB

URL GET HTTP/3
b-hls-24.doppiocdn.com/hls/7536780/7536780_480p_1898_lwMaRnoWztQbizg9_1701126111.mp4
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
data
Size
314 kB (313623 bytes)
Hash
b6c286d25cf5314033c077419b3a5014
5e5cf5c90a2c78bcf9e32c8643ea48c9471b8ebf
adc24ad1a2ad8a8fe7309dce7e3d218d5a7f8bcb3de951e848d7982703a5e255

HTTP Headers

GET /hls/7536780/7536780_480p_1898_lwMaRnoWztQbizg9_1701126111.mp4 HTTP/1.1
Host: b-hls-24.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:57 GMT
content-type: video/mp4
content-length: 313623
last-modified: Mon, 27 Nov 2023 23:01:53 GMT
etag: "65651fe1-4c917"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 2
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfef98cd456b4-OSL
alt-svc: h3=":443"; ma=86400

b-hls-02.doppiocdn.com/hls/136195660/136195660_480p.m3u8

104.18.63.134

200 OK

1.5 kB

URL GET HTTP/3
b-hls-02.doppiocdn.com/hls/136195660/136195660_480p.m3u8
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
1.5 kB (1530 bytes)
Hash
5307b443f097fa44bf19c0b1959d6e1d
31aa8aeeca4d5ae431e5f8885cb019e329bb8fac
fac24efc3b0344c22240e90ce397c3db7be2b0e34602dd3b89dfcdcc1048bf8d

HTTP Headers

GET /hls/136195660/136195660_480p.m3u8 HTTP/1.1
Host: b-hls-02.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:57 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 27 Nov 2023 23:01:56 GMT
x-proxy-cache: MISS
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 1
server: cloudflare
cf-ray: 82cdfef9ccff56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

b-hls-02.doppiocdn.com/hls/136195660/136195660_480p_init_PL6TMgE8GGDgyfMY.mp4

104.18.63.134

200 OK

1.2 kB

URL GET HTTP/3
b-hls-02.doppiocdn.com/hls/136195660/136195660_480p_init_PL6TMgE8GGDgyfMY.mp4
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
ISO Media, MP4 Base Media v5 \012- data
Size
1.2 kB (1217 bytes)
Hash
540ba5cddda9c6a55fd0f71468e28174
1aa833402ab115bab8cb95042bec06ee7642a5d8
5167fb6f6bdeaefa7404d0ca241792ba1dbd97a8a2c2e4435fd46523b3bd79a6

HTTP Headers

GET /hls/136195660/136195660_480p_init_PL6TMgE8GGDgyfMY.mp4 HTTP/1.1
Host: b-hls-02.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:57 GMT
content-type: video/mp4
content-length: 1217
last-modified: Mon, 27 Nov 2023 22:15:40 GMT
etag: "6565150c-4c1"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 42
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfefa2d2656b4-OSL
alt-svc: h3=":443"; ma=86400

b-hls-02.doppiocdn.com/hls/136195660/136195660_480p_1383_tintzloy7ITp3XHp_1701126108.mp4

104.18.63.134

301 kB

URL
b-hls-02.doppiocdn.com/hls/136195660/136195660_480p_1383_tintzloy7ITp3XHp_1701126108.mp4
IP
104.18.63.134:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
data
Size
301 kB (300793 bytes)
Hash
02ea85d79ec78a33e26227a5a0145aba
bd7a785f16a7b83fb997c18b2af05e359fd33648
0bf187ec83cbf6632f6170b2a16d8456edb3ca1224b63b564fcb251ac9aa9db1

HTTP Headers

GET /hls/136195660/136195660_480p_1383_tintzloy7ITp3XHp_1701126108.mp4 HTTP/1.1
Host: b-hls-02.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:57 GMT
content-type: video/mp4
content-length: 300793
last-modified: Mon, 27 Nov 2023 23:01:50 GMT
etag: "65651fde-496f9"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 5
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfefa4d3e56b4-OSL
alt-svc: h3=":443"; ma=86400

b-hls-24.doppiocdn.com/hls/7536780/7536780_480p.m3u8

104.18.63.134

200 OK

301 kB

URL GET HTTP/3
b-hls-24.doppiocdn.com/hls/7536780/7536780_480p.m3u8
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
301 kB (301107 bytes)
Hash
58e1f3ba1d39f5400267d2af992432f0
b5828c15e007f3d3a492fcbd5d1bbc1bc94783a7
af8e1c0c89a52ae5a2dc1cdbef8b20b590df3f7c3b2fbbd48b39ce29943d4c2f

HTTP Headers

GET /hls/7536780/7536780_480p.m3u8 HTTP/1.1
Host: b-hls-24.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:57 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 27 Nov 2023 23:01:57 GMT
x-proxy-cache: MISS
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 82cdfef83c0d56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

b-hls-02.doppiocdn.com/hls/136195660/136195660_480p_1384_hOLR7zSRcIJ9dP2v_1701126110.mp4

104.18.63.134

200 OK

306 kB

URL GET HTTP/3
b-hls-02.doppiocdn.com/hls/136195660/136195660_480p_1384_hOLR7zSRcIJ9dP2v_1701126110.mp4
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
data
Size
306 kB (305495 bytes)
Hash
0f052c67515c8900aeda2320a243de13
aed284de99c04559415a6521b5713252f2c07981
bafade71ccfa26e20aa623b1a0eeeeae5468830f59885e4df6dfc9dc979bb38c

HTTP Headers

GET /hls/136195660/136195660_480p_1384_hOLR7zSRcIJ9dP2v_1701126110.mp4 HTTP/1.1
Host: b-hls-02.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:57 GMT
content-type: video/mp4
content-length: 305495
last-modified: Mon, 27 Nov 2023 23:01:52 GMT
etag: "65651fe0-4a957"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 3
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfefacd8156b4-OSL
alt-svc: h3=":443"; ma=86400

b-hls-02.doppiocdn.com/hls/136195660/136195660_480p_1384_hOLR7zSRcIJ9dP2v_1701126110.mp4

104.18.63.134

200 OK

306 kB

URL GET HTTP/3
b-hls-02.doppiocdn.com/hls/136195660/136195660_480p_1384_hOLR7zSRcIJ9dP2v_1701126110.mp4
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
data
Size
306 kB (305495 bytes)
Hash
0f052c67515c8900aeda2320a243de13
aed284de99c04559415a6521b5713252f2c07981
bafade71ccfa26e20aa623b1a0eeeeae5468830f59885e4df6dfc9dc979bb38c

HTTP Headers

GET /hls/136195660/136195660_480p_1384_hOLR7zSRcIJ9dP2v_1701126110.mp4 HTTP/1.1
Host: b-hls-02.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:57 GMT
content-type: video/mp4
content-length: 305495
last-modified: Mon, 27 Nov 2023 23:01:52 GMT
etag: "65651fe0-4a957"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 3
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfefafda156b4-OSL
alt-svc: h3=":443"; ma=86400

b-hls-12.doppiocdn.com/hls/105515374/105515374_480p.m3u8

104.18.63.134

200 OK

730 B

URL GET HTTP/3
b-hls-12.doppiocdn.com/hls/105515374/105515374_480p.m3u8
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
M3U playlist, ASCII text, with very long lines (748), with no line terminators
Size
730 B (730 bytes)
Hash
125a1441ed19b1678c460e23e104f37a
9072965f26fb7b2603109a60f4980fd1d97914da
0f72355a3dc8cf60768dd7bcc49a12b2a4f5293be6da2c60f7cb9c64facf65d5

HTTP Headers

GET /hls/105515374/105515374_480p.m3u8 HTTP/1.1
Host: b-hls-12.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:02:04 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 27 Nov 2023 23:02:04 GMT
x-proxy-cache: MISS
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 82cdff288c6e56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

static.hentai-gif-anime.com/js/common/jquery-2.2.4.min.js

104.21.235.190

200 OK

86 kB

URL GET HTTP/3
static.hentai-gif-anime.com/js/common/jquery-2.2.4.min.js
IP
104.21.235.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:F5:E5:EA:61:30:D5:1C:EF:D7:18:ED:EC:FC:32:D2:89:CC:04:BE
ValidityMon, 27 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32065)
Size
86 kB (85578 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

HTTP Headers

GET /js/common/jquery-2.2.4.min.js HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: W/"65471322-14e4a"
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Origin, Authorization, Accept
access-control-allow-credentials: true
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 7988
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POzzVABUkYG9B%2FTLc%2BH4wKuPPYGk1s4gGYdyHEneO3m2f9%2F4eqz0ZJZLqdkHV2ZYP9neQGDA%2BkZ9yL%2FoRvxQSlT%2B6iOlmj%2FoY1O5hp%2B0nBAyqNGxVwPP6cYYZitREWYEQttzxxkibxaZOZWD6II%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82cdfed50bd470f9-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

static.hentai-gif-anime.com/css/common/awesome/css/font-awesome.min.css

104.21.235.190

200 OK

31 kB

URL GET HTTP/3
static.hentai-gif-anime.com/css/common/awesome/css/font-awesome.min.css
IP
104.21.235.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://de.hentai-gif-anime.com/image/kagaku-na-yatsura-gifs-47/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint56:F5:E5:EA:61:30:D5:1C:EF:D7:18:ED:EC:FC:32:D2:89:CC:04:BE
ValidityMon, 27 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /css/common/awesome/css/font-awesome.min.css HTTP/1.1
Host: static.hentai-gif-anime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://de.hentai-gif-anime.com/
Cookie: adsense=pc-interstitial%3D20231128080151
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding
last-modified: Sun, 05 Nov 2023 03:59:30 GMT
etag: W/"65471322-7918"
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Origin, Authorization, Accept
access-control-allow-credentials: true
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 409813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jfJHM5a3spP4T31WrIE4smh137qLlS2ubCcsVnehRiSicN7%2BiJTlycD6nEzOCH3x%2BhR%2FUlnvHQZhEEIK5Zv4ztdjHnXWP8801l6Xvl%2BoYi%2FdR9XlGGEYqFB%2BCttIsxaXQ7OInCMkeO%2FWG5A8Ws%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82cdfed4bb0e70f9-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

creative.bbrdbr.com/widgets/v4/Universal/hls.4cfa5b780bfed20a8b26.js

104.18.59.150

200 OK

61 B

URL GET HTTP/3
creative.bbrdbr.com/widgets/v4/Universal/hls.4cfa5b780bfed20a8b26.js
IP
104.18.59.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
61 B (61 bytes)
Hash
22f22b49cc901aa95826401f7ce0930c
6471abdd35ab6d511b67d73ad1375f1ee0f255de
0fae8b03858a764bad3e9af19bfc924ead5b9e25c760432c19e91cba3dff1cf3

HTTP Headers

GET /widgets/v4/Universal/hls.4cfa5b780bfed20a8b26.js HTTP/1.1
Host: creative.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 23 Nov 2023 14:38:50 GMT
etag: W/"655f63fa-3d"
expires: Mon, 27 Nov 2023 23:01:59 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 3
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfeee1e9356bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

creative.bbrdbr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js

104.18.59.150

200 OK

178 kB

URL GET HTTP/3
creative.bbrdbr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js
IP
104.18.59.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (45140)
Size
178 kB (177865 bytes)
Hash
4a1e862a348e6713dfcce18e9cda2f42
47bed78ef29844bec68da443a6b0add48936b61b
b3b83266dde6fa2870ddc1cc812233d8baa03727cd4d65733ed5ee7a4fbb4490

HTTP Headers

GET /widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js HTTP/1.1
Host: creative.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 23 Nov 2023 14:38:50 GMT
etag: W/"655f63fa-2b6c9"
expires: Mon, 27 Nov 2023 23:01:54 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 2
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfeee2e9e56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

creative.bbrdbr.com/widgets/v4/Universal/lang/en.json

104.18.59.150

200 OK

172 B

URL GET HTTP/3
creative.bbrdbr.com/widgets/v4/Universal/lang/en.json
IP
104.18.59.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
172 B (172 bytes)
Hash
402f4a06b5dcf96d25dd4ff1f840784b
edebb253af01ef1882f424ee6278368485898d62
bd570b38d9d687c593545a7b250570605c601381f3d3d5263346b295e12a55ba

HTTP Headers

GET /widgets/v4/Universal/lang/en.json HTTP/1.1
Host: creative.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:54 GMT
content-type: application/json
last-modified: Thu, 23 Nov 2023 14:37:17 GMT
etag: W/"655f639d-ac"
expires: Mon, 27 Nov 2023 23:01:57 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 7
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfee88e7e56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

b-hls-12.doppiocdn.com/hls/114701234/114701234_480p.m3u8

104.18.63.134

200 OK

730 B

URL GET HTTP/3
b-hls-12.doppiocdn.com/hls/114701234/114701234_480p.m3u8
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
M3U playlist, ASCII text, with very long lines (748), with no line terminators
Size
730 B (730 bytes)
Hash
b54918eab4fd7de57060f515604b4f15
c081c1896a13d55497154e833f2c17e74f5c14ea
b3da77a3a081f59740a83a5ec2a6f5ab556ac48a1cb56f60aa9af92e57fc6383

HTTP Headers

GET /hls/114701234/114701234_480p.m3u8 HTTP/1.1
Host: b-hls-12.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:02:00 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 27 Nov 2023 23:01:58 GMT
x-proxy-cache: MISS
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 1
server: cloudflare
cf-ray: 82cdff0c49e256b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

b-hls-10.doppiocdn.com/hls/135586754/135586754_480p.m3u8

104.18.63.134

200 OK

734 B

URL GET HTTP/3
b-hls-10.doppiocdn.com/hls/135586754/135586754_480p.m3u8
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
M3U playlist, ASCII text, with very long lines (752), with no line terminators
Size
734 B (734 bytes)
Hash
b484e789c4ac83fc15049e4d7bd38ade
af58e97c2800fdd62335e0391a3360b5acac8369
3584644e2819352e8ce73b16018b3524666191d3987514e430e0dcb2317105bb

HTTP Headers

GET /hls/135586754/135586754_480p.m3u8 HTTP/1.1
Host: b-hls-10.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:02:02 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 27 Nov 2023 23:02:00 GMT
x-proxy-cache: MISS
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 1
server: cloudflare
cf-ray: 82cdff16a8e256b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

b-hls-12.doppiocdn.com/hls/105515374/105515374_480p.m3u8

104.18.63.134

200 OK

730 B

URL GET HTTP/3
b-hls-12.doppiocdn.com/hls/105515374/105515374_480p.m3u8
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
M3U playlist, ASCII text, with very long lines (748), with no line terminators
Size
730 B (730 bytes)
Hash
1455ff312a12f8df1515a747feafe93b
eb3e20b014eee525da1c90b6a790a7a4a1a7d416
bc74bccc93aaccb3d2bd1e6206d6cd852e555f83d1dfe95b6ccdd350b4164294

HTTP Headers

GET /hls/105515374/105515374_480p.m3u8 HTTP/1.1
Host: b-hls-12.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:02:00 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 27 Nov 2023 23:02:00 GMT
x-proxy-cache: MISS
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 82cdff0fcc0656b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

b-hls-12.doppiocdn.com/hls/114701234/114701234_480p.m3u8

104.18.63.134

200 OK

730 B

URL GET HTTP/3
b-hls-12.doppiocdn.com/hls/114701234/114701234_480p.m3u8
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
M3U playlist, ASCII text, with very long lines (748), with no line terminators
Size
730 B (730 bytes)
Hash
01f2a42e7eab186100b1a3b665a09bb2
1bf005d61ab9afbba555bbde9c1fbf09b94d3e1b
15b96221a5857fd689006224219e9d0385aca926e018d3113ea03a0376646646

HTTP Headers

GET /hls/114701234/114701234_480p.m3u8 HTTP/1.1
Host: b-hls-12.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:02:02 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 27 Nov 2023 23:02:00 GMT
x-proxy-cache: MISS
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 1
server: cloudflare
cf-ray: 82cdff18c9d856b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

go.bbrdbr.com/config?url=https%3A%2F%2Fcreative.bbrdbr.com%2Fwidgets%2Fv4%2FUniversal%2F%3FactionButtonPlacement%3Dbottom%26autoplay%3Dall%26autoplayForce%3D1%26buttonColor%3D%26campaignId%3D728cps2asgirl%26creativeId%3D728cps2asgirl%26domain%3Dstripchat%26hideButtonOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D1%26hideTitleOnSmallSpots%3D1%26isXhDesign%3D0%26liveBadgeColor%3D%26memberId%3D%257Bclickid%257D%26showButton%3D1%26showLiveBadge%3D1%26showModal%3Dsignup%26showModelName%3D1%26showTitle%3D1%26sound%3Doff%26sourceId%3D728cps2asgirl%26tag%3Dgirls%252Fasian%26targetDomain%3D%26thumbSizeKey%3Dsmall%26trackOff%3D1%26userId%3Debe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75

104.18.59.150

200 OK

6.8 kB

URL GET HTTP/3
go.bbrdbr.com/config?url=https%3A%2F%2Fcreative.bbrdbr.com%2Fwidgets%2Fv4%2FUniversal%2F%3FactionButtonPlacement%3Dbottom%26autoplay%3Dall%26autoplayForce%3D1%26buttonColor%3D%26campaignId%3D728cps2asgirl%26creativeId%3D728cps2asgirl%26domain%3Dstripchat%26hideButtonOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D1%26hideTitleOnSmallSpots%3D1%26isXhDesign%3D0%26liveBadgeColor%3D%26memberId%3D%257Bclickid%257D%26showButton%3D1%26showLiveBadge%3D1%26showModal%3Dsignup%26showModelName%3D1%26showTitle%3D1%26sound%3Doff%26sourceId%3D728cps2asgirl%26tag%3Dgirls%252Fasian%26targetDomain%3D%26thumbSizeKey%3Dsmall%26trackOff%3D1%26userId%3Debe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
IP
104.18.59.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (8856), with no line terminators
Size
6.8 kB (6761 bytes)
Hash
12ddcc4ffc06d60bcf5ef31e610fae54
c75f96b25854ceaf775f437d06688e393dc46270
4d5cfdb3b7c1a89d22d1b0ef9ac1d0435d7a51489216a653c74e9339ff15a162

HTTP Headers

GET /config?url=https%3A%2F%2Fcreative.bbrdbr.com%2Fwidgets%2Fv4%2FUniversal%2F%3FactionButtonPlacement%3Dbottom%26autoplay%3Dall%26autoplayForce%3D1%26buttonColor%3D%26campaignId%3D728cps2asgirl%26creativeId%3D728cps2asgirl%26domain%3Dstripchat%26hideButtonOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D1%26hideTitleOnSmallSpots%3D1%26isXhDesign%3D0%26liveBadgeColor%3D%26memberId%3D%257Bclickid%257D%26showButton%3D1%26showLiveBadge%3D1%26showModal%3Dsignup%26showModelName%3D1%26showTitle%3D1%26sound%3Doff%26sourceId%3D728cps2asgirl%26tag%3Dgirls%252Fasian%26targetDomain%3D%26thumbSizeKey%3Dsmall%26trackOff%3D1%26userId%3Debe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75 HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:54 GMT
content-type: application/json
access-control-allow-origin: https://creative.bbrdbr.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
last-modified: Mon, 27 Nov 2023 22:47:35 GMT
cf-cache-status: HIT
age: 252
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cdfee88e7f56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

b-hls-12.doppiocdn.com/hls/105515374/105515374_480p.m3u8

104.18.63.134

200 OK

730 B

URL GET HTTP/3
b-hls-12.doppiocdn.com/hls/105515374/105515374_480p.m3u8
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
M3U playlist, ASCII text, with very long lines (748), with no line terminators
Size
730 B (730 bytes)
Hash
04127d9ec5edc3b86e878fdd0a8638fe
b82e0238d224c310acece03e3623f4fe101b043b
7d780cb7ba1c6da2696603a971858756f3bd48414d2af2c617206abf1eaf4bfa

HTTP Headers

GET /hls/105515374/105515374_480p.m3u8 HTTP/1.1
Host: b-hls-12.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:58 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 27 Nov 2023 23:01:58 GMT
x-proxy-cache: MISS
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 82cdff034b4e56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

b-hls-01.doppiocdn.com/hls/92103719/92103719.m3u8

104.18.63.134

200 OK

706 B

URL GET HTTP/3
b-hls-01.doppiocdn.com/hls/92103719/92103719.m3u8
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
M3U playlist, ASCII text, with very long lines (724), with no line terminators
Size
706 B (706 bytes)
Hash
5d3577566699bf03c8017fbbfa0be2be
0a75686523181a1101b7f9f0a525a434042fcfba
6a0de2b1b03d30ee6638569df9baaa79ee4abfea120a174ff512867993f0b9b6

HTTP Headers

GET /hls/92103719/92103719.m3u8 HTTP/1.1
Host: b-hls-01.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:02:00 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 27 Nov 2023 23:01:58 GMT
x-proxy-cache: MISS
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 82cdff0e2b1f56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

go.bbrdbr.com/thumbs/view

104.18.59.150

200 OK

590 B

URL POST HTTP/3
go.bbrdbr.com/thumbs/view
IP
104.18.59.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (679), with no line terminators
Size
590 B (590 bytes)
Hash
5889a08cc3877a63cf40b6cb2fe8c6e6
dcb84b7e283b5da41dbebf83baa202aeb3ed2143
ac459a85138554d61f44e13a3fa99ee1422a289e92fe000ceb88b83c154bf068

HTTP Headers

POST /thumbs/view HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 432
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:55 GMT
content-type: application/json
access-control-allow-origin: https://creative.bbrdbr.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28upDCGznfDm9XVD3VBZigQJNzkRrbk67a5Kp8nkk; SameSite=None; Secure; path=/; expires=Tue, 28-Nov-23 23:01:55 GMT; HttpOnly
server: cloudflare
cf-ray: 82cdfeee1e9656bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

b-hls-10.doppiocdn.com/hls/135586754/135586754_480p.m3u8

104.18.63.134

200 OK

734 B

URL GET HTTP/3
b-hls-10.doppiocdn.com/hls/135586754/135586754_480p.m3u8
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
M3U playlist, ASCII text, with very long lines (752), with no line terminators
Size
734 B (734 bytes)
Hash
91fb4cbce8bfcbaf9d1852767ee29869
74cf7b79bd622e880f7cee22d8cdec05d4103eb4
2a127b9bdc942ad77a1e4af27aa3370ab2e1e5937cd37a08b9b78dd34e413a56

HTTP Headers

GET /hls/135586754/135586754_480p.m3u8 HTTP/1.1
Host: b-hls-10.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:02:00 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 27 Nov 2023 23:01:58 GMT
x-proxy-cache: MISS
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 1
server: cloudflare
cf-ray: 82cdff0a280156b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

go.bbrdbr.com/api/models?tag=girls%2Fasian&forceClient=1&stripcashR=0&limit=6&usePreroll&webp=1

104.18.59.150

200 OK

9.2 kB

URL GET HTTP/3
go.bbrdbr.com/api/models?tag=girls%2Fasian&forceClient=1&stripcashR=0&limit=6&usePreroll&webp=1
IP
104.18.59.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (9863), with no line terminators
Size
9.2 kB (9173 bytes)
Hash
326633f19ac78f8e020f9133914aa576
e21030425dc6741b7872a162fc3bc11fcaa79dd1
92984186ad8ff74227de3e9a01f90c10a2357b531c7eb2233a3e39ca94089f25

HTTP Headers

GET /api/models?tag=girls%2Fasian&forceClient=1&stripcashR=0&limit=6&usePreroll&webp=1 HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Cookie: __cflb=0H28upDCGznfDm9XVE9SipefN9YVHPpfCMWbLjejdEc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:54 GMT
content-type: application/json
access-control-allow-origin: https://creative.bbrdbr.com
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
last-modified: Mon, 27 Nov 2023 23:01:48 GMT
cf-cache-status: HIT
age: 6
server: cloudflare
cf-ray: 82cdfeeaa8cc56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

edge-hls.doppiocdn.com/hls/136195660/master/136195660_480p.m3u8

104.18.63.134

200 OK

227 B

URL GET HTTP/3
edge-hls.doppiocdn.com/hls/136195660/master/136195660_480p.m3u8
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
M3U playlist, ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
b770994fc8f4b0ae17d7dfd3cb9fb993
adb2579034c354ba0469ae35edc78db372646271
02d71d16eeaf3ce25f341786bf6ab3efa2ed315e34ec64a8c3a57daf2fd6fc9a

HTTP Headers

GET /hls/136195660/master/136195660_480p.m3u8 HTTP/1.1
Host: edge-hls.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:57 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 27 Nov 2023 23:01:53 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=3, s-maxage=3
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 2
server: cloudflare
cf-ray: 82cdfef93cae56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

b-hls-12.doppiocdn.com/hls/105515374/105515374_480p.m3u8

104.18.63.134

200 OK

730 B

URL GET HTTP/3
b-hls-12.doppiocdn.com/hls/105515374/105515374_480p.m3u8
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
M3U playlist, ASCII text, with very long lines (748), with no line terminators
Size
730 B (730 bytes)
Hash
ad71a472e68e98d465f2085b322461e3
aed4707be6ad82bc90da6899386ab12d6be2309f
71cfa0cba373a38ac9a8523900e9c819324aae3ff039416bfb7b3889719a84a1

HTTP Headers

GET /hls/105515374/105515374_480p.m3u8 HTTP/1.1
Host: b-hls-12.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:56 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 27 Nov 2023 23:01:56 GMT
x-proxy-cache: HIT
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 82cdfef6db2d56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

b-hls-12.doppiocdn.com/hls/114701234/114701234_480p.m3u8

104.18.63.134

200 OK

730 B

URL GET HTTP/3
b-hls-12.doppiocdn.com/hls/114701234/114701234_480p.m3u8
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
M3U playlist, ASCII text, with very long lines (748), with no line terminators
Size
730 B (730 bytes)
Hash
34fe5eeb726e8c2cfd47999858ac0905
e82c77b5595f88dce57e3e38a081cb8f96d4633d
4db852b84cfbeea5494cd0a6b6786ec9c7a46b482717bce9184693494d150cd5

HTTP Headers

GET /hls/114701234/114701234_480p.m3u8 HTTP/1.1
Host: b-hls-12.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:58 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 27 Nov 2023 23:01:56 GMT
x-proxy-cache: MISS
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 1
server: cloudflare
cf-ray: 82cdfeffc8f856b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

b-hls-10.doppiocdn.com/hls/135586754/135586754_480p.m3u8

104.18.63.134

200 OK

734 B

URL GET HTTP/3
b-hls-10.doppiocdn.com/hls/135586754/135586754_480p.m3u8
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
M3U playlist, ASCII text, with very long lines (752), with no line terminators
Size
734 B (734 bytes)
Hash
2dd51f4fbf6381b4d9043480768988f9
a07cc67e18c34362bef93c4e3250145b32899ae7
a3ec70e059a2cee661a81533d26f6d04a6f4d2a6615b7e27411e6fe20d6dcc00

HTTP Headers

GET /hls/135586754/135586754_480p.m3u8 HTTP/1.1
Host: b-hls-10.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:58 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 27 Nov 2023 23:01:56 GMT
x-proxy-cache: HIT
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 1
server: cloudflare
cf-ray: 82cdfefdaf8f56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

b-hls-12.doppiocdn.com/hls/105515374/105515374_480p.m3u8

104.18.63.134

200 OK

730 B

URL GET HTTP/3
b-hls-12.doppiocdn.com/hls/105515374/105515374_480p.m3u8
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
M3U playlist, ASCII text, with very long lines (748), with no line terminators
Size
730 B (730 bytes)
Hash
dacf5b613a5c4737760d95ab08e8d140
95f4b7809486215ce061f0d471000cdf60037b07
1590bc53b729d9635cc49ae57f53dff44dc1162e17b97f2003ea8ea5d3c42755

HTTP Headers

GET /hls/105515374/105515374_480p.m3u8 HTTP/1.1
Host: b-hls-12.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:02:02 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 27 Nov 2023 23:02:02 GMT
x-proxy-cache: MISS
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 82cdff1c0c4d56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

b-hls-01.doppiocdn.com/hls/92103719/92103719.m3u8

104.18.63.134

200 OK

706 B

URL GET HTTP/3
b-hls-01.doppiocdn.com/hls/92103719/92103719.m3u8
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
M3U playlist, ASCII text, with very long lines (724), with no line terminators
Size
706 B (706 bytes)
Hash
a79cb2a4dfbb499adc0ff2599ea4aca2
81dd15adacae30a179616598e85e752b29c858d2
44560df597c8a3f6a5e044eecad62cc175e8c60a2d099a1ff2a4f7bef7be34fe

HTTP Headers

GET /hls/92103719/92103719.m3u8 HTTP/1.1
Host: b-hls-01.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:02:04 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 27 Nov 2023 23:02:02 GMT
x-proxy-cache: MISS
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 82cdff272bb056b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

b-hls-12.doppiocdn.com/hls/105515374/105515374_480p.m3u8

104.18.63.134

200 OK

730 B

URL GET HTTP/3
b-hls-12.doppiocdn.com/hls/105515374/105515374_480p.m3u8
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
M3U playlist, ASCII text, with very long lines (748), with no line terminators
Size
730 B (730 bytes)
Hash
04127d9ec5edc3b86e878fdd0a8638fe
b82e0238d224c310acece03e3623f4fe101b043b
7d780cb7ba1c6da2696603a971858756f3bd48414d2af2c617206abf1eaf4bfa

HTTP Headers

GET /hls/105515374/105515374_480p.m3u8 HTTP/1.1
Host: b-hls-12.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:58 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 27 Nov 2023 23:01:58 GMT
x-proxy-cache: MISS
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 82cdff02fb2c56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

b-hls-10.doppiocdn.com/hls/135586754/135586754_480p.m3u8

104.18.63.134

200 OK

734 B

URL GET HTTP/3
b-hls-10.doppiocdn.com/hls/135586754/135586754_480p.m3u8
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
M3U playlist, ASCII text, with very long lines (752), with no line terminators
Size
734 B (734 bytes)
Hash
fe0193370be3807e59771fdc2cdc44ae
1d019ab945b896834b0bf5b22d42c8d8c08d0284
05b504bdf349dd85fea9228db76e50d3fe8b5427e65a493933da29221eaff228

HTTP Headers

GET /hls/135586754/135586754_480p.m3u8 HTTP/1.1
Host: b-hls-10.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:02:04 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 27 Nov 2023 23:02:02 GMT
x-proxy-cache: MISS
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 1
server: cloudflare
cf-ray: 82cdff23492756b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

edge-hls.doppiocdn.com/hls/114701234/master/114701234_480p.m3u8

104.18.63.134

200 OK

227 B

URL GET HTTP/3
edge-hls.doppiocdn.com/hls/114701234/master/114701234_480p.m3u8
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
M3U playlist, ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
2b64d3453edf29be068d67809da2da05
6f6e2164864528fa966ceade8e5b6952bc9d5050
daa979ba78d4d441b266c568cf1188ebdc38fed4edeefa2cb5f1f73c3361b0a1

HTTP Headers

GET /hls/114701234/master/114701234_480p.m3u8 HTTP/1.1
Host: edge-hls.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:56 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 27 Nov 2023 23:01:48 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=3, s-maxage=3
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 3
server: cloudflare
cf-ray: 82cdfef2f8c056b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

edge-hls.doppiocdn.com/hls/105515374/master/105515374_480p.m3u8

104.18.63.134

200 OK

227 B

URL GET HTTP/3
edge-hls.doppiocdn.com/hls/105515374/master/105515374_480p.m3u8
IP
104.18.63.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
M3U playlist, ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
9588b0bc3d996c2eb961a34e0506a1dc
60a4540d0e2d19bbf7e502f7127d7fa165681003
0f7beed7bddc3d52a7d4992d1608d0da17bb3c6bee0d6a8a189dc45ae6a6ebe3

HTTP Headers

GET /hls/105515374/master/105515374_480p.m3u8 HTTP/1.1
Host: edge-hls.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:01:56 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 27 Nov 2023 23:01:49 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=3, s-maxage=3
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 2
server: cloudflare
cf-ray: 82cdfef67ad756b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

b-hls-10.doppiocdn.com/hls/135586754/135586754_480p.m3u8

0.0.0.0

734 B

URL GET
b-hls-10.doppiocdn.com/hls/135586754/135586754_480p.m3u8
IP
0.0.0.0:0
ASN
#0

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2asgirl&creativeId=728cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
M3U playlist, ASCII text, with very long lines (752), with no line terminators
Size
734 B (734 bytes)
Hash
c7ac2e32dacdb81fcbac7e68909b7016
333edb8b668728dfdd468facfab9b50ee788c75f
2b7e9801b1ddc41f509c570aec3e6f91b9556c0079fc54a6cbd23d0470651947

HTTP Headers

GET /hls/135586754/135586754_480p.m3u8 HTTP/1.1
Host: b-hls-10.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 27 Nov 2023 23:02:06 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 27 Nov 2023 23:02:04 GMT
x-proxy-cache: HIT
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 1
server: cloudflare
cf-ray: 82cdff2fca0556b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (51)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN