Overview

URL ianime-fr.com/magical-sempai-episode-1-vostfr/
IP104.21.64.133
ASNCLOUDFLARENET
Location
Report completed2022-09-24 14:29:29 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-24 2 pseepsie.com/custom Malware
2022-09-24 2 pseepsie.com/custom Malware
2022-09-24 2 pseepsie.com/custom Malware
2022-09-24 2 pseepsie.com/custom Malware
2022-09-24 2 pseepsie.com/pfe/current/defaultSkin.min.js Malware
2022-09-24 2 pseepsie.com/custom Malware
2022-09-24 2 pseepsie.com/custom Malware
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-24 2 fleraprt.com Sinkholed
2022-09-24 2 unphionetor.com Sinkholed
2022-09-24 2 unphionetor.com Sinkholed
2022-09-24 2 unphionetor.com Sinkholed


Files

URL r3.o.lencr.org/
IP  23.36.77.32
Magic gzip compressed data, max compression\012- data
Size 1024
MD5 4d9825a3dcda38ccbaf69f635a29e888
SHA1 f1ff725ac580f8c48d1f6e774e3def53a1f023e7
SHA256 2c7ef055d7b8837394d29fbd1d401afc148ece104d11f9530fd5a7b78060741a
Analyzer Analysed Verdict Comment
VirusTotal 0/0
URL my.rtmark.net/gid.js?userId=656fa0616a8f40b68af316cd3fc808e1
IP  139.45.195.8
Magic gzip compressed data, max compression\012- data
Size 586
MD5 5c9d19240fd067f82b3ae83615475c40
SHA1 8c150aca0090d5bf009134ac73007abc667df382
SHA256 cb2389f72ebdcb6ed057c5a872feb833033669507d85ed875d692c833a024f14
Analyzer Analysed Verdict Comment
VirusTotal 0/0
URL www2.animecomplet.net/wp-content/uploads/2019/07/Tejina-Senpai-img.jpg
IP  172.67.179.172
Magic gzip compressed data, max compression\012- data
Size 5250
MD5 48bd328320bddd41bc83f0a0f220a4c8
SHA1 7b62bc98cb10cdeefd416c36f1b052956c250e0a
SHA256 f2e0a5a241488bb805a931d92d4ba1401950cf96badfdf967ab452649cae6f91
Analyzer Analysed Verdict Comment
VirusTotal 0/0


Passive DNS (36)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS maxcdn.bootstrapcdn.com (1) 724 2014-06-18 00:37:31 UTC 2022-09-24 13:40:11 UTC 104.18.10.207
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-24 04:22:23 UTC 34.117.237.239
mnemonic passive DNS ianime-fr.com (2) 0 2021-07-28 14:09:49 UTC 2022-09-15 00:39:11 UTC 172.67.151.11 Unknown ranking
mnemonic passive DNS my.rtmark.net (3) 9054 2017-08-22 14:11:49 UTC 2022-09-24 08:04:49 UTC 139.45.195.8
mnemonic passive DNS fonts.gstatic.com (3) 0 2014-08-29 13:43:22 UTC 2022-09-24 04:21:47 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-24 05:36:42 UTC 34.217.237.91
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-24 10:11:12 UTC 142.250.74.174
mnemonic passive DNS offerimage.com (1) 304078 2019-06-10 11:11:53 UTC 2022-09-24 09:09:45 UTC 172.67.22.216
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-24 09:41:35 UTC 13.224.245.35
mnemonic passive DNS sendvid.com (7) 145811 2014-12-15 15:19:13 UTC 2022-09-24 14:03:59 UTC 46.166.142.86
mnemonic passive DNS interstitial-07.com (5) 36198 2017-03-09 00:00:07 UTC 2022-09-24 11:48:56 UTC 139.45.197.151
mnemonic passive DNS ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-09-24 04:23:20 UTC 142.250.74.3
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-24 04:26:56 UTC 34.160.144.191
mnemonic passive DNS ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2022-09-24 10:17:28 UTC 93.184.220.29
mnemonic passive DNS tovanillitechan.com (11) 0 2022-07-22 05:21:08 UTC 2022-09-24 08:07:47 UTC 139.45.197.239 Unknown ranking
mnemonic passive DNS fleraprt.com (1) 0 2022-01-14 22:55:14 UTC 2022-09-24 11:37:01 UTC 139.45.195.254 Unknown ranking
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-24 04:22:29 UTC 34.120.237.76
mnemonic passive DNS cdn.itskiddoan.club (2) 24539 2021-09-23 10:55:49 UTC 2022-09-24 09:09:43 UTC 139.45.197.236
mnemonic passive DNS unphionetor.com (3) 54035 2022-02-11 12:53:49 UTC 2022-09-24 08:38:46 UTC 139.45.197.236
mnemonic passive DNS r3.o.lencr.org (10) 344 2020-12-02 08:52:13 UTC 2022-09-24 04:21:50 UTC 23.36.77.32
mnemonic passive DNS cdn.embed.ly (1) 16539 2013-05-21 00:01:29 UTC 2022-09-24 12:41:43 UTC 104.16.89.50
mnemonic passive DNS tzegilo.com (1) 0 2022-01-14 15:27:15 UTC 2022-09-24 11:36:59 UTC 104.21.84.149 Unknown ranking
mnemonic passive DNS inklinkor.com (1) 0 2022-04-01 11:44:00 UTC 2022-09-24 07:21:03 UTC 104.21.91.63 Unknown ranking
mnemonic passive DNS s4.histats.com (2) 12782 2012-05-21 17:14:14 UTC 2022-09-24 09:48:35 UTC 192.99.0.58
mnemonic passive DNS ocsp.usertrust.com (1) 899 2012-05-21 15:43:18 UTC 2022-09-24 04:21:46 UTC 104.18.32.68
mnemonic passive DNS ocsp.sectigo.com (4) 487 2018-12-17 11:31:55 UTC 2022-09-24 08:08:14 UTC 104.18.32.68
mnemonic passive DNS bedrapiona.com (2) 34930 2020-05-08 13:43:48 UTC 2022-09-24 10:27:59 UTC 139.45.197.234
mnemonic passive DNS videos2-h.sendvid.com (1) 383352 2021-01-14 08:17:14 UTC 2022-09-20 11:17:05 UTC 64.210.135.148
mnemonic passive DNS dozubatan.com (5) 33479 2021-05-18 14:02:27 UTC 2022-09-24 12:53:39 UTC 139.45.197.237
mnemonic passive DNS onmarshtompor.com (1) 24517 2020-10-19 12:36:32 UTC 2022-09-24 07:46:07 UTC 139.45.197.243
mnemonic passive DNS e1.o.lencr.org (2) 6159 2021-08-20 07:36:30 UTC 2022-09-24 06:20:21 UTC 23.36.76.226
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-24 07:25:21 UTC 142.250.74.10
mnemonic passive DNS thumbs2.sendvid.com (1) 359072 2017-11-11 20:39:28 UTC 2022-09-20 11:42:47 UTC 64.210.135.116
mnemonic passive DNS pseepsie.com (11) 132332 2021-03-12 04:11:08 UTC 2022-09-24 11:49:06 UTC 139.45.197.250
mnemonic passive DNS www2.animecomplet.net (1) 0 2019-06-19 20:14:35 UTC 2021-12-30 11:27:33 UTC 172.67.179.172 Unknown ranking
mnemonic passive DNS ianime-fr.com (2) 0 2021-07-28 14:09:49 UTC 2022-09-15 00:39:11 UTC 104.21.64.133 Unknown ranking


Recent reports on same IP/ASN/Domain/Screenshot

Last 2 reports on IP: 104.21.64.133

Date UQ / IDS / BL URL IP
2022-11-15 00:56:12 +0000
0 - 0 - 1 yngsgi.cn/ 104.21.64.133
2022-09-24 14:29:29 +0000
0 - 0 - 11 ianime-fr.com/magical-sempai-episode-1-vostfr/ 104.21.64.133

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-11-28 10:34:17 +0000
0 - 0 - 8 kw.andropampanga.com/9946-how-long-do-fruit-t (...) 104.21.27.169
2022-11-28 10:32:25 +0000
0 - 0 - 16 www.bokepfilm.com/ 172.67.221.11
2022-11-28 10:29:43 +0000
0 - 0 - 2 www.topoffersus.com/offer/sfs-11-sso?tid=2d92 (...) 172.67.70.199
2022-11-28 10:26:02 +0000
0 - 0 - 1 th72yk1.cn/ 172.67.175.253
2022-11-28 10:25:02 +0000
0 - 0 - 2 id9234342verify.com/login.php 104.21.58.222

Last 1 reports on domain: ianime-fr.com

Date UQ / IDS / BL URL IP
2022-09-24 14:29:29 +0000
0 - 0 - 11 ianime-fr.com/magical-sempai-episode-1-vostfr/ 104.21.64.133

No other reports with similar screenshot



JavaScript

Executed Scripts (38)


Executed Evals (1)

#1 JavaScript::Eval (size: 80, repeated: 1) - SHA256: fc80e0c945a0a6d37e83cef322a4b244c20e4978b6445623cde132e879552ba7

                                        (() => {
    const a = async
    function name() {};
    window['btg1422ijrp'] = true;
})()
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 51169, repeated: 1) - SHA256: f076b3b04b58a49095b9bbb3e21f3aab313e9e875a9f4dc2eae8f9420169bfe7

                                        < meta charset = "UTF-8" > < meta name = "viewport"
content = "width=device-width, initial-scale=1" > < html class = "desktop center iframe" > < html lang = "en" > < head > < meta charset = "UTF-8" > < meta name = "robots"
content = "noindex" > < meta name = "viewport"
content = "width=device-width, initial-scale=1.0" > < meta http - equiv = "X-UA-Compatible"
content = "ie=edge" > < /head><body><main class="sc"><div class="sc__wrp"><div class="sc__sw"><div class="sc__sw__close"></div > < div class = "sc__sw__icon" > < /div><div class="sc__sw__heading">ianime-fr.com wants to</div > < div class = "sc__sw__text sc__sw__text-desktop" > Show notifications < /div><div class="sc__sw__text sc__sw__text-mobile">ianime-fr.com wants to send you notifications.</div > < div class = "sc__sw__btn-c" > < button id = "B2"
class = "sc__sw__btn sc__sw__btn--allow" > Allow < /button><button id="B1" class="sc__sw__btn sc__sw__btn--block">Block</button > < /div></div > < /div></main > < style > html {
    line - height: 1.15; - webkit - text - size - adjust: 100 %
}
body {
    margin: 0
}
main {
    display: block
}
h1 {
    font - size: 2e m;
    margin: .67e m 0
}
hr {
    box - sizing: content - box;
    height: 0;
    overflow: visible
}
pre {
    font - family: monospace, monospace;
    font - size: 1e m
}
a {
    background - color: transparent
}
abbr[title] {
    border - bottom: none;
    text - decoration: underline;
    text - decoration: underline dotted
}
b, strong {
    font - weight: bolder
}
code, kbd, samp {
    font - family: monospace, monospace;
    font - size: 1e m
}
small {
    font - size: 80 %
}
sub, sup {
    font - size: 75 % ;
    line - height: 0;
    position: relative;
    vertical - align: baseline
}
sub {
    bottom: -.25e m
}
sup {
    top: -.5e m
}
img {
    border - style: none
}
button, input, optgroup, select, textarea {
    font - family: inherit;
    font - size: 100 % ;
    line - height: 1.15;
    margin: 0
}
button, input {
    overflow: visible
}
button, select {
    text - transform: none
}[type = button], [type = reset], [type = submit], button {
    -webkit - appearance: button
}[type = button]::-moz - focus - inner, [type = reset]::-moz - focus - inner, [type = submit]::-moz - focus - inner, button::-moz - focus - inner {
    border - style: none;
    padding: 0
}[type = button]: -moz - focusring, [type = reset]: -moz - focusring, [type = submit]: -moz - focusring, button: -moz - focusring {
    outline: 1 px dotted ButtonText
}
fieldset {
    padding: .35e m.75e m.625e m
}
legend {
    box - sizing: border - box;
    color: inherit;
    display: table;
    max - width: 100 % ;
    padding: 0;
    white - space: normal
}
progress {
    vertical - align: baseline
}
textarea {
    overflow: auto
}[type = checkbox], [type = radio] {
    box - sizing: border - box;
    padding: 0
}[type = number]::-webkit - inner - spin - button, [type = number]::-webkit - outer - spin - button {
    height: auto
}[type = search] {
    -webkit - appearance: textfield;
    outline - offset: -2 px
}[type = search]::-webkit - search - decoration {
    -webkit - appearance: none
}::-webkit - file - upload - button {
    -webkit - appearance: button;
    font: inherit
}
details {
    display: block
}
summary {
    display: list - item
}[hidden], template {
    display: none
}@
keyframes fadeIn {
    0 % {
        opacity: 0;transform: scale(.9)
    }
    to {
        opacity: 1;transform: scale(1)
    }
}.sc {
    -webkit - touch - callout: none; - webkit - user - select: none; - khtml - user - select: none; - moz - user - select: none; - ms - user - select: none;
    user - select: none;
    display: flex;
    justify - content: center;
    align - items: center
}.sc.rtl {
        direction: rtl
    }.sc__sw {
        width: 100 % ;max - width: 30 rem;font - family: Roboto,
        Segoe UI,
        Helvetica,
        sans - serif;background - color: # fff;border - radius: .3 rem;margin: 1 rem;padding: 1 rem 1.5 rem 4.5 rem;position: relative;box - shadow: 0.5 rem.5 rem rgba(0, 0, 0, .1);animation: fadeIn.4 s ease - in -out
    }.sc__sw__icon {
        height: 1.6 rem;width: 1.6 rem;float: left;background - size: contain;background - image: url("data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIyNCIgaGVpZ2h0PSIyNCI+PHBhdGggZD0iTTEyIDIyYzEuMSAwIDItLjkgMi0yaC00YTIgMiAwIDAgMCAyIDJ6bTYtNnYtNWMwLTMuMDctMS42NC01LjY0LTQuNS02LjMyVjRjMC0uODMtLjY3LTEuNS0xLjUtMS41cy0xLjUuNjctMS41IDEuNXYuNjhDNy42MyA1LjM2IDYgNy45MiA2IDExdjVsLTIgMnYxaDE2di0xbC0yLTJ6IiBmaWxsPSIjNDI4NWY2Ii8+PC9zdmc+")
    }.sc__sw__heading {
        display: none
    }.sc__sw__text {
        color: #666;margin-left:2.3rem;margin-top:.2rem}.sc__sw__text-desktop,.sc__sw__text-mobile{display:none}.sc__sw__btn-c{position:absolute;bottom:.2rem;right:.5rem;display:flex;flex-flow:row-reverse}.sc__sw__btn{border:none;padding:1rem;background-color:transparent;color:# 4283e f;font - weight: 400
    }.sc.sc--mobile {
        width: 100 % ;height: 100 %
    }.sc.sc--mobile__sw__text - mobile {
        display: block
    }.sc.sc--mobile.sc--android - browser, .sc.sc--mobile.sc--chrome, .sc.sc--mobile.sc--firefox {
        background - color: rgba(0, 0, 0, .3);
        position: absolute;
        top: 0;
        bottom: 0;
        left: 0;
        right: 0;
    }.sc.sc--mobile.sc--android - browser, .sc.sc--mobile.sc--chrome {
        width: 100 % ;height: 100 %
    }.sc.sc--mobile.sc--android - browser.sc__sw, .sc.sc--mobile.sc--chrome.sc__sw {
        position: absolute;margin: 0;left: 50 % ;top: 50 % ;width: 92 % ;max - width: 520 px;height: auto;padding - left: 3.8 rem;transform: translate(-50 % , -50 % )
    }.sc.sc--mobile.sc--android - browser.sc__sw__text - mobile, .sc.sc--mobile.sc--chrome.sc__sw__text - mobile {
        display: inline;color: #666;margin-left:0;margin-top:.2rem}.sc.sc--mobile.sc--android-browser .sc__sw__icon,.sc.sc--mobile.sc--chrome .sc__sw__icon{position:absolute;float:none;left:1.5rem;top:1rem}.sc.sc--mobile.sc--android-browser .sc__wrp,.sc.sc--mobile.sc--chrome .sc__wrp{position:relative;width:100%;height:100%;box-sizing:border-box}.sc.sc--mobile.sc--android-browser .sc__wrp *,.sc.sc--mobile.sc--chrome .sc__wrp *{box-sizing:border-box}.sc.sc--mobile.sc--firefox{background-color:rgba(0,0,0,.6);align-items:flex-start;margin-top:-16px}.sc.sc--mobile.sc--firefox .sc__sw{font-family:Fira Sans,Roboto,Segoe UI,Helvetica,sans-serif;background-color:# e6e6e6;font - weight: 400;padding - bottom: 4.5 rem;overflow: hidden;max - width: 66.6 % ;margin: 0 auto
    }.sc.sc--mobile.sc--firefox.sc__sw__icon {
        width: 2.5 rem;height: 2.5 rem;margin - top: .5 rem;background - repeat: no - repeat;background - position: 50 % ;background - image: url("data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIyNCIgaGVpZ2h0PSIyNCI+PHBhdGggZD0iTTMuMjU0IDIuMDk0Yy0xLjE0NyAwLTIuMDcuOTIyLTIuMDcgMi4wNjh2MTEuMzVjMCAxLjE0Ni45MjMgMi4wNjggMi4wNyAyLjA2OGg5LjUzbDMuNzYyIDMuNzYycy41ODguNTY0IDEuMjA3LjU2NGMuNjE4IDAgLjg2Mi0uMzQ2Ljg2Mi0uNTY0VjE3LjU4aDIuMTMxYzEuMTQ3IDAgMi4wNy0uOTIyIDIuMDctMi4wNjlWNC4xNjJhMi4wNjUgMi4wNjUgMCAwIDAtMi4wNy0yLjA2OHptOC43NzcgMi4wNDhBMS40MDggMS40MDggMCAwIDEgMTMuNDQgNS41NWExLjQwOCAxLjQwOCAwIDAgMS0xLjQwOCAxLjQwNyAxLjQwOCAxLjQwOCAwIDAgMS0xLjQwOC0xLjQwNyAxLjQwOCAxLjQwOCAwIDAgMSAxLjQwOC0xLjQwOHptLS4yMTYgNC4yNzhoLjQzMmMuNjYgMCAxLjE5Mi41MzIgMS4xOTIgMS4xOTJ2NC44NjVjMCAuNjYtLjUzMiAxLjE5Mi0xLjE5MiAxLjE5MmgtLjQzMmMtLjY2IDAtMS4xOTItLjUzMi0xLjE5Mi0xLjE5MlY5LjYxMmMwLS42Ni41MzItMS4xOTIgMS4xOTItMS4xOTJ6IiBmaWxsPSIjYTVhNWE1Ii8+PC9zdmc+")
    }.sc.sc--mobile.sc--firefox.sc__sw__text - mobile {
        font - weight: 300;
        display: block;
        margin - left: 3.5 rem;
        margin - top: .5 rem;
        margin - bottom: 1 rem
    }.sc.sc--mobile.sc--firefox.sc__sw__btn - c {
        bottom: 0;left: 0;right: 0
    }.sc.sc--mobile.sc--firefox.sc__sw__btn {
        width: 50 % ;color: #000;font-weight:400}.sc.sc--mobile.sc--firefox .sc__sw__btn--allow{background-color:# 008 bcc;color: # fff
    }.sc.sc--mobile.sc--firefox.sc__sw__btn--block {
        background - color: # d1d0d5
    }.sc.sc--mobile.sc--uc - browser {
        align - items: flex - end;
        height: 100 %
    }.sc.sc--mobile.sc--uc - browser.sc__wrp {
        position: absolute;left: 0;right: 0;top: auto;bottom: 0;width: auto;padding: 0 5 px 5 px
    }.sc.sc--mobile.sc--uc - browser.sc__sw {
        box - shadow: 0 0 4 px rgba(0, 0, 0, .2);
        border - radius: 1.5 rem;
        padding - right: 2.5 rem;
        width: auto;
        margin: auto
    }.sc.sc--mobile.sc--uc - browser.sc__sw: after, .sc.sc--mobile.sc--uc - browser.sc__sw: before {
        position: absolute;right: 1.5 rem;top: 1 rem;content: " ";height: .8 rem;width: 1 px;background - color: # aaa
    }.sc.sc--mobile.sc--uc - browser.sc__sw: before {
        transform: rotate(45 deg)
    }.sc.sc--mobile.sc--uc - browser.sc__sw: after {
        transform: rotate(-45 deg)
    }.sc.sc--mobile.sc--uc - browser.sc__sw__text - mobile {
        display: block;font - weight: 700;margin - bottom: .5 rem;margin - left: 3 rem;color: #444;margin-top:.25rem}.sc.sc--mobile.sc--uc-browser .sc__sw__btn-c{flex-flow:row}.sc.sc--mobile.sc--uc-browser .sc__sw__btn--allow{color:# fdb83f
    }.sc.sc--mobile.sc--uc - browser.sc__sw__btn--block {
        font - weight: 400;
        color: # aaa
    }.sc.sc--mobile.sc--uc - browser.sc__sw__icon {
        width: 2.5 rem;height: 2.5 rem;background - repeat: no - repeat;background - image: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADwAAABQCAIAAADKqIEEAAALgUlEQVRo3u1az49k11X+vnPuq/4xM5mZWHYUOfYgga1IKAtiZUVkTCw2WbJFQmIFSxQhIbDgH4jwigVZEH5vAkIgggAhISuIADFxHGPZMxM7djyezNie6Z81XVXvvXs+Fve9qurq6Z7udpkE1Fet1z1Tr+777nfPPec75zxKwv+1YT9qAGegf5zHGegz0GegTzoCWHYk+OhBG6Al407Lxpjzi3/ir/9jvX3bIL/8KJ/+NT3+DJf6DC43jOtfn+fLfxNNhGDR0Eh3PP3L+uyvLhH3Ms2jfec/+MrXI8Moc6FKYd5K+Lc/5+2XlsjNEkGHfeuPkDMJkEYAMMJgTRDf/EMqfhSgjz5P+W6++0PBQQEhCQopRLg7tt7F8C6wHNwnZ/ow3MMdSxEpwwULIGhiglVgxfCMZhuIpeCe9x4CGkACQymTBCzCCCIAAglHnKZ7N3x1ImYiEKBCAEgYaRmDGqNbiiu0JRjkPGgCRARASjBrqbDMGKeoU0vkc9QANLqUyOlX997Te/+kH7xgazVSICRJhARCRAiTFrl66y/IXVx+Cmuf+JCg97s8ARDE7k9kWmRYwMsnqDPqiafWrcb4+/jeV/MHb3regwOiYApRkoQI5EAEBYAymlHjPawAqw/HE79kT/4KcUo3eMBPq78qgAxCtEwvh5BoE0bMd7H1XVz967x1kwCZwQBASAABgd36I5AzcrFjRoTCHIJlPvQkfuZ3cenTS2F6em1AACYxK6Cgy20Pu9/fuf733L221m5YWwuyzq0cckIFKNi2ylnFzOVhYIQ58PjP47O/A6x/SKYFAQghAwQdYCg7atgob3739tW/Wx1+bz32VhgsjBLoZ+E89nnaJUSwbrobScgkI4yPXMHnfx+4dHxjWQAdxSoENUiAkTDAkIlmdPvFzdf+8ny6sdYMmTNVTm6HbX6rDpDdrYiR2WY1rbr1mSxZ5Vxdw8/9KapHjgl6vwNSYTqHGGSQAoggEFtv169/7WG8vd5MUmvszFZHYZ0xQ5Ck4K5BUuWEEAJEZWXUu/f0778OtCcHLUBEMKLKqkJWlmDtOG59c/zfz6/HG6aGOUfntgnw+IpC3a6S1QCDiiwEBaNJUmzfaF79cj4N0wBoQRdJApBFi/ru+MY3NLzlEcjF1jUFvW/JD3waKRAkUgVPnTUqA5nB6tpf+a1/OI7oXABd9hGGMMkjku5h/HY9GlUMhIAMTeGdyssSAERiUHXRsbjX3NYY4JXf0zFmtYMzAoLEiIEmxHa981au73iXNgnU8Qz50KHCuBGDAQl1mxRJhtEdu/PtB85+HyWgEoaVoR1M3t/ZuL4Sdy0aKaQO9+x6KrIFioQ7zLtJJFANVvHqlyPH0dto83N1XlowydXC6uHdN3TnzbW8K1PRaKJkIS4hX5VRaSZ+aDIkbFzV1stHf3Ef02IUz0AYk8HavZvXV+odZ6tCLaWO4MCHxy3QHWad6BFMyC3tg385AehCtwE0UgRG2Li5YnWY+u0yyRBGEcc5Mg8cJYkEwOJBIyJ0+z+P/tK+bJzFHxkgITImt1a5y85+BbhknmlTy6ZOK9R6hgC4o21R7FIyM2zcODHTBMgAW9SbxJhFsbFju+NYi376dEMAOsc3JSKhmUDNCUD3bgGIhLaJPHVwUymn2T1LGWRv1iraVmyxfXu6qKNBa+4PQVQUfTAf/rR42xJAF3HSL6ColPp94NCgfj+mu5ERtSWyCNBpNnO0ej7FEIpm6B/OgOArRzC9UBYLoZdvBHLbiU92jGjptcQe9pR0AE7BB0dUCuY/YEhdim8AqWg5y/j7lSzh+M09slzniYZCROQjNnNRMPXHjgCVA3CBxWPMMr8PE8MXOZ5dO1+t4nl1BDf7QBuTsQIdANDQxpZIOOSQ9Ywsp+Cyn+/+zKj/h+L4TGO6YyVW0wrHBtgsBM4O5XKG9s9nAGjHZXphKrK334+4q7uATsBJmcacrHZFdEb2UY7+fExt+jRMl4iYwa62tfyuyQJJ07RC6FTDSZOAfgRJLjNeHzr2eQ/AHpTOHWEegpmSzftQLTcWzj+P0yCG6P7r0PzlMPMQaGoU0UASe/En9pFgmXauWcyFBEMG1roizP3GvjCegVA4whQA23t7TYwGgguisa8TlWBOLC009sW0rjIRgvlgFiePYLoPTkWNCu24He6KEWylTEWXInS5zdJo7rROEaWgUfIKozcQh4Ywm/suDHC4wRA57l5v29318+dpIU1Ck+AEVgdalXLCchVIL30JhJ9vXv9jcHIsm6bggkdgsnnvg1dzvekRZhQlZjALGYxShzs9voVRgneX2kLGJFW3Xsa1rxzm+/bX8soXY5x3XhvuXuN4S8ORB9yS0dCX+05YxFtA+IDPSvbSplVc/Rpyvu8yFzKXAFrk94cbL1l7c6Cx2kZZhBOOaR47K0RNoxlP9dPPQuuPXZkzHAZM+O7fakGXLIImQSKadvN6vXN1xXZgrTJVJ7WOnJQNmRKnBfQuOTIj7/vD/trdOP8npsKGZDK4TYUOBZky1/TKH3B8e6FUf4DpyJi8N7z9LY3eTxQdZi5fD78gv0BbJ1fENGsGAXCXJXiCO0rlxUxzV5jBXG4wF0100EQnnebdBltiSuLUgwkIC+XxFq4+rwNnYaGPOMpb32h3XktqTZUl+MUVqy5FWiNB1Iq6qYe8t50jC0wXHmM6RyvlWkISwZBoAEnrNrAPRSxiZkpbtMxDjrcRtdxgnLaUIAlhNPzgBT7xDs4/Pt9x2N9H5Hux8Z21essTosnwAS9doF92rAoWCFiYPlAeMsu9svOPYeU8cgsY6GCXVU8ruP2DNFeBYL/bGTA0I9VX0Y4FwhOiQXT1CUoBa+TprT/DZ57jnCDZn9iO9jjaqyyMUG7RBoZAcoRTcmRgF/VmSEgEGmxcw/pDSKvdwWLJOPoMWHlGx/zJmZ6fXGt4i+12lHs8MSS1QFdEpcEtcfPbsXeP67MO2D7zUAxSw4xgDjPlaFVv5lHOeV2U+YQYCnv0MBJkbjZsZwusVARl7wdL9jBfGsBc92C60REZalVaRuzqnmDX5VC3K0S9Zc270E/2eeAC09W57JdGk7Q2qOVmCaG9SKOwCsZsomc0YQHASdAICWo6r6f+zJTfmhcomqaqpfEy530AGSQhd+30/ghAbJtx5Z/C6idBuy/ToH1s78Lj9+7c8mZzZWVEZBgVUmrNjaSCWRaUi6SrbUqzx/Yd7gOutXcKLJVAkGZMzmL/XbsxWPK7UiITwIg8SlzLP/0lX/nYPpxzfUQJ4/Hov7D1DnfeysOb1uxWCrQWDWnJBiHfU7PbtFg5d9HTp3Tz1VxPLELITJQREmOfTTAg6+VxIECjcUBcfhjVWrQTUwMfgCtABRnMEBMQWLmMj38On/gC1h+Zs6lF0FAINqEUmuTRdohuTgwQJM2cSDU0RjsCDRjiha/i5isA0GS1gZDYJdOdnC+9lWIqBiSXmZHxyc/407+B6uPII+QJvIKvwSswAQQyIqs8Gn4wj1kwDwIrAMxW7dzF2fmZNeoJEFW/5U9+UTdep6AshcorNchd9UzldghS6cSxgiWnuz/xi1h7FEhI8/s+TVUqWHB6bg+oj/vVPTgvD6yXFgdLPsRPfJFXnopJLVkfqI3o+gR9sDbSDeZwa8k28OhTuPIMUB2Y0OY0iR0h24/xnkt5NOdn7JdvwDPPmae2bQgDnPROj5A2o8pgCfQaDjP8wm/D7UjB94B64Qlfzjn4oMHFePZLFZIil+jd9dfLQGmVkW5IUVUZX/gtpIuzZZ9qnOBlwulLDwcXwtEW/vk5vf2SGkQgSiykjHSIKaESfupZPPub+434owd9dDUiQ37zO3jz6/UbL6a7PywNR1rKDz3GK5+zJz+PR38WvpzXAJf82ub/zjh7f/oM9BnoH4NxBvoM9P830P8DWBywwp+xTnsAAAAASUVORK5CYII=")
    }.sc.sc--mobile.sc--samsung - internet -
    for -android {
        height: 100 % ;align - items: flex - end
    }.sc.sc--mobile.sc--samsung - internet -
    for -android.sc__wrp {
        position: absolute;left: 0;right: 0;top: auto;bottom: 0;width: auto;padding: 0 5 px
    }.sc.sc--mobile.sc--samsung - internet -
    for -android.sc__sw {
        width: auto;margin: 1 rem auto;box - shadow: 0 0 3 px rgba(0, 0, 0, .4);border - radius: 2 rem;padding - bottom: 4.5 rem;padding - top: 1.333 rem
    }.sc.sc--mobile.sc--samsung - internet -
    for -android.sc__sw: after, .sc.sc--mobile.sc--samsung - internet -
    for -android.sc__sw: before {
        position: absolute;right: 1.75 rem;top: 1.333 rem;content: " ";height: 1 rem;width: 1 px;background - color: #777}.sc.sc--mobile.sc--samsung-internet-for-android .sc__sw:before{transform:rotate(45deg)}.sc.sc--mobile.sc--samsung-internet-for-android .sc__sw:after{transform:rotate(-45deg)}.sc.sc--mobile.sc--samsung-internet-for-android .sc__sw__text-mobile{display:block;font-weight:700;color:# 444;margin - left: 3 rem;margin - right: 1.5 rem
    }.sc.sc--mobile.sc--samsung - internet -
    for -android.sc__sw__btn - c {
        flex - flow: row;
        display: flex;
        left: .5 rem
    }.sc.sc--mobile.sc--samsung - internet -
    for -android.sc__sw__btn {
        flex: 1;padding: .25 rem;margin - bottom: 1 rem;color: #4285f6}.sc.sc--mobile.sc--samsung-internet-for-android .sc__sw__btn--allow{border-right:1px solid # ddd
    }.sc.sc--mobile.sc--samsung - internet -
    for -android.sc__sw__icon {
        width: 2 rem;position: relative;top: .33 rem;height: 2 rem;background - repeat: no - repeat
    }.sc.sc--mobile.sc--yandex - browser {
        align - items: flex - end
    }.sc.sc--mobile.sc--yandex - browser.sc__wrp {
        position: absolute;left: 0;right: 0;top: auto;bottom: 0;width: auto;padding: 0 5 px
    }.sc.sc--mobile.sc--yandex - browser.sc__sw {
        width: auto;border: 1 px solid # ededed;border - radius: 1 rem;margin: .5 rem;box - shadow: 0 0 10 px 10 px # f0f0f0,
        0 50 px 20 px 40 px # f0f0f0
    }.sc.sc--mobile.sc--yandex - browser.sc__sw__text - mobile {
        display: block;margin - left: 0;margin - right: 1 rem
    }.sc.sc--mobile.sc--yandex - browser.sc__sw__icon {
        position: absolute;right: .5 rem;top: .5 rem;background - image: url("data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSI2NCIgaGVpZ2h0PSI2NCIgdmlld0JveD0iMCAwIDE2LjkzMyAxNi45MzMiPjxnIHRyYW5zZm9ybT0idHJhbnNsYXRlKDAgLTI4MC4wNjcpIj48Y2lyY2xlIGN4PSI4LjQ2NyIgY3k9IjI4OC41MzMiIHI9IjcuNTYiIGZpbGw9IiNkOWQ5ZDkiLz48cGF0aCBkPSJNNS42MzggMjg1LjQzM2EuMjYzLjI2MyAwIDAgMC0uMTk1LjA3Ny4yNzkuMjc5IDAgMCAwIC4wMTEuMzk0bDIuNjMgMi42My0yLjYzIDIuNjI4YS4yNzkuMjc5IDAgMCAwLS4wMTEuMzk1LjI3OS4yNzkgMCAwIDAgLjM5NS0uMDExbDIuNjI5LTIuNjMgMi42MjkgMi42M2EuMjc5LjI3OSAwIDAgMCAuMzk0LjAxLjI3OS4yNzkgMCAwIDAtLjAxLS4zOTRsLTIuNjMtMi42MjkgMi42My0yLjYyOWEuMjc5LjI3OSAwIDAgMCAuMDEtLjM5NC4yNzkuMjc5IDAgMCAwLS4zOTQuMDFsLTIuNjMgMi42My0yLjYyOC0yLjYzYS4yOTQuMjk0IDAgMCAwLS4yLS4wODd6IiBmaWxsPSIjZmZmIi8+PC9nPjwvc3ZnPg==")
    }.sc.sc--mobile.sc--yandex - browser.sc__sw__btn - c {
        bottom: 0;right: 0;left: 0;display: flex;border - top: 1 px solid # cbcbcb
    }.sc.sc--mobile.sc--yandex - browser.sc__sw__btn {
        flex: 1;color: #2488e0;font-weight:400}.sc.sc--mobile.sc--yandex-browser .sc__sw__btn--allow{color:# 2488e0;font - weight: 600;border - left: 1 px solid # cbcbcb
    }.sc.sc--mobile.sc--yandex - browser.sc__sw__btn--block {
        color: #2488e0}.sc.sc--desktop{margin-left:21px;margin-top:-3px;width:326px;height:136px;display:flex;justify-content:center;align-items:center}.sc.sc--desktop.rtl{margin-left:0;margin-right:106px}.sc.sc--desktop .sc__sw{box-sizing:border-box;width:320px;height:130px;border-radius:2px;box-shadow:0 -1px 3px rgba(0,0,0,.3),0 2px 3px 1px rgba(0,0,0,.3);padding:16px;margin:0;font-family:Segoe UI,Helvetica,sans-serif}.sc.sc--desktop .sc__sw__close{position:absolute;display:block;height:24px;width:24px;right:5px;top:5px;border-radius:100%;background-color:transparent;transition:background-color .5s}.sc.sc--desktop .sc__sw__close:hover{background-color:rgba(0,0,0,.08)}.sc.sc--desktop .sc__sw__close:after,.sc.sc--desktop .sc__sw__close:before{content:" ";position:absolute;height:13px;width:2px;left:11px;top:5px;background-color:# 666;pointer - events: none
    }.sc.sc--desktop.sc__sw__close: before {
        transform: rotate(45 deg)
    }.sc.sc--desktop.sc__sw__close: after {
        transform: rotate(-45 deg)
    }.sc.sc--desktop.sc__sw__heading {
        display: block;position: absolute;top: 19 px;left: 16 px;right: 30 px;font - size: 15 px;white - space: nowrap;text - overflow: ellipsis;overflow: hidden
    }.sc.sc--desktop.sc__sw__icon {
        background - image: url("data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIyNCIgaGVpZ2h0PSIyNCI+PHBhdGggZD0iTTEyIDIyYzEuMSAwIDItLjkgMi0yaC00YTIgMiAwIDAgMCAyIDJ6bTYtNnYtNWMwLTMuMDctMS42NC01LjY0LTQuNS02LjMyVjRjMC0uODMtLjY3LTEuNS0xLjUtMS41cy0xLjUuNjctMS41IDEuNXYuNjhDNy42MyA1LjM2IDYgNy45MiA2IDExdjVsLTIgMnYxaDE2di0xbC0yLTJ6IiBmaWxsPSIjNWY2MzY4Ii8+PC9zdmc+");
        height: 18 px;
        width: 18 px;
        position: absolute;
        top: 47 px;
        left: 16 px
    }.sc.sc--desktop.sc__sw__text {
        font - size: 12 px;
        position: absolute;
        top: 49 px;
        left: 46 px;
        color: #000;margin:0}.sc.sc--desktop .sc__sw__text-desktop{display:block}.sc.sc--desktop .sc__sw__btn-c{bottom:16px;right:16px;flex-flow:row}.sc.sc--desktop .sc__sw__btn{font-size:12px;font-weight:400;border:1px solid # ddd;
        border - radius: 2 px;
        padding: 0 16 px;
        height: 32 px;
        margin - left: 8 px;
        min - width: 64 px;
        font - weight: 500
    }.sc.sc--desktop.sc__sw__btn: hover {
        background - color: # fafafa
    }.sc.sc--desktop.sc--firefox {
        width: 380 px;height: 120 px;margin - left: 0;margin - top: 0
    }.sc.sc--desktop.sc--firefox.rtl {
        margin - left: 0;
        margin - right: 0
    }.sc.sc--desktop.sc--firefox.rtl.sc__sw: after, .sc.sc--desktop.sc--firefox.rtl.sc__sw: before {
        left: auto;right: 7 px
    }.sc.sc--desktop.sc--firefox.rtl.sc__sw: before {
        right: 6 px
    }.sc.sc--desktop.sc--firefox.rtl.sc__sw__btn--block: after {
        left: 0;right: auto
    }.sc.sc--desktop.sc--firefox.sc__sw {
        width: 360 px;height: 102 px;border: 1 px solid # d0d1d1;box - shadow: 0 0 1 rem # d0d1d1;padding: 12 px 10 px;position: relative
    }.sc.sc--desktop.sc--firefox.sc__sw: after, .sc.sc--desktop.sc--firefox.sc__sw: before {
        display: none;background - color: transparent;position: absolute;left: 7 px;top: -8 px;transform: none;content: " ";display: block;width: 0;height: 0;border - color: transparent transparent # fff;border - style: solid;border - width: 0 8 px 8 px
    }.sc.sc--desktop.sc--firefox.sc__sw: before {
        top: -9 px;left: 6 px;border - width: 0 9 px 9 px;border - color: transparent transparent # d0d1d1
    }.sc.sc--desktop.sc--firefox.sc__sw * {
        position: unset
    }.sc.sc--desktop.sc--firefox.sc__sw__close {
        display: none
    }.sc.sc--desktop.sc--firefox.sc__sw__heading {
        font - family: Segoe UI, Helvetica, sans - serif;
        font - size: 12 px;
        white - space: wrap;
        margin - bottom: .5e m;
        overflow: visible;
        margin - left: 48 px
    }.sc.sc--desktop.sc--firefox.sc__sw__text {
        overflow: visible;margin - left: 48 px;line - height: .95
    }.sc.sc--desktop.sc--firefox.sc__sw__icon {
        background - image: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAeCAYAAABNChwpAAABj0lEQVRIie2Wv4oyMRTFf7pWsdQyBCzUVwgznXkFwc6xthNLERbU0gew1E7wFbQbmHewG9IJgoW22WJB0PUP6IzKx3e6ZO7NOUluztyMc84BRFHEcrkkjmPShFIKYwxaawAyzjk3m80IwzBV4nP4vk+z2SQXRdHLyQHCMKRSqfBVKpW+d7vdywUAbLdbcud33u/3kVKmQmitZTAYHMdxHJM9D0qL/NrafwS8Gm8XkLsXMBqNHvYGpRS9Xu9mzOefwL0dPIvPP4H/NfDP18DnCbDWpkZ2ae3McDh0SXRBvu9Tr9cRQgCwXq+ZTqdsNpurOUopssaYp8nht8FYLBbH8T1yAGMMWa01nuclJmK1WgHcJfc8D6317zMMgoBqtZpIUzqfzykUCle/X2xKnyG01jIejzkcDse5fD7Pfr8/iZtMJhfzn36GUkra7fbJ3Dn5LSTiA+VymUaj8VBuYkZUq9UeKuZEnTAIApRS7xMA0Ol0jmb0FgFCCLrd7omIW4JS+RlJKWm1WhSLRYQQNwv0BySZkZGaX+NiAAAAAElFTkSuQmCC");
        width: 32 px;
        margin - right: 16 px;
        height: 30 px
    }.sc.sc--desktop.sc--firefox.sc__sw__btn - c {
        position: absolute;left: 0;right: 0;bottom: 0
    }.sc.sc--desktop.sc--firefox.sc__sw__btn {
        margin: 0;border: none;display: flex;flex: 1;text - align: center;justify - content: center;align - items: center;height: 39 px;color: #000;border-radius:0;box-shadow:inset 0 0 1px 1px rgba(0,0,0,.1);background-color:# ededed;position: relative
    }.sc.sc--desktop.sc--firefox.sc__sw__btn--allow {
        background - color: #0060df;color:# fff
    }.sc.sc--desktop.sc--firefox.sc__sw__btn--allow: hover {
        background - color: #003eaa}.sc.sc--desktop.sc--firefox .sc__sw__btn--block{padding-right:55px}.sc.sc--desktop.sc--firefox .sc__sw__btn--block:before{display:block;content:"";position:absolute;left:0;top:0;bottom:0;right:0;z-index:1}.sc.sc--desktop.sc--firefox .sc__sw__btn--block:hover:before{background-color:rgba(0,0,0,.045)}.sc.sc--desktop.sc--firefox .sc__sw__btn--block:after{content:"";display:block;position:absolute;right:0;background-image:url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAA4AAAAHCAYAAAA4R3wZAAAAhUlEQVQYlXXQyw2EMAyE4Z9tAMpwSkn6BUoJt3QwUioYDitWLA8fPf4s2YMkl1LovbMsC+M48lS9d0opTNPEPM98jqDWyrHgDdVasf1tSnJrzRFhwCklt9YsyUeWUjLgiPhlnAeu+A39wSf8hiR5kOTrPTlntm0DICJY1/X2tBs8Y+ARAezFmqaAOZvAjAAAAABJRU5ErkJggg= = ");background-repeat:no-repeat;background-position:12px 11px;border-left:1px solid #cecece;height:26px;width:39px}.sc.sc--desktop.sc--firefox.sc--macos .sc__sw{border-radius:4px}.sc.sc--desktop.sc--firefox.sc--macos .sc__sw__btn-c{overflow:hidden;border-radius:0 0 4px 4px}.sc.sc--desktop.sc--firefox.sc--macos .sc__sw__btn{box-shadow:none}.sc.sc--desktop.sc--firefox.sc--macos .sc__sw__btn--allow{background-color:#0896f8;border-top:1px solid #0c84d8}.sc.sc--desktop.sc--firefox.sc--macos .sc__sw__btn--allow:hover{background-color:#0c84d8}.sc.sc--desktop.sc--firefox.sc--macos .sc__sw__btn--block{border-top:1px solid #ccc}.sc.sc--desktop.sc--yandex-browser{width:460px;height:180px;overflow:hidden;align-items:flex-start;position:absolute;right:17px;margin:0}.sc.sc--desktop.sc--yandex-browser *{position:unset}.sc.sc--desktop.sc--yandex-browser.rtl{right:auto;left:17px}.sc.sc--desktop.sc--yandex-browser.rtl .sc__sw__btn-c:before{left:auto;right:0}.sc.sc--desktop.sc--yandex-browser .sc__sw{width:435px;height:150px;border-radius:3px;border:1px solid #d1d1d1;box-shadow:0 10px 20px rgba(0,0,0,.1);margin-top:13px;overflow:visible;padding:20px 25px;position:relative}.sc.sc--desktop.sc--yandex-browser .sc__sw:after,.sc.sc--desktop.sc--yandex-browser .sc__sw:before{width:1px;background-color:#d1d1d1}.sc.sc--desktop.sc--yandex-browser .sc__sw__close{content:"
        ";display:block;width:16px;height:16px;background-image:url("
        data: image / png;
        base64, iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8 / 9 hAAABj0lEQVQ4ja2TzYrqQBCFv5b8qdABI26MUSGLvIRrn1XwNeYRBNGsTMgiYCDZxG4XfRcSb2bUCwP3LLvrVJ06VSWMMYYe2rbler3SNA1aawAcx0FKSRAEDIfDfjiiS2CMIc9zqqpiNpvh + z6u6wKglKKua8qyZDKZEIYhQoi / CYwxpGkKQBRFT + JPKKW4XC4AxHGMEIIBQJ7nz8dPZADXdYnjmD7HatuWqqpIkuQpC + B0OnE4HBBCkCQJSZI8JAtBFEUcj0em0ylkWWaKojB9FEVhdrud0VobrbXZ7 / cmy7KXmCzLzKBpGnzf / yZVSsl2u8W2bWzbRkr5nEgH3 / dpmgZLa / 3 S93g8ppvM19cXnuexXq9f / NBaP0z8hPP5zP1 + Z7PZfPOnD8txHJRSjEajl8 / lcslqtXpLVErhOA4DKSV1XX9U0O3HT9R1jZSSQRAElGWJUupVnmVhWdbb6mVZEgTBYxOzLON2uz2361 / ottbzPBaLxcPE + XwOQJqmb5X0K3cthWEI / K9j6lf57Tn / Aa0MA10JheTaAAAAAElFTkSuQmCC ");background-size:contain;background-repeat:no-repeat;background-color:red;position:absolute;left:25px;bottom:25px;top:auto}.sc.sc--desktop.sc--yandex-browser .sc__sw__close:after,.sc.sc--desktop.sc--yandex-browser .sc__sw__close:before{display:none}.sc.sc--desktop.sc--yandex-browser .sc__sw__icon{background-image:url("
        data: image / png;
        base64, iVBORw0KGgoAAAANSUhEUgAAABwAAAAaCAYAAACkVDyJAAABP0lEQVRIie3VMW6DMBTG8T8oYyaba4SNOdnJARhYmMlx8BoWJDhAjpGJXAMzsb8Olau0TVKUGKlDvvHpwU / Y5jkQEbHWUtc1fd8zjiM + o5QijmOKokBrTTAMg5RlyTRNXqGfWa / XGGNYHY9HpmkiSRLKsiSKIq / QMAxUVcX5fKaua8LL5QKwCAYQRRGHwwGAvu8J3Z4tgV2jAOM4Ei6m3MkbfINv8B + ASingc + YtFfdupRThZrMBwBiDtdY7Zq2lqioA4jh + 7 XrK85wsy77V9vv9zV53PYVaa4wxbLdb3PLOTdM0dF33sEcpxW63wxiD1hrkybRtK2maSpqm0rbtV93V7uXpU5plGXmez / 5 Sl9WzoEMd2DTNrGcCEZFXUICu636Bp9PpZq + XH / 96e f + Kt0kzF / U62uagLx2ae + ijfAAz9t9V2rINEgAAAABJRU5ErkJggg == ");width:28px;height:26px}.sc.sc--desktop.sc--yandex-browser .sc__sw__icon:after,.sc.sc--desktop.sc--yandex-browser .sc__sw__icon:before{display:none;background-color:transparent;position:absolute;left:295px;top:-12px;transform:none;content:"
        ";display:block;width:0;height:0;border-color:transparent transparent #fff;border-style:solid;border-width:0 12px 12px}.sc.sc--desktop.sc--yandex-browser .sc__sw__icon:before{top:-13px;left:294px;z-index:-1;border-width:0 13px 13px;border-color:transparent transparent #d0d1d1}.sc.sc--desktop.sc--yandex-browser .sc__sw__heading,.sc.sc--desktop.sc--yandex-browser .sc__sw__text{margin-left:45px}.sc.sc--desktop.sc--yandex-browser .sc__sw__heading{font-weight:700;font-size:16px;margin-top:-3px;width:330px;white-space:normal;margin-bottom:8px;direction:auto}.sc.sc--desktop.sc--yandex-browser .sc__sw__text{font-size:13px;line-height:1.333}.sc.sc--desktop.sc--yandex-browser .sc__sw__btn-c{position:absolute;right:25px;bottom:20px;justify-content:flex-end}.sc.sc--desktop.sc--yandex-browser .sc__sw__btn{color:#000;font-weight:400;border:none;background-color:#e6e6e6}.sc.sc--desktop.sc--yandex-browser .sc__sw__btn:hover{background-color:#ccc}.sc.sc--desktop.sc--macos .sc__sw{border-top:0;border-right:1px solid #ccc;border-bottom:1px solid #c1c1c1;border-left:1px solid #ccc;box-shadow:0 0 15px 0 #c6c6c6;border-radius:4px}.sc.sc--desktop.sc--macos .sc__sw__text-desktop{top:50px}.sc.sc--desktop.sc--macos .sc__sw__close{transform:scale(.9)}.sc.sc--desktop.sc--macos .sc__sw__btn{border-color:#eee;border-radius:3px}.sc.sc--desktop.sc--macos .sc__sw__btn-c{display:flex;flex-flow:row-reverse}.sc.sc--tablet .sc__sw__text-mobile{display:block}</style><script>parcelRequire=function(e,r,t,n){var i,o="
        function "==typeof parcelRequire&&parcelRequire,u="
        function "==typeof require&&require;function f(t,n){if(!r[t]){if(!e[t]){var i="
        function "==typeof parcelRequire&&parcelRequire;if(!n&&i)return i(t,!0);if(o)return o(t,!0);if(u&&"
        string "==typeof t)return u(t);var c=new Error("
        Cannot find module ");throw c.code="
        MODULE_NOT_FOUND ",c}p.resolve=function(r){return e[t][1][r]||r},p.cache={};var l=r[t]=new f.Module(t);e[t][0].call(l.exports,p,l,l.exports,this)}return r[t].exports;function p(e){return f(p.resolve(e))}}f.isParcelRequire=!0,f.Module=function(e){this.id=e,this.bundle=f,this.exports={}},f.modules=e,f.cache=r,f.parent=o,f.register=function(r,t){e[r]=[function(e,r){r.exports=t},{}]};for(var c=0;c<t.length;c++)try{f(t[c])}catch(e){i||(i=e)}if(t.length){var l=f(t[t.length-1]);"
        object "==typeof exports&&"
        undefined "!=typeof module?module.exports=l:"
        function "==typeof define&&define.amd?define(function(){return l}):n&&(this[n]=l)}if(parcelRequire=f,i)throw i;return f}({"
        9 KIJ ":[function(require,module,exports) {},{}],"
        JSid ":[function(require,module,exports) {var define;var e;!function(t,r){"
        object "==typeof exports&&"
        object "==typeof module?module.exports=r():"
        function "==typeof e&&e.amd?e([],r):"
        object "==typeof exports?exports.bowser=r():t.bowser=r()}(this,function(){return function(e){var t={};function r(n){if(t[n])return t[n].exports;var i=t[n]={i:n,l:!1,exports:{}};return e[n].call(i.exports,i,i.exports,r),i.l=!0,i.exports}return r.m=e,r.c=t,r.d=function(e,t,n){r.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:n})},r.r=function(e){"
        undefined "!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"
        Module "}),Object.defineProperty(e,"
        __esModule ",{value:!0})},r.t=function(e,t){if(1&t&&(e=r(e)),8&t)return e;if(4&t&&"
        object "==typeof e&&e&&e.__esModule)return e;var n=Object.create(null);if(r.r(n),Object.defineProperty(n,"
        default ",{enumerable:!0,value:e}),2&t&&"
        string "!=typeof e)for(var i in e)r.d(n,i,function(t){return e[t]}.bind(null,i));return n},r.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return r.d(t,"
        a ",t),t},r.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},r.p="
        ",r(r.s=86)}({17:function(e,t,r){var n,i,s;i=[t,r(89)],void 0===(s="
        function "==typeof(n=function(r,n){"
        use strict ";function i(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"
        value "in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}Object.defineProperty(r,"
        __esModule ",{value:!0}),r.default=void 0;var s=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("
        Cannot call a class as a
        function ")}(this,e)}return t=e,r=[{key:"
        getFirstMatch ",value:function(e,t){var r=t.match(e);return r&&r.length>0&&r[1]||"
        "}},{key:"
        getSecondMatch ",value:function(e,t){var r=t.match(e);return r&&r.length>1&&r[2]||"
        "}},{key:"
        matchAndReturnConst ",value:function(e,t,r){if(e.test(t))return r}},{key:"
        getWindowsVersionName ",value:function(e){switch(e){case"
        NT ":return"
        NT ";case"
        XP ":return"
        XP ";case"
        NT 5.0 ":return"
        2000 ";case"
        NT 5.1 ":return"
        XP ";case"
        NT 5.2 ":return"
        2003 ";case"
        NT 6.0 ":return"
        Vista ";case"
        NT 6.1 ":return"
        7 ";case"
        NT 6.2 ":return"
        8 ";case"
        NT 6.3 ":return"
        8.1 ";case"
        NT 10.0 ":return"
        10 ";default:return}}},{key:"
        getAndroidVersionName ",value:function(e){var t=e.split(".
        ").splice(0,2).map(function(e){return parseInt(e,10)||0});if(t.push(0),!(1===t[0]&&t[1]<5))return 1===t[0]&&t[1]<6?"
        Cupcake ":1===t[0]&&t[1]>=6?"
        Donut ":2===t[0]&&t[1]<2?"
        Eclair ":2===t[0]&&2===t[1]?"
        Froyo ":2===t[0]&&t[1]>2?"
        Gingerbread ":3===t[0]?"
        Honeycomb ":4===t[0]&&t[1]<1?"
        Ice Cream Sandwich ":4===t[0]&&t[1]<4?"
        Jelly Bean ":4===t[0]&&t[1]>=4?"
        KitKat ":5===t[0]?"
        Lollipop ":6===t[0]?"
        Marshmallow ":7===t[0]?"
        Nougat ":8===t[0]?"
        Oreo ":void 0}},{key:"
        getVersionPrecision ",value:function(e){return e.split(".
        ").length}},{key:"
        compareVersions ",value:function(t,r){var n=arguments.length>2&&void 0!==arguments[2]&&arguments[2],i=e.getVersionPrecision(t),s=e.getVersionPrecision(r),a=Math.max(i,s),o=0,u=e.map([t,r],function(t){var r=a-e.getVersionPrecision(t),n=t+new Array(r+1).join(".0 ");return e.map(n.split(".
        "),function(e){return new Array(20-e.length).join("
        0 ")+e}).reverse()});for(n&&(o=a-Math.min(i,s)),a-=1;a>=o;){if(u[0][a]>u[1][a])return 1;if(u[0][a]===u[1][a]){if(a===o)return 0;a-=1}else if(u[0][a]<u[1][a])return-1}}},{key:"
        map ",value:function(e,t){var r,n=[];if(Array.prototype.map)return Array.prototype.map.call(e,t);for(r=0;r<e.length;r+=1)n.push(t(e[r]));return n}},{key:"
        getBrowserAlias ",value:function(e){return n.BROWSER_ALIASES_MAP[e]}}],null&&i(t.prototype,null),r&&i(t,r),e;var t,r}();r.default=s,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)},86:function(e,t,r){var n,i,s;i=[t,r(87)],void 0===(s="
        function "==typeof(n=function(r,n){"
        use strict ";function i(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"
        value "in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}var s;Object.defineProperty(r,"
        __esModule ",{value:!0}),r.default=void 0,n=(s=n)&&s.__esModule?s:{default:s};var a=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("
        Cannot call a class as a
        function ")}(this,e)}return t=e,r=[{key:"
        getParser ",value:function(e){var t=arguments.length>1&&void 0!==arguments[1]&&arguments[1];if("
        string "!=typeof e)throw new Error("
        UserAgent should be a string ");return new n.default(e,t)}},{key:"
        parse ",value:function(e){return new n.default(e).getResult()}}],null&&i(t.prototype,null),r&&i(t,r),e;var t,r}();r.default=a,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)},87:function(e,t,r){var n,i,s;i=[t,r(88),r(90),r(91),r(92),r(17)],void 0===(s="
        function "==typeof(n=function(r,n,i,s,a,o){"
        use strict ";function u(e){return e&&e.__esModule?e:{default:e}}function c(e){return(c="
        function "==typeof Symbol&&"
        symbol "==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"
        function "==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"
        symbol ":typeof e})(e)}function d(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"
        value "in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}Object.defineProperty(r,"
        __esModule ",{value:!0}),r.default=void 0,n=u(n),i=u(i),s=u(s),a=u(a),o=u(o);var f=function(){function e(t){var r=arguments.length>1&&void 0!==arguments[1]&&arguments[1];if(function(e,t){if(!(e instanceof t))throw new TypeError("
        Cannot call a class as a
        function ")}(this,e),null==t||"
        "===t)throw new Error("
        UserAgent parameter cant be empty ");this._ua=t,this.parsedResult={},!0!==r&&this.parse()}return t=e,(r=[{key:"
        getUA ",value:function(){return this._ua}},{key:"
        test ",value:function(e){return e.test(this._ua)}},{key:"
        parseBrowser ",value:function(){var e=this;this.parsedResult.browser={};var t=n.default.find(function(t){if("
        function "==typeof t.test)return t.test(e);if(t.test instanceof Array)return t.test.some(function(t){return e.test(t)});throw new Error("
        Browsers test
        function is not valid ")});return t&&(this.parsedResult.browser=t.describe(this.getUA())),this.parsedResult.browser}},{key:"
        getBrowser ",value:function(){return this.parsedResult.browser?this.parsedResult.browser:this.parseBrowser()}},{key:"
        getBrowserName ",value:function(e){return e?String(this.getBrowser().name).toLowerCase()||"
        ":this.getBrowser().name||"
        "}},{key:"
        getBrowserVersion ",value:function(){return this.getBrowser().version}},{key:"
        getOS ",value:function(){return this.parsedResult.os?this.parsedResult.os:this.parseOS()}},{key:"
        parseOS ",value:function(){var e=this;this.parsedResult.os={};var t=i.default.find(function(t){if("
        function "==typeof t.test)return t.test(e);if(t.test instanceof Array)return t.test.some(function(t){return e.test(t)});throw new Error("
        Browsers test
        function is not valid ")});return t&&(this.parsedResult.os=t.describe(this.getUA())),this.parsedResult.os}},{key:"
        getOSName ",value:function(e){var t=this.getOS().name;return e?String(t).toLowerCase()||"
        ":t||"
        "}},{key:"
        getOSVersion ",value:function(){return this.getOS().version}},{key:"
        getPlatform ",value:function(){return this.parsedResult.platform?this.parsedResult.platform:this.parsePlatform()}},{key:"
        getPlatformType ",value:function(){var e=arguments.length>0&&void 0!==arguments[0]&&arguments[0],t=this.getPlatform().type;return e?String(t).toLowerCase()||"
        ":t||"
        "}},{key:"
        parsePlatform ",value:function(){var e=this;this.parsedResult.platform={};var t=s.default.find(function(t){if("
        function "==typeof t.test)return t.test(e);if(t.test instanceof Array)return t.test.some(function(t){return e.test(t)});throw new Error("
        Browsers test
        function is not valid ")});return t&&(this.parsedResult.platform=t.describe(this.getUA())),this.parsedResult.platform}},{key:"
        getEngine ",value:function(){return this.parsedResult.engine?this.parsedResult.engine:this.parseEngine()}},{key:"
        getEngineName ",value:function(e){return e?String(this.getEngine().name).toLowerCase()||"
        ":this.getEngine().name||"
        "}},{key:"
        parseEngine ",value:function(){var e=this;this.parsedResult.engine={};var t=a.default.find(function(t){if("
        function "==typeof t.test)return t.test(e);if(t.test instanceof Array)return t.test.some(function(t){return e.test(t)});throw new Error("
        Browsers test
        function is not valid ")});return t&&(this.parsedResult.engine=t.describe(this.getUA())),this.parsedResult.engine}},{key:"
        parse ",value:function(){return this.parseBrowser(),this.parseOS(),this.parsePlatform(),this.parseEngine(),this}},{key:"
        getResult ",value:function(){return Object.assign({},this.parsedResult)}},{key:"
        satisfies ",value:function(e){var t=this,r={},n=0,i={},s=0;if(Object.keys(e).forEach(function(t){var a=e[t];"
        string "==typeof a?(i[t]=a,s+=1):"
        object "===c(a)&&(r[t]=a,n+=1)}),n>0){var a=Object.keys(r),o=a.find(function(e){return t.isOS(e)});if(o){var u=this.satisfies(r[o]);if(void 0!==u)return u}var d=a.find(function(e){return t.isPlatform(e)});if(d){var f=this.satisfies(r[d]);if(void 0!==f)return f}}if(s>0){var l=Object.keys(i).find(function(e){return t.isBrowser(e,!0)});if(void 0!==l)return this.compareVersion(i[l])}}},{key:"
        isBrowser ",value:function(e){var t=arguments.length>1&&void 0!==arguments[1]&&arguments[1],r=this.getBrowserName(),n=[r.toLowerCase()],i=o.default.getBrowserAlias(r);return t&&void 0!==i&&n.push(i.toLowerCase()),-1!==n.indexOf(e.toLowerCase())}},{key:"
        compareVersion ",value:function(e){var t=[0],r=e,n=!1,i=this.getBrowserVersion();if("
        string "==typeof i)return" > "===e[0]||" < "===e[0]?(r=e.substr(1)," = "===e[1]?(n=!0,r=e.substr(2)):t=[]," > "===e[0]?t.push(1):t.push(-1)):" = "===e[0]?r=e.substr(1):"~"===e[0]&&(n=!0,r=e.substr(1)),t.indexOf(o.default.compareVersions(i,r,n))>-1}},{key:"
        isOS ",value:function(e){return this.getOSName(!0)===String(e).toLowerCase()}},{key:"
        isPlatform ",value:function(e){return this.getPlatformType(!0)===String(e).toLowerCase()}},{key:"
        isEngine ",value:function(e){return this.getEngineName(!0)===String(e).toLowerCase()}},{key:"
        is ",value:function(e){return this.isBrowser(e)||this.isOS(e)||this.isPlatform(e)}},{key:"
        some ",value:function(){var e=this;return(arguments.length>0&&void 0!==arguments[0]?arguments[0]:[]).some(function(t){return e.is(t)})}}])&&d(t.prototype,r),e;var t,r}();r.default=f,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)},88:function(e,t,r){var n,i,s;i=[t,r(17)],void 0===(s="
        function "==typeof(n=function(r,n){"
        use strict ";var i;Object.defineProperty(r,"
        __esModule ",{value:!0}),r.default=void 0,n=(i=n)&&i.__esModule?i:{default:i};var s=/version\/(\d+(\.?_?\d+)+)/i,a=[{test:[/googlebot/i],describe:function(e){var t={name:"
        Googlebot "},r=n.default.getFirstMatch(/googlebot\/(\d+(\.\d+))/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/opera/i],describe:function(e){var t={name:"
        Opera "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:opera)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/opr\/|opios/i],describe:function(e){var t={name:"
        Opera "},r=n.default.getFirstMatch(/(?:opr|opios)[\s\/](\S+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/SamsungBrowser/i],describe:function(e){var t={name:"
        Samsung Internet
        for Android "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:SamsungBrowser)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/Whale/i],describe:function(e){var t={name:"
        NAVER Whale Browser "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:whale)[\s\/](\d+(?:\.\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/MZBrowser/i],describe:function(e){var t={name:"
        MZ Browser "},r=n.default.getFirstMatch(/(?:MZBrowser)[\s\/](\d+(?:\.\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/focus/i],describe:function(e){var t={name:"
        Focus "},r=n.default.getFirstMatch(/(?:focus)[\s\/](\d+(?:\.\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/swing/i],describe:function(e){var t={name:"
        Swing "},r=n.default.getFirstMatch(/(?:swing)[\s\/](\d+(?:\.\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/coast/i],describe:function(e){var t={name:"
        Opera Coast "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:coast)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/yabrowser/i],describe:function(e){var t={name:"
        Yandex Browser "},r=n.default.getFirstMatch(/(?:yabrowser)[\s\/](\d+(\.?_?\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/ucbrowser/i],describe:function(e){var t={name:"
        UC Browser "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:ucbrowser)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/Maxthon|mxios/i],describe:function(e){var t={name:"
        Maxthon "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:Maxthon|mxios)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/epiphany/i],describe:function(e){var t={name:"
        Epiphany "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:epiphany)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/puffin/i],describe:function(e){var t={name:"
        Puffin "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:puffin)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/sleipnir/i],describe:function(e){var t={name:"
        Sleipnir "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:sleipnir)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/k-meleon/i],describe:function(e){var t={name:"
        K - Meleon "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:k-meleon)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/micromessenger/i],describe:function(e){var t={name:"
        WeChat "},r=n.default.getFirstMatch(/(?:micromessenger)[\s\/](\d+(\.?_?\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/msie|trident/i],describe:function(e){var t={name:"
        Internet Explorer "},r=n.default.getFirstMatch(/(?:msie |rv:)(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/\sedg\//i],describe:function(e){var t={name:"
        Microsoft Edge "},r=n.default.getFirstMatch(/\sedg\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/edg([ea]|ios)/i],describe:function(e){var t={name:"
        Microsoft Edge "},r=n.default.getSecondMatch(/edg([ea]|ios)\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/vivaldi/i],describe:function(e){var t={name:"
        Vivaldi "},r=n.default.getFirstMatch(/vivaldi\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/seamonkey/i],describe:function(e){var t={name:"
        SeaMonkey "},r=n.default.getFirstMatch(/seamonkey\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/sailfish/i],describe:function(e){var t={name:"
        Sailfish "},r=n.default.getFirstMatch(/sailfish\s?browser\/(\d+(\.\d+)?)/i,e);return r&&(t.version=r),t}},{test:[/silk/i],describe:function(e){var t={name:"
        Amazon Silk "},r=n.default.getFirstMatch(/silk\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/phantom/i],describe:function(e){var t={name:"
        PhantomJS "},r=n.default.getFirstMatch(/phantomjs\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/slimerjs/i],describe:function(e){var t={name:"
        SlimerJS "},r=n.default.getFirstMatch(/slimerjs\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/blackberry|\bbb\d+/i,/rim\stablet/i],describe:function(e){var t={name:"
        BlackBerry "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/blackberry[\d]+\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/(web|hpw)[o0]s/i],describe:function(e){var t={name:"
        WebOS Browser "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/w(?:eb)?[o0]sbrowser\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/bada/i],describe:function(e){var t={name:"
        Bada "},r=n.default.getFirstMatch(/dolfin\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/tizen/i],describe:function(e){var t={name:"
        Tizen "},r=n.default.getFirstMatch(/(?:tizen\s?)?browser\/(\d+(\.?_?\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/qupzilla/i],describe:function(e){var t={name:"
        QupZilla "},r=n.default.getFirstMatch(/(?:qupzilla)[\s\/](\d+(\.?_?\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/firefox|iceweasel|fxios/i],describe:function(e){var t={name:"
        Firefox "},r=n.default.getFirstMatch(/(?:firefox|iceweasel|fxios)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/chromium/i],describe:function(e){var t={name:"
        Chromium "},r=n.default.getFirstMatch(/(?:chromium)[\s\/](\d+(\.?_?\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/chrome|crios|crmo/i],describe:function(e){var t={name:"
        Chrome "},r=n.default.getFirstMatch(/(?:chrome|crios|crmo)\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:function(e){var t=!e.test(/like android/i),r=e.test(/android/i);return t&&r},describe:function(e){var t={name:"
        Android Browser "},r=n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/playstation 4/i],describe:function(e){var t={name:"
        PlayStation 4 "},r=n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/safari|applewebkit/i],describe:function(e){var t={name:"
        Safari "},r=n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/.*/i],describe:function(e){var t=-1!==e.search("\\ (")?/^(.*)\/(.*)[ \t]\((.*)/:/^(.*)\/(.*) /;return{name:n.default.getFirstMatch(t,e),version:n.default.getSecondMatch(t,e)}}}];r.default=a,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)},89:function(e,t,r){var n,i;void 0===(i="function "==typeof(n=function(e){"
                use strict ";Object.defineProperty(e,"
                __esModule ",{value:!0}),e.BROWSER_ALIASES_MAP=void 0,e.BROWSER_ALIASES_MAP={"
                Amazon Silk ":"
                amazon_silk ","
                Android Browser ":"
                android ",Bada:"
                bada ",BlackBerry:"
                blackberry ",Chrome:"
                chrome ",Chromium:"
                chromium ",Epiphany:"
                epiphany ",Firefox:"
                firefox ",Focus:"
                focus ",Generic:"
                generic ",Googlebot:"
                googlebot ","
                Internet Explorer ":"
                ie ","
                K - Meleon ":"
                k_meleon ",Maxthon:"
                maxthon ","
                Microsoft Edge ":"
                edge ","
                MZ Browser ":"
                mz ","
                NAVER Whale Browser ":"
                naver ",Opera:"
                opera ","
                Opera Coast ":"
                opera_coast ",PhantomJS:"
                phantomjs ",Puffin:"
                puffin ",QupZilla:"
                qupzilla ",Safari:"
                safari ",Sailfish:"
                sailfish ","
                Samsung Internet
                for Android ":"
                samsung_internet ",SeaMonkey:"
                seamonkey ",Sleipnir:"
                sleipnir ",Swing:"
                swing ",Tizen:"
                tizen ","
                UC Browser ":"
                uc ",Vivaldi:"
                vivaldi ","
                WebOS Browser ":"
                webos ",WeChat:"
                wechat ","
                Yandex Browser ":"
                yandex "}})?n.apply(t,[t]):n)||(e.exports=i)},90:function(e,t,r){var n,i,s;i=[t,r(17)],void 0===(s="
                function "==typeof(n=function(r,n){"
                use strict ";var i;Object.defineProperty(r,"
                __esModule ",{value:!0}),r.default=void 0,n=(i=n)&&i.__esModule?i:{default:i};var s=[{test:[/windows phone/i],describe:function(e){return{name:"
                Windows Phone ",version:n.default.getFirstMatch(/windows phone (?:os)?\s?(\d+(\.\d+)*)/i,e)}}},{test:[/windows/i],describe:function(e){var t=n.default.getFirstMatch(/Windows ((NT|XP)( \d\d?.\d)?)/i,e);return{name:"
                Windows ",version:t,versionName:n.default.getWindowsVersionName(t)}}},{test:[/macintosh/i],describe:function(e){return{name:"
                macOS ",version:n.default.getFirstMatch(/mac os x (\d+(\.?_?\d+)+)/i,e).replace(/[_\s]/g,".
                ")}}},{test:[/(ipod|iphone|ipad)/i],describe:function(e){return{name:"
                iOS ",version:n.default.getFirstMatch(/os (\d+([_\s]\d+)*) like mac os x/i,e).replace(/[_\s]/g,".
                ")}}},{test:function(e){var t=!e.test(/like android/i),r=e.test(/android/i);return t&&r},describe:function(e){var t=n.default.getFirstMatch(/android[\s\/-](\d+(\.\d+)*)/i,e),r=n.default.getAndroidVersionName(t),i={name:"
                Android ",version:t};return r&&(i.versionName=r),i}},{test:[/(web|hpw)[o0]s/i],describe:function(e){var t=n.default.getFirstMatch(/(?:web|hpw)[o0]s\/(\d+(\.\d+)*)/i,e),r={name:"
                WebOS "};return t&&t.length&&(r.version=t),r}},{test:[/blackberry|\bbb\d+/i,/rim\stablet/i],describe:function(e){return{name:"
                BlackBerry ",version:n.default.getFirstMatch(/rim\stablet\sos\s(\d+(\.\d+)*)/i,e)||n.default.getFirstMatch(/blackberry\d+\/(\d+([_\s]\d+)*)/i,e)||n.default.getFirstMatch(/\bbb(\d+)/i,e)}}},{test:[/bada/i],describe:function(e){return{name:"
                Bada ",version:n.default.getFirstMatch(/bada\/(\d+(\.\d+)*)/i,e)}}},{test:[/tizen/i],describe:function(e){return{name:"
                Tizen ",version:n.default.getFirstMatch(/tizen[\/\s](\d+(\.\d+)*)/i,e)}}},{test:[/linux/i],describe:function(){return{name:"
                Linux "}}},{test:[/CrOS/],describe:function(){return{name:"
                Chrome OS "}}},{test:[/PlayStation 4/],describe:function(e){return{name:"
                PlayStation 4 ",version:n.default.getFirstMatch(/PlayStation 4[\/\s](\d+(\.\d+)*)/i,e)}}}];r.default=s,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)},91:function(e,t,r){var n,i,s;i=[t,r(17)],void 0===(s="
                function "==typeof(n=function(r,n){"
                use strict ";var i;Object.defineProperty(r,"
                __esModule ",{value:!0}),r.default=void 0,n=(i=n)&&i.__esModule?i:{default:i};var s="
                tablet ",a="
                mobile ",o="
                desktop ",u="
                tv ",c=[{test:[/googlebot/i],describe:function(){return{type:"
                bot ",vendor:"
                Google "}}},{test:[/huawei/i],describe:function(e){var t=n.default.getFirstMatch(/(can-l01)/i,e)&&"
                Nova ",r={type:a,vendor:"
                Huawei "};return t&&(r.model=t),r}},{test:[/nexus\s*(?:7|8|9|10).*/i],describe:function(){return{type:s,vendor:"
                Nexus "}}},{test:[/ipad/i],describe:function(){return{type:s,vendor:"
                Apple ",model:"
                iPad "}}},{test:[/kftt build/i],describe:function(){return{type:s,vendor:"
                Amazon ",model:"
                Kindle Fire HD 7 "}}},{test:[/silk/i],describe:function(){return{type:s,vendor:"
                Amazon "}}},{test:[/tablet/i],describe:function(){return{type:s}}},{test:function(e){var t=e.test(/ipod|iphone/i),r=e.test(/like (ipod|iphone)/i);return t&&!r},describe:function(e){var t=n.default.getFirstMatch(/(ipod|iphone)/i,e);return{type:a,vendor:"
                Apple ",model:t}}},{test:[/nexus\s*[0-6].*/i,/galaxy nexus/i],describe:function(){return{type:a,vendor:"
                Nexus "}}},{test:[/[^-]mobi/i],describe:function(){return{type:a}}},{test:function(e){return"
                blackberry "===e.getBrowserName(!0)},describe:function(){return{type:a,vendor:"
                BlackBerry "}}},{test:function(e){return"
                bada "===e.getBrowserName(!0)},describe:function(){return{type:a}}},{test:function(e){return"
                windows phone "===e.getBrowserName()},describe:function(){return{type:a,vendor:"
                Microsoft "}}},{test:function(e){var t=Number(String(e.getOSVersion()).split(".
                ")[0]);return"
                android "===e.getOSName(!0)&&t>=3},describe:function(){return{type:s}}},{test:function(e){return"
                android "===e.getOSName(!0)},describe:function(){return{type:a}}},{test:function(e){return"
                macos "===e.getOSName(!0)},describe:function(){return{type:o,vendor:"
                Apple "}}},{test:function(e){return"
                windows "===e.getOSName(!0)},describe:function(){return{type:o}}},{test:function(e){return"
                linux "===e.getOSName(!0)},describe:function(){return{type:o}}},{test:function(e){return"
                playstation 4 "===e.getOSName(!0)},describe:function(){return{type:u}}}];r.default=c,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)},92:function(e,t,r){var n,i,s;i=[t,r(17)],void 0===(s="
                function "==typeof(n=function(r,n){"
                use strict ";var i;Object.defineProperty(r,"
                __esModule ",{value:!0}),r.default=void 0,n=(i=n)&&i.__esModule?i:{default:i};var s=[{test:function(e){return"
                microsoft edge "===e.getBrowserName(!0)},describe:function(e){return/\sedg\//i.test(e)?{name:"
                Blink "}:{name:"
                EdgeHTML ",version:n.default.getFirstMatch(/edge\/(\d+(\.?_?\d+)+)/i,e)}}},{test:[/trident/i],describe:function(e){var t={name:"
                Trident "},r=n.default.getFirstMatch(/trident\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:function(e){return e.test(/presto/i)},describe:function(e){var t={name:"
                Presto "},r=n.default.getFirstMatch(/presto\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:function(e){var t=e.test(/gecko/i),r=e.test(/like gecko/i);return t&&!r},describe:function(e){var t={name:"
                Gecko "},r=n.default.getFirstMatch(/gecko\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/(apple)?webkit\/537\.36/i],describe:function(){return{name:"
                Blink "}}},{test:[/(apple)?webkit/i],describe:function(e){var t={name:"
                WebKit "},r=n.default.getFirstMatch(/webkit\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}}];r.default=s,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)}})});},{}],"
                H99C ":[function(require,module,exports) {"
                use strict ";require("
                normalize.css "),require(". / style.scss ");var e=t(require("
                bowser "));function t(e){return e&&e.__esModule?e:{default:e}}var s=e.default.parse(window.navigator.userAgent),a="
                firefox "==s.browser.name.toLowerCase().replace(/\s/g," - "),r="
                yandex - browser "==s.browser.name.toLowerCase().replace(/\s/g," - "),o=document.querySelector(".sc "),i=(window.navigator.language||window.navigator.languages[0]).slice(0,2),n=-1!=["
                ar ","
                dv ","
                he ","
                ku ","
                fa ","
                ur "].indexOf(i)?"
                rtl ":"
                ltr ";o.classList.add(i),o.classList.add(n),o.classList.add("
                sc--".concat(s.platform.type)),o.classList.add("
                sc--".concat(s.os.name.toLowerCase())),o.classList.add("
                sc--".concat(s.browser.name.toLowerCase().replace(/\s/g," - ")));var l={};"
                desktop "==s.platform.type?("
                macos "==s.os.name.toLowerCase()&&(l.height=150),"
                rtl "==n?(l.left="
                auto ",l.right=0,a?l.right=262:r&&(l.left=17,l.right="
                auto ")):(l.left=85,l.right="
                auto ",a?l.left=262:r&&(l.left="
                auto ",l.right=17))):l.left=0,void 0===window.setStyle&&(console.error("
                window.setStyle is not a
                function "),window.setStyle=function(){}),window.setStyle(l);},{"
                normalize.css ":"
                9 KIJ ",". / style.scss ":"
                9 KIJ ","
                bowser ":"
                JSid "}]},{},["
                H99C "], null)</script></body></html></html>
                                    


HTTP Transactions (102)


Request Response
                                        
                                            GET /magical-sempai-episode-1-vostfr/ HTTP/1.1 
Host: ianime-fr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.21.64.133
HTTP/1.1 301 Moved Permanently
                                        
Date: Sat, 24 Sep 2022 14:29:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 24 Sep 2022 15:29:17 GMT
Location: https://ianime-fr.com/magical-sempai-episode-1-vostfr/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRHG3TcrDd%2FXYpa6z%2Bh5y4AveC5mWMPCvlA1VMzw26SEe%2BtOrGApZScUsyMsCfKt9rwWYSO%2Fi857meGw1giTs7kl4bi3n20KLCy3jZxjnoTMneIREzGxXyZnpZvjQwt8"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fc36229a77b51b-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7514
Expires: Sat, 24 Sep 2022 16:34:32 GMT
Date: Sat, 24 Sep 2022 14:29:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4721814DA286852318F7EBF9857BD4BF01F0BEEA2C9EB7DDB9F290E3FA472232"
Last-Modified: Fri, 23 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16123
Expires: Sat, 24 Sep 2022 18:58:01 GMT
Date: Sat, 24 Sep 2022 14:29:18 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         13.224.245.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 24 Sep 2022 14:05:41 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5c6c6b06dd745e052b0c5c0350148e06.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: 8hBjYIZZqg3wpKkqhFtTD_6Z-K1zqpChtq55m-CCghTr0fvSG8w9Ow==
Age: 1417


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: WKgk7ZoqzyYGda+IhQ/t3vhPgp2rYaTCWTuElMDalKEv5RHlViyblXAHCqnk0V/Yu1mBVYrEItQ=
x-amz-request-id: PGV2AFWA11MJ90MX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 24 Sep 2022 13:47:33 GMT
age: 2505
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:18 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         13.224.245.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sat, 24 Sep 2022 14:20:46 GMT
Expires: Sat, 24 Sep 2022 14:54:46 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 392aafb38d46b0d6c1710455b6663726.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: 27OmasWPUK5qXtXBV-opSefF4MdpQLkVWGqJHh_i52lCJr2su5ki3g==
Age: 512


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "2C1216BF08A6DB939A0E0B904B0E3FA81952E7DD72819E9824CCF76F325620DC"
Last-Modified: Thu, 22 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9188
Expires: Sat, 24 Sep 2022 17:02:26 GMT
Date: Sat, 24 Sep 2022 14:29:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6073
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 14:29:18 GMT
Last-Modified: Sat, 24 Sep 2022 12:48:05 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "2C1216BF08A6DB939A0E0B904B0E3FA81952E7DD72819E9824CCF76F325620DC"
Last-Modified: Thu, 22 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9188
Expires: Sat, 24 Sep 2022 17:02:26 GMT
Date: Sat, 24 Sep 2022 14:29:18 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 14:29:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css?family=Roboto%3Alight%2Cregular%2Cmedium%2Cthin%2Citalic%2Cmediumitalic%2Cbold%7CRoboto%7CSource%20Sans%20Pro%3A400%2C200%7CMontserrat%3A400%2C700%7CPT%20Sans%3A400%2C700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ianime-fr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 24 Sep 2022 14:29:18 GMT
date: Sat, 24 Sep 2022 14:29:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1809
Md5:    028c6dd84eaa01bab7838de4eb46a4b7
Sha1:   e2e22891e50c4b8d5c4c3f54726cff9fca034d5a
Sha256: 29dc507381f2351d1f340dfc5af00e0a83f3afaf08ddf6c647b2aec2cb9c525d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 14:29:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   8097
Md5:    363f3dc6ef32701d12006ab8cc7dfd28
Sha1:   5d72b111a2eda6f16f172c69af3818304da4fd16
Sha256: 976a6ae7b94b90eaa05d390ad6f0ada2eefbe31212e532b24536115c0073737f
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ianime-fr.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 240910
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ianime-fr.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 240910
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fKdOkBwkcuEPBVdrTbHWdA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.217.237.91
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FbiZi8b8yWHG2DTL/Cdyw+LU2p0=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 14:29:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 14:29:19 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 10:59:56 GMT
Expires: Wed, 28 Sep 2022 10:59:55 GMT
Etag: "7e6737cbc9841c9a574754f4db123e5750aa4c9b"
Cache-Control: max-age=603920,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fc3629c8ebb511-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "30E555D765A8F3175895279CB1ADA3EA7267A0578FD05ECF9647DE7F00BDEE1B"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12613
Expires: Sat, 24 Sep 2022 17:59:32 GMT
Date: Sat, 24 Sep 2022 14:29:19 GMT
Connection: keep-alive

                                        
                                            GET /embed/p0f2o0gu HTTP/1.1 
Host: sendvid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ianime-fr.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         46.166.142.86
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Status: 200 OK
ETag: "e56725d3f5066e5bdfeac8be14a12cfc"
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Runtime: 0.030936
X-Request-Id: 3b4f7f29-c7be-4e59-afd7-0478ab164b32
Date: Sat, 24 Sep 2022 14:29:19 GMT
Set-Cookie: gsc=ImVlOGUyZmM3LWIxMzYtNGYwZS1iYmY3LTAxMzg4NzU5ZDc3OCI%3D--a6724887b670d7caa6f42bbcfb2c565d095ef94f; domain=.sendvid.com; path=/; expires=Wed, 24 Sep 2042 14:29:19 -0000 adpref=0; path=/; expires=Mon, 26 Sep 2022 14:29:19 -0000 _sendvid_session=M1BvK1lHWWVobkIzOVBHcDlienJwVXAwb3RIT0hiMXRKYm8rVnM0WXE3bmdqdGxWRUJ2S0l5QjRNaEIrVGdacWQ2MkU2SE51eS9KR2dlMlFxN2FFdDFjelBZdXV6c2E2alpWdDF1Uk11bXlkRUFieDcyTXNnNXpNcHMyVzNxQUdxT3BPOXlORGRmc0s1T2hwZkZ2RmZnPT0tLSszT0JwRDdyZmJkNUpOTFhRVURHaGc9PQ%3D%3D--ec4b5a6352a9ebc23061ae5c3804d6d9cbc5e4eb; path=/; expires=Fri, 24 Mar 2023 15:29:19 -0000; HttpOnly
X-Powered-By: Phusion Passenger(R) 6.0.9
Server: nginx/1.20.1 + Phusion Passenger(R) 6.0.9
Cache-Control: max-age=0, private, must-revalidate, no-store, no-cache


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   11009
Md5:    e56725d3f5066e5bdfeac8be14a12cfc
Sha1:   f3de90b30df66ea8ae070f8017931853cb9614ee
Sha256: 0f9443d5bf748ce4e21291cedfeab0b37052acea78b40d4a5858d9bf14e0bf23
                                        
                                            GET /assets/application-b65b6886b2dc28a3f7d72b06ae6bb283.css HTTP/1.1 
Host: sendvid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendvid.com/embed/p0f2o0gu
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.142.86
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.20.1
Date: Sat, 24 Sep 2022 14:29:19 GMT
Content-Length: 74322
Last-Modified: Thu, 28 May 2020 12:37:54 GMT
Connection: keep-alive
Expires: Sun, 24 Sep 2023 14:29:19 GMT
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (46353)
Size:   74322
Md5:    cef881c30ba6bd4f3f0522c52f063ab8
Sha1:   086601c27b7d2c6863bd81850adb803603a5ac30
Sha256: e99eb62c2d97a541a291609715e963f5a7462b1efba6331e9dbf3c9173c41cac
                                        
                                            GET /site_ads.js HTTP/1.1 
Host: sendvid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendvid.com/embed/p0f2o0gu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.142.86
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.20.1
Date: Sat, 24 Sep 2022 14:29:19 GMT
Content-Length: 17
Last-Modified: Tue, 12 Jul 2022 11:39:33 GMT
Connection: keep-alive
ETag: "62cd5d75-11"
Cache-Control: no-store, no-cache
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   17
Md5:    139eff990c985526831b9bedb50efaf0
Sha1:   b033ac2c5301e36746aa7f341a7eb133d6b4fe69
Sha256: 2349eef06e446004512c226b8c5e89eadf92bd02c8a660ef8a72d28c106de4f1
                                        
                                            GET /assets/zeroclipboard-5534ae3798279739b2e29b14f0eed44b.js HTTP/1.1 
Host: sendvid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendvid.com/embed/p0f2o0gu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.142.86
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.20.1
Date: Sat, 24 Sep 2022 14:29:19 GMT
Content-Length: 29581
Last-Modified: Mon, 08 Jan 2018 13:27:42 GMT
Connection: keep-alive
Expires: Sun, 24 Sep 2023 14:29:19 GMT
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (29581), with no line terminators
Size:   29581
Md5:    dba4989663875d0931a3a795a575f115
Sha1:   61cd12381056df30da490d1021e3458180091485
Sha256: 32b40b5540af51a67dc1fbff0c2cfc6ae6471f7c3d8e108473faabf07cdd3163
                                        
                                            GET /assets/player-4a21a1e4537969b33c3764b7c0a2ec03.css HTTP/1.1 
Host: sendvid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendvid.com/embed/p0f2o0gu
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.142.86
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.20.1
Date: Sat, 24 Sep 2022 14:29:19 GMT
Content-Length: 68200
Last-Modified: Mon, 11 Jan 2021 12:08:13 GMT
Connection: keep-alive
Expires: Sun, 24 Sep 2023 14:29:19 GMT
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Size:   68200
Md5:    1a4012d78f1987dacff6a9f9f9476fc5
Sha1:   813a2d48ef8f85e55c9605af7275a57a7f575925
Sha256: 3f28bb7fc70e8ae0ec1fa5a9b311d6cc755cb051a56a159b29fedc50735a6ae8
                                        
                                            GET /assets/preflight-6f76d03e855720c167da7b77c432ed64.js HTTP/1.1 
Host: sendvid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendvid.com/embed/p0f2o0gu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.142.86
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.20.1
Date: Sat, 24 Sep 2022 14:29:19 GMT
Content-Length: 104203
Last-Modified: Mon, 08 Jan 2018 13:29:50 GMT
Connection: keep-alive
Expires: Sun, 24 Sep 2023 14:29:19 GMT
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (32831)
Size:   104203
Md5:    9070c37aeb36fadbdf3da53c9a54fd06
Sha1:   ee0018963c252b86c45cd38a8f9b9ad9edc8e240
Sha256: 970064da1494ce66c0164cc01c1c532e6720c6b5a870edaebf5da7eddba901c5
                                        
                                            GET /df/23/p0f2o0gu.jpg HTTP/1.1 
Host: thumbs2.sendvid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendvid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         64.210.135.116
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sat, 24 Sep 2022 14:29:19 GMT
content-length: 28435
last-modified: Tue, 02 Jul 2019 15:23:55 GMT
etag: "2665739da-6f13-58cb4553398c0"
expires: Wed, 25 Jan 2023 16:10:55 GMT
cache-control: max-age=10695662
accept-ranges: bytes
x-cdn-diag: ams5-6140-2-41701-m-0-0-200-0.004--;6249-23-34054----0-0-2
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.48.100", baseline, precision 8, 640x360, components 3\012- data
Size:   28435
Md5:    ce7ad13d68fd0f4bce17843798e82d42
Sha1:   a40a2a9a4b433546ad459892f030691efdc0251b
Sha256: 2f5f08fc496ce14e3cfa2102d89205e03bd72083e2441ac4d84f3d205566b5ad
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EE8C88025F2F19D372AE33D8D82883A27CEA6313E91F5FE79AB2101646BCE8F0"
Last-Modified: Thu, 22 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18176
Expires: Sat, 24 Sep 2022 19:32:15 GMT
Date: Sat, 24 Sep 2022 14:29:19 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   1024
Md5:    4d9825a3dcda38ccbaf69f635a29e888
Sha1:   f1ff725ac580f8c48d1f6e774e3def53a1f023e7
Sha256: 2c7ef055d7b8837394d29fbd1d401afc148ece104d11f9530fd5a7b78060741a

Alerts:
  File Analyzers:
    - virustotal: 0/0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "85FC68415F6B4463CE26531E905D0BC49AF4451DB127EF340B1E9DDBBE06AB64"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16768
Expires: Sat, 24 Sep 2022 19:08:47 GMT
Date: Sat, 24 Sep 2022 14:29:19 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   26579
Md5:    3a2c16d5107db7bc5f8d0085af5a1efc
Sha1:   c282728589cb885b85af3cad25b5e31617cfd482
Sha256: 33224f974f74fd1370b830405aa3303987a66093d9221048111a49da7b8209d2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 14:29:19 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 18:25:22 GMT
Expires: Thu, 29 Sep 2022 18:25:21 GMT
Etag: "235a3579a72192a6a1fc0366d6d8671e2630b9f5"
Cache-Control: max-age=445561,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fc362c5da2b51e-OSL

                                        
                                            GET /gid.js?userId=656fa0616a8f40b68af316cd3fc808e1 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ianime-fr.com
Connection: keep-alive
Referer: https://ianime-fr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:19 GMT
content-length: 65
access-control-allow-origin: https://ianime-fr.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=656fa0616a8f40b68af316cd3fc808e1; expires=Sun, 24 Sep 2023 14:29:19 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   586
Md5:    5c9d19240fd067f82b3ae83615475c40
Sha1:   8c150aca0090d5bf009134ac73007abc667df382
Sha256: cb2389f72ebdcb6ed057c5a872feb833033669507d85ed875d692c833a024f14

Alerts:
  File Analyzers:
    - virustotal: 0/0
                                        
                                            GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sendvid.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 16:40:18 GMT
expires: Fri, 22 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 164941
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size:   30928
Md5:    ac0d2859ea5f8fd6bcb3c305c08ec184
Sha1:   7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
Sha256: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
                                        
                                            GET /5/5170168/?oo=1&js_build=iclick-v1.430.0 HTTP/1.1 
Host: bedrapiona.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ianime-fr.com
Connection: keep-alive
Referer: https://ianime-fr.com/
Cookie: OAID=656fa0616a8f40b68af316cd3fc808e1; oaidts=1664029759
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.234
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:19 GMT
x-trace-id: 08fdc8ba70b014f662b48ba83c51445b
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://ianime-fr.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=656fa0616a8f40b68af316cd3fc808e1; expires=Sun, 24 Sep 2023 14:29:19 GMT; path=/; secure; SameSite=None oaidts=1664029759; expires=Sun, 24 Sep 2023 14:29:19 GMT; path=/; secure; SameSite=None
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1886
Md5:    69fa5ccf371f6e1c22b453789191614e
Sha1:   182faa007b5dfa8d561ba7354f9677901ce6989c
Sha256: d98c3126e5d9bb5d12ef26620897440ed4e059b8cf58e3cbdcac98942ddbc956
                                        
                                            GET /zone?pub=0&zone_id=5170167&is_mobile=false&domain=ianime-fr.com&var=&ymid=&var_3= HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ianime-fr.com/
Origin: https://ianime-fr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:19 GMT
content-length: 755
x-trace-id: 7c11eae0194860fbb7963fa4dc83aefd
access-control-allow-origin: https://ianime-fr.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (754)
Size:   755
Md5:    817a08730606352f62b98fda7b92d853
Sha1:   a1d1da1d572bfcef8e7294780c958255b06d8cc6
Sha256: babaee100efa75832345704719876503c36d9a27e490543a96e322f68a7b944d
                                        
                                            GET /wp-content/uploads/2019/07/Tejina-Senpai-img.jpg HTTP/1.1 
Host: www2.animecomplet.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ianime-fr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.179.172
HTTP/2 301 Moved Permanently
                                        
date: Sat, 24 Sep 2022 14:29:18 GMT
location: https://ianime-fr.com/wp-content/uploads/2019/07/Tejina-Senpai-img.jpg
cache-control: max-age=3600
expires: Sat, 24 Sep 2022 15:29:18 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMIypDxwEOcM%2FXCzBvvUMXhkvzbAxzpwQ8PD2vkaHhqdYhJ1aCNYGNPoOz3w31HymuIw1Wo6K3gamK09OIGOFZZAeBhMidB9PE3jkmC9sRab0Yox3a6B%2BY%2BiffAKGCY%2FyOAYGWYl7Wo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc3628bdc2b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   5250
Md5:    48bd328320bddd41bc83f0a0f220a4c8
Sha1:   7b62bc98cb10cdeefd416c36f1b052956c250e0a
Sha256: f2e0a5a241488bb805a931d92d4ba1401950cf96badfdf967ab452649cae6f91

Alerts:
  File Analyzers:
    - virustotal: 0/0
                                        
                                            GET /42/38?z=5170166 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ianime-fr.com/
Cookie: scm=1; OAID=9eb797bc2dc84f5a950f35e01deb6704; oaidts=1664029759
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:19 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 882610e7a1049340100229315d6c564b
access-control-expose-headers: X-Sc
set-cookie: OAID=9eb797bc2dc84f5a950f35e01deb6704; expires=Sun, 24 Sep 2023 14:29:19 GMT; secure; SameSite=None oaidts=1664029759; expires=Sun, 24 Sep 2023 14:29:19 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4308
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 14:29:19 GMT
Last-Modified: Sat, 24 Sep 2022 13:17:32 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /27/b7bd02994a2771796f8a835cfb750d4b HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ianime-fr.com/
Cookie: scm=1; OAID=9eb797bc2dc84f5a950f35e01deb6704; oaidts=1664029759
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:19 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Thu, 22 Sep 2022 08:42:06 GMT
expires: Thu, 22 Oct 2082 08:42:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   160548
Md5:    adac7234a7c7547f0c58f8846d1b7c83
Sha1:   87cad51ab3afdf0ef278d498d197516b2057bb3a
Sha256: fd553f6522f852e70cdd09cad7756ad1993b1c1adece14b3751ef314efb2573e
                                        
                                            GET /font-awesome/4.2.0/css/font-awesome.min.css HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendvid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.10.207
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Sat, 24 Sep 2022 14:29:19 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 601, 718, 718
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-cachedat: 2021-04-23 05:21:01
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 247af5253dedb1b0bd0d1e5b53c5e898
cdn-cache: HIT
cf-cache-status: HIT
age: 12140062
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74fc362e39810b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21822)
Size:   5282
Md5:    57a8c33a4c49c507ad02e7fcc83e7cf0
Sha1:   665d4b1a14b5ac47108dc7598a4197de25a0539f
Sha256: d4a4d991f1751acbec46ab8b107f7f0690f26c4f43b3cd7e5eb5905f144a0ff3
                                        
                                            GET /pfe/current/universal.min.js?v=3.1.395 HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ianime-fr.com/
Origin: https://ianime-fr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:19 GMT
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: W/"63296afd-1fafa"
access-control-allow-origin: https://ianime-fr.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   106707
Md5:    e98de3a0d56c270d24aec8fe297a1d8e
Sha1:   d0311f68573b70d03a57ecc1022192e191f55a5f
Sha256: ca94427b3449cb609a074babc71e796482723067052a8ede7c2bc7f543f76fde
                                        
                                            GET /1?z=5170166 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ianime-fr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:19 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: a93f2b26ff38d9ad833f454897b267cb
access-control-expose-headers: X-Sc
x-sc: KmNNeXWnHGn_vOcizQpDKSds7eXt-1faKDvPTHk3JOcI5YFSosX6EeeMTr1u4jUfUU0f9M7bB5zsOkiQ6TXZgMGlCHs=
set-cookie: scm=1; expires=Sun, 24 Sep 2023 14:29:19 GMT; secure; SameSite=None OAID=9eb797bc2dc84f5a950f35e01deb6704; expires=Sun, 24 Sep 2023 14:29:19 GMT; secure; SameSite=None oaidts=1664029759; expires=Sun, 24 Sep 2023 14:29:19 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   4018
Md5:    a7853d44cff52b309b425c3c3c5f9a8b
Sha1:   fb6f9a3fb4f1e5b514f09e2d593f2cac80457f1c
Sha256: 9e4eda6d72abd4ff1c197b25e6106d1817fa9c36740abe4e36211100957ff9bd
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendvid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sat, 24 Sep 2022 12:41:09 GMT
expires: Sat, 24 Sep 2022 14:41:09 GMT
cache-control: public, max-age=7200
age: 6490
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   19826
Md5:    cae538dcce82598fbe43c0bf443e62dd
Sha1:   cc68ac6be9c5e0087a0000e5735b83270ace30f5
Sha256: 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 14:29:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            OPTIONS /9?z=5170166&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fianime-fr.com%2Fmagical-sempai-episode-1-vostfr%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=656fa0616a8f40b68af316cd3fc808e1 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ianime-fr.com/
Origin: https://ianime-fr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 204 No Content
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:19 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ianime-fr.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /pfe/current/tag.min.js?z=5170167 HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ianime-fr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 20 Sep 2022 07:25:49 GMT
If-None-Match: W/"63296afd-39be"
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 304 Not Modified
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: "63296afd-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2

                                        
                                            GET /hls/df/23/p0f2o0gu.mp4/master.m3u8?validfrom=1664026159&validto=1664033359&rate=250k&ip=91.90.42.154&hdl=-1&hash=kasgYcF5q8oq9qLpelm5M6o4Xho%3D HTTP/1.1 
Host: videos2-h.sendvid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sendvid.com
Connection: keep-alive
Referer: https://sendvid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         64.210.135.148
HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
                                        
date: Sat, 24 Sep 2022 14:29:20 GMT
expires: Fri, 30 Dec 2022 19:02:43 GMT
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-headers: Server,Range,Content-Length,Content-Range,x-cdn-diag
cache-control: max-age=8640000
content-length: 471
x-cdn-diag-p: ams5-7737-7-46566-m-0-0-200-0.000--
accept-ranges: bytes
access-control-allow-origin: https://sendvid.com
access-control-expose-headers: Server,Range,Content-Length,Content-Range,x-cdn-diag
x-avs-status: MISS
x-cdn-diag: ams5-7737-7-46566-x-0-0---;7403-22-16009----0-0-4
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  M3U playlist, ASCII text
Size:   471
Md5:    3ad1215af3fe458faa59bf7ebe0577e3
Sha1:   9875ac9d7a92675df2c08edcd3e3c5b54c937b5d
Sha256: d0eb14a82f3b64ad3e395ac1654f59e64c52ffbb2291ee1bd3f45c0c9d421185
                                        
                                            GET /1?z=5170166 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ianime-fr.com/
Cookie: scm=1; OAID=9eb797bc2dc84f5a950f35e01deb6704; oaidts=1664029759
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 1cc1a36f0ffea49fb9daf93a2d1e16ff
access-control-expose-headers: X-Sc
set-cookie: OAID=9eb797bc2dc84f5a950f35e01deb6704; expires=Sun, 24 Sep 2023 14:29:19 GMT; secure; SameSite=None oaidts=1664029759; expires=Sun, 24 Sep 2023 14:29:19 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7767)
Size:   4058
Md5:    ca3ebe4bc25e45ddc1d27f1779d11c8f
Sha1:   20925a76055bd11367a696c70ee59b21f89fb877
Sha256: 576886e799978a4828bf6479a4ddfc7df99dff7158f7950575b1d05e0aea4fa4
                                        
                                            GET /400/5170165 HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ianime-fr.com/
Cookie: OAID=b908c58a55c34e45ab9ac2336c50f10f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
x-trace-id: 88f8b2005bab24bbc29e6224fc4de857
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=b908c58a55c34e45ab9ac2336c50f10f; expires=Sun, 24 Sep 2023 14:29:20 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   31732
Md5:    0312853197c981b38a42423c0d2b90a7
Sha1:   8ab3a75930a4e86b1744b999c34bc1d09874ded4
Sha256: 85e8806d10af89c092f6fbad4d7b73eebb33c51e341cb8561328cb37a7e85163
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "90DCF36FF7473BCE9ABA7370E520531DDE85E6612DE279B281B3485F7EBFA283"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=173
Expires: Sat, 24 Sep 2022 14:32:13 GMT
Date: Sat, 24 Sep 2022 14:29:20 GMT
Connection: keep-alive

                                        
                                            GET /42/38?z=5170166 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ianime-fr.com/
Cookie: OAID=9eb797bc2dc84f5a950f35e01deb6704; oaidts=1664029759; scm=1; OAID=9eb797bc2dc84f5a950f35e01deb6704; oaidts=1664029759
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 0d3607b62bd5ce762fd2c8c3adf390d7
access-control-expose-headers: X-Sc
set-cookie: OAID=9eb797bc2dc84f5a950f35e01deb6704; expires=Sun, 24 Sep 2023 14:29:20 GMT; secure; SameSite=None oaidts=1664029759; expires=Sun, 24 Sep 2023 14:29:20 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 14:29:20 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 12:52:21 GMT
Expires: Thu, 29 Sep 2022 12:52:20 GMT
Etag: "b25b1883b0f0e02956c3eb5beb98552f814ee6ab"
Cache-Control: max-age=425579,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fc36306991b51e-OSL

                                        
                                            OPTIONS /500/5170165?excludes=&oaid=656fa0616a8f40b68af316cd3fc808e1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fianime-fr.com%2Fmagical-sempai-episode-1-vostfr%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ianime-fr.com/
Origin: https://ianime-fr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.237
HTTP/2 200 OK
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://ianime-fr.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /stats/0.php?4513633&@f16&@g1&@h1&@i1&@j1664029758557&@k0&@l1&@mPage%20non%20trouv%C3%A9e%20-%20IAnime&@n0&@ohttps%3A%2F%2Fianime-fr.com%2Fmagical-sempai-episode-1-vostfr%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-178071309&@b3:1664029759&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fianime-fr.com%2Fv%2Fmy4jxu57dn15d-2&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ianime-fr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.99.0.58
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Sat, 24 Sep 2022 14:29:20 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    12e78f2be2426ac8cba05c57e545ea0f
Sha1:   1b5cd8131766fca9871be208c3c73c6bce34918a
Sha256: 846591883ac03b9c4f9a665762b37d84be65f02d52422ddd897827d1495d1711
                                        
                                            POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1 
Host: fleraprt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ianime-fr.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://ianime-fr.com
Content-Length: 1541
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.254
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.19.10
Date: Sat, 24 Sep 2022 14:29:37 GMT
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://ianime-fr.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    adb4650bfc9d2a73d4dd69583b0ceb14
Sha1:   1ce399d6e936232aaf2192cd7903a279c5015f22
Sha256: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10630
Expires: Sat, 24 Sep 2022 17:26:30 GMT
Date: Sat, 24 Sep 2022 14:29:20 GMT
Connection: keep-alive

                                        
                                            GET /400/5170165 HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ianime-fr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:19 GMT
x-trace-id: 7cfa84832a84267f0d562d5d3cdaba94
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=b908c58a55c34e45ab9ac2336c50f10f; expires=Sun, 24 Sep 2023 14:29:19 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   63439
Md5:    52c973391eeaab011b73855430e2ecd8
Sha1:   2224602d05a6909249c56f6ee4a652d7d59915e7
Sha256: 45135803389f87b77d3910f23576e177f0640c5e19f7364ee838c3368cdc7775
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10630
Expires: Sat, 24 Sep 2022 17:26:30 GMT
Date: Sat, 24 Sep 2022 14:29:20 GMT
Connection: keep-alive

                                        
                                            POST /9?z=5170166&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fianime-fr.com%2Fmagical-sempai-episode-1-vostfr%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=656fa0616a8f40b68af316cd3fc808e1 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 261
Origin: https://ianime-fr.com
Connection: keep-alive
Referer: https://ianime-fr.com/
Cookie: scm=1; OAID=9eb797bc2dc84f5a950f35e01deb6704; oaidts=1664029759
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ianime-fr.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 1ac92c2cb98049e5a51ffb2ec6e5bbb2
access-control-expose-headers: X-Sc
set-cookie: OAID=656fa0616a8f40b68af316cd3fc808e1; expires=Sun, 24 Sep 2023 14:29:20 GMT; secure; SameSite=None oaidts=1664029759; expires=Sun, 24 Sep 2023 14:29:20 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3166
Md5:    03b98b8fa8b893fa0cbb1f0644a9b20f
Sha1:   bf57afe92c9d87679035ef0f781fe98bf65f01ff
Sha256: 55ad929551e09408429f5d90f923b044e638f9334ea4ba0faee6ae70525282d9
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10630
Expires: Sat, 24 Sep 2022 17:26:30 GMT
Date: Sat, 24 Sep 2022 14:29:20 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8354
x-amzn-requestid: 3ec3470c-2268-4102-af88-27dcfed76bfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPCGOcoAMF2xQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-481aa98b413690636fc3a2f0;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dXqPCGTGK8gW86McTltPuNYKXQgUuSqcL_XbyRQitinH5LsUscmU2w==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:47:49 GMT
age: 60091
etag: "670d89082f8da643e1196b11fb64bf71707f0e8d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8354
Md5:    e1087dcce202bbbc8c84196bd2050662
Sha1:   670d89082f8da643e1196b11fb64bf71707f0e8d
Sha256: f6a7b6e07177431d7845e2f2b7b1b3b76088671db32aeef580a72e9bd3ddae00
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lAQOV9_fZ2RFvhRKMtDOeRTWJc-Jo1u-DrtJshcQuCSOUXVbNMjhaw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:56:56 GMT
age: 59544
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10032
Md5:    aa150280eb113504d61a25935c0f0127
Sha1:   ed04f74fbb4c77b21e2babc51a82857f5e23d169
Sha256: 07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9935
x-amzn-requestid: 9eb8463d-172a-40a2-8eed-3c97b1260afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQ5FARoAMFXQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2738-3709a2f22ecc033532223b26;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:38:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e5eETCL5yFnoG4HPx0Qv8hjGnlXx5vOL4syMx9uato8nuIHkSvMezg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:53:50 GMT
age: 59730
etag: "a30f9044330824e70dde0dcc785890d981e6fdf5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9935
Md5:    55d224ac83a417772c98bc5080fb6689
Sha1:   a30f9044330824e70dde0dcc785890d981e6fdf5
Sha256: b2ea4dea200109019a65834b98e31e8fac718a199513810a2819858be2b4470a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10279
x-amzn-requestid: 0f361c26-1f12-421a-9752-7d4fcdf839ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4V65GTXIAMF9-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd045-25677a637307879044de8242;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:14:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NcnEyVD-vG10pOpPCBMjKGqVw-rstkPIt-oqkIc5urAGE934fxL0VQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 04:12:38 GMT
age: 37002
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10279
Md5:    8ea5f06ad31f0cedd2cb5c6df82f35f4
Sha1:   60a83a1618ffae06e49ca3002bac1db9980dcfe8
Sha256: 5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6386
x-amzn-requestid: 4380489e-d0ba-4f67-ac4f-67619ba34422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7shGHryIAMF6zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e27a0-005f9c783c7722f16c178026;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:39:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: RuUOjTDRTkcaGFf_hTWrHZ89edOajgGUdl5PjbaUV7CUppat6IYsRg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:52:36 GMT
age: 59804
etag: "f6f926be6e265a597aaede424f05fcd7c76fcc20"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6386
Md5:    d8d9af95acfc8b9b431eb1e020157f6d
Sha1:   f6f926be6e265a597aaede424f05fcd7c76fcc20
Sha256: 0b61d6cb0e0908cb8d303b9e951e2854166bd232e0291b5d698a6b757c064e88
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7963
x-amzn-requestid: cadfa4ff-473d-4927-bdf6-3aad64cddf18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQbHTCIAMFfZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2735-41d711e5210099aa6273dd86;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: g0NS7XamCzSMKmm1-mLnWLwUuBoJczvwSmTb0c_7klsY78wbrg4bRw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:57:02 GMT
age: 59538
etag: "d2180d40ceb16924a87a41aad90dedb0bb912085"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7963
Md5:    5a4b36e1bf29c9c82f069cdd3c50874c
Sha1:   d2180d40ceb16924a87a41aad90dedb0bb912085
Sha256: aab96d28ea8e21e6d37449eba400cac45acced1825ebdb27853d17ae4f993b00
                                        
                                            GET /stats/0.php?4513633&@f16&@g0&@h2&@i1&@j1664029758659&@k102&@l2&@mMagical%20Sempai%20-%20Episode%201%20VOSTFR%20streaming%20-%20IAnime&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:117494642&@b3:1664029759&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fianime-fr.com%2Fmagical-sempai-episode-1-vostfr%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ianime-fr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.99.0.58
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Sat, 24 Sep 2022 14:29:20 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    12e78f2be2426ac8cba05c57e545ea0f
Sha1:   1b5cd8131766fca9871be208c3c73c6bce34918a
Sha256: 846591883ac03b9c4f9a665762b37d84be65f02d52422ddd897827d1495d1711
                                        
                                            OPTIONS /9?z=5170166&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fianime-fr.com%2Fmagical-sempai-episode-1-vostfr%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=656fa0616a8f40b68af316cd3fc808e1 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ianime-fr.com/
Origin: https://ianime-fr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 204 No Content
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ianime-fr.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /custom HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ianime-fr.com/
Origin: https://ianime-fr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
content-length: 0
access-control-allow-origin: https://ianime-fr.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /11?rnd=1914906899&z=5170166&b=14812988&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=aNEGMaM9nTZZ7jDPa3VaVyAMafz0BK7RwM-hLqSaY8tIFIoG2qKdUutX_mrpEnQ3Q4B7JRlS13eKVVZ9MFlyDp3fKxa9QgnhaaO0sxr6PktlwSWpvLnhbUWjcZNIfDxd0pqEmFJOTNRRr-eIjV47DlTv1kshTtl4rw94AF23LgV8FsHaVOdDhkiYwKxqP071K8pSmBDLFIuD0ENpi751fLuav9aCjfkE8399o6D0tjMB1BP8my25cpLxYO1ZZic73dxI98AaSkJpzPvHWJQXGY08zr3cA2LKgVwLCkiLu88ErbRbO2bD7RvYtFJSao2ioJkcf-o6jQpF291tYKE0rqMIJEbPotJ8PvRFQhQFukYwNt_vhgzqg1oaAWu_edIoxSO-T6w921UPvnvx6TppHi56-FSwEJjJkk00qQtYNT-zLy607YI21b-czdhcVh0PT7nHQ9l65b8YEnm42YZHjcIkrJ64Pis9oRrQZJHgzJcPr_o1MIoY6pGMMhI6O6l3JM4feZMZeoKNAcWe6exeMVA7Fcik9RM-OphccnkLWlQay1Ux6shiNyz9rQzzivhCDxFGdAthNOoPZZSVbDPthLP0nJVUtHvvXQkqnuN0qrSAAzMv02TKLek7ZkDNt0ePEt1Wvxy33Hnb0wi-5bBmrQ==&ruid=371f6a11-6bed-4d29-b8c3-0c8c675fb0fa&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fianime-fr.com%2Fmagical-sempai-episode-1-vostfr%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ot=300 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ianime-fr.com
Connection: keep-alive
Referer: https://ianime-fr.com/
Cookie: scm=1; OAID=656fa0616a8f40b68af316cd3fc808e1; oaidts=1664029759
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ianime-fr.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 5f0c5ee7d176923290e5b3788cce2f98
access-control-expose-headers: X-Sc
set-cookie: OAID=656fa0616a8f40b68af316cd3fc808e1; expires=Sun, 24 Sep 2023 14:29:20 GMT; secure; SameSite=None oaidts=1664029759; expires=Sun, 24 Sep 2023 14:29:20 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /custom HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ianime-fr.com/
Content-Type: application/json
Origin: https://ianime-fr.com
Content-Length: 395
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
content-length: 39
x-trace-id: 5ac2f14f9fd4cf5cf4e79522fb83b35f
access-control-allow-origin: https://ianime-fr.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /custom HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ianime-fr.com/
Content-Type: application/json
Origin: https://ianime-fr.com
Content-Length: 380
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
content-length: 39
x-trace-id: e77d272d63e4021687cb5c1b42921c07
access-control-allow-origin: https://ianime-fr.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2541
Md5:    717ae398be453ce7c2b0dff363e89540
Sha1:   2316c3505185de21db46ce6bfa714fb1244ba757
Sha256: 1f987545535d44c00eb0caed7927e791c8ca38c9c9a0e43800f3a7518c8ef6d7

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /custom HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ianime-fr.com/
Content-Type: application/json
Origin: https://ianime-fr.com
Content-Length: 747
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
content-length: 39
x-trace-id: c61bdaf3f73e4788e6039f55c154126e
access-control-allow-origin: https://ianime-fr.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DE1B914BC0B575F9DCDA2ABCDFEF76F849E371F858BF07011B04B23404260C24"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17046
Expires: Sat, 24 Sep 2022 19:13:26 GMT
Date: Sat, 24 Sep 2022 14:29:20 GMT
Connection: keep-alive

                                        
                                            GET /gid.js?pub=0&userId=518b91286dd84983be5e62544e81eb82&zoneId=5170167&checkDuplicate=true&ymid=&var= HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ianime-fr.com/
Origin: https://ianime-fr.com
Connection: keep-alive
Cookie: ID=656fa0616a8f40b68af316cd3fc808e1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
content-length: 65
access-control-allow-origin: https://ianime-fr.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=656fa0616a8f40b68af316cd3fc808e1; expires=Sun, 24 Sep 2023 14:29:20 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    44a2379cfc2175aa16f323644e57202f
Sha1:   f8769df01a8dd033e48d2c9e5afb76a37ef8bafa
Sha256: 52062bbe21d8d9eaf27c71378e747f93c14dad851ff35e69f0a995f92815e486
                                        
                                            GET /www/images/3d08aacb36c7474e0d13b60f8f4adc14.png HTTP/1.1 
Host: offerimage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ianime-fr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.22.216
HTTP/2 200 OK
content-type: image/png
                                        
date: Sat, 24 Sep 2022 14:29:20 GMT
content-length: 66121
last-modified: Thu, 10 Dec 2020 17:24:49 GMT
etag: "5fd259e1-10249"
expires: Sun, 25 Sep 2022 13:33:25 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 3355
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc3632b8b1b51d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   66121
Md5:    3d08aacb36c7474e0d13b60f8f4adc14
Sha1:   e4af2de372b5e3a2211579a5973ef7ed160e7be4
Sha256: 54b0569cf052e12dd373e86031009d0a54a893275a21c2ef863277a9a978ab1c
                                        
                                            GET /11?rnd=2411778403&z=5170166&b=14505327&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=ezCWK0912-_bCVNGOJ_9syPHTusTZctHeZ3P8MrISB4OZO6u6WlfcGN6Av5gCwMukAZEDjOI70qhiKjvArclAY_fWEmeUw6cu5CmDc_4VvOmLZYXd8Om5xLkoHoSgtIEjJ33s7fC7IJQ2TLhrjiVNVQaJY3aXmhJ1se10dRg7u0UH6d23lg1Wcq7yY0F_hNRLMq2AVtJA0Gl_RigU9l8aH1difmY-J4GMihLkP9SsUNrWiJRuWnV1uFjjfo6T6fGOBxz1YtVEClSQJc1yImsqD_dOd4yQqKISp672e6voJ3yg8IyPi4YzlKGRnJbKTR7OnWjUwJbUZsr-EdCXRiyOTki8rxgM6bUYKJ4H_c07b5xwuM_vx_djv7lhS1GiwiKL_OSU-sfYvf64LtrBv-VFflhyyHfBAhxl_GKCh7xQ8MlsN8y8jrpXyD31G4yiH4XQA1vb5dRR5jW0DcAJC1cGBj27U81fYiqWROmpikXc00pQccMCKY7lNYeU9b3OUdWXxVJIPTvkl3VhgdCjIUV0SOLxszxqFHer8XSUEtkymKiE50xeIYOu2YkhY3QwPVmCG_RVJ76f3O-_0lrJ31va2jzF-hvZGxCAGByfELfySCXa8-YSDpIN9VidWucyTfWmAQa1MJ-ZnQ2PWTrbwbejA==&ruid=cf094b14-5786-4c0d-90b4-4c0075ca0318&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fianime-fr.com%2Fmagical-sempai-episode-1-vostfr%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ot=218 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ianime-fr.com
Connection: keep-alive
Referer: https://ianime-fr.com/
Cookie: scm=1; OAID=656fa0616a8f40b68af316cd3fc808e1; oaidts=1664029759
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ianime-fr.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: f0444cf475f833b2f06c0f9d3c6117a9
access-control-expose-headers: X-Sc
set-cookie: OAID=656fa0616a8f40b68af316cd3fc808e1; expires=Sun, 24 Sep 2023 14:29:20 GMT; secure; SameSite=None oaidts=1664029759; expires=Sun, 24 Sep 2023 14:29:20 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 14:29:20 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 03:02:15 GMT
Expires: Fri, 30 Sep 2022 03:02:14 GMT
Etag: "b2673f83983c7590c1898a953c55e41b100dfea5"
Cache-Control: max-age=476573,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fc36323b68b51e-OSL

                                        
                                            GET /contents/s/5b/f4/e6/f22046109fdc23a5aac1620be3/0829937400067.jpeg HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=BsffwaFC63kXM5A&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D3429122312%26z%3D5170166%26b%3D14812988%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DaNEGMaM9nTZZ7jDPa3VaVyAMafz0BK7RwM-hLqSaY8tIFIoG2qKdUutX_mrpEnQ3Q4B7JRlS13eKVVZ9MFlyDp3fKxa9QgnhaaO0sxr6PktlwSWpvLnhbUWjcZNIfDxd0pqEmFJOTNRRr-eIjV47DlTv1kshTtl4rw94AF23LgV8FsHaVOdDhkiYwKxqP071K8pSmBDLFIuD0ENpi751fLuav9aCjfkE8399o6D0tjMB1BP8my25cpLxYO1ZZic73dxI98AaSkJpzPvHWJQXGY08zr3cA2LKgVwLCkiLu88ErbRbO2bD7RvYtFJSao2ioJkcf-o6jQpF291tYKE0rqMIJEbPotJ8PvRFQhQFukYwNt_vhgzqg1oaAWu_edIoxSO-T6w921UPvnvx6TppHi56-FSwEJjJkk00qQtYNT-zLy607YI21b-czdhcVh0PT7nHQ9l65b8YEnm42YZHjcIkrJ64Pis9oRrQZJHgzJcPr_o1MIoY6pGMMhI6O6l3JM4feZMZeoKNAcWe6exeMVA7Fcik9RM-OphccnkLWlQay1Ux6shiNyz9rQzzivhCDxFGdAthNOoPZZSVbDPthLP0nJVUtHvvXQkqnuN0qrSAAzMv02TKLek7ZkDNt0ePEt1Wvxy33Hnb0wi-5bBmrQ%3D%3D%26bag%3DK9GC8xFjczykNNyRrWsoXw%3D%3D%26ruid%3D371f6a11-6bed-4d29-b8c3-0c8c675fb0fa%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fianime-fr.com%252Fmagical-sempai-episode-1-vostfr%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         139.45.197.151
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
content-length: 24846
last-modified: Wed, 01 Jun 2022 16:33:28 GMT
etag: "629794d8-610e"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Size:   24846
Md5:    5bf4e6f22046109fdc23a5aac1620be3
Sha1:   2b5d2dce336d86c63f6dfde19cd130166d29b221
Sha256: 11753e6268755b305837fe7e6f8c740862b68bc32ff79a2e86e18c6b5ebb60cc
                                        
                                            GET /?l=BsffwaFC63kXM5A&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D3429122312%26z%3D5170166%26b%3D14812988%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DaNEGMaM9nTZZ7jDPa3VaVyAMafz0BK7RwM-hLqSaY8tIFIoG2qKdUutX_mrpEnQ3Q4B7JRlS13eKVVZ9MFlyDp3fKxa9QgnhaaO0sxr6PktlwSWpvLnhbUWjcZNIfDxd0pqEmFJOTNRRr-eIjV47DlTv1kshTtl4rw94AF23LgV8FsHaVOdDhkiYwKxqP071K8pSmBDLFIuD0ENpi751fLuav9aCjfkE8399o6D0tjMB1BP8my25cpLxYO1ZZic73dxI98AaSkJpzPvHWJQXGY08zr3cA2LKgVwLCkiLu88ErbRbO2bD7RvYtFJSao2ioJkcf-o6jQpF291tYKE0rqMIJEbPotJ8PvRFQhQFukYwNt_vhgzqg1oaAWu_edIoxSO-T6w921UPvnvx6TppHi56-FSwEJjJkk00qQtYNT-zLy607YI21b-czdhcVh0PT7nHQ9l65b8YEnm42YZHjcIkrJ64Pis9oRrQZJHgzJcPr_o1MIoY6pGMMhI6O6l3JM4feZMZeoKNAcWe6exeMVA7Fcik9RM-OphccnkLWlQay1Ux6shiNyz9rQzzivhCDxFGdAthNOoPZZSVbDPthLP0nJVUtHvvXQkqnuN0qrSAAzMv02TKLek7ZkDNt0ePEt1Wvxy33Hnb0wi-5bBmrQ%3D%3D%26bag%3DK9GC8xFjczykNNyRrWsoXw%3D%3D%26ruid%3D371f6a11-6bed-4d29-b8c3-0c8c675fb0fa%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fianime-fr.com%252Fmagical-sempai-episode-1-vostfr%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ianime-fr.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.151
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.27
set-cookie: reverse=qqqoqdoKQjNkumkvQoE_ZWxagZGRCck7hQc6eOEUdNE; expires=Sat, 24-Sep-2022 15:29:20 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3427
Md5:    9208cfa2ad98679a71e167e41d73efa0
Sha1:   3766c9167ce3988ba0606ca57ba0200c5c5c20c2
Sha256: 1218d67e8323560c1906167894ba058ad846ba25fbca68fe246b2a89863363d8
                                        
                                            GET /pfe/current/defaultSkin.min.js HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ianime-fr.com/
Origin: https://ianime-fr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: W/"63296afd-df63"
access-control-allow-origin: https://ianime-fr.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   75935
Md5:    3519062eb7242e7e298c8d961189c9d7
Sha1:   2bcd362d9307d23ec829e7343d19d8c582afc064
Sha256: 43855dd9ee3f65045e40679ca115c4ede7c71d01c6d270cc6edadda6c7285437

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /contents/s/22/c3/d7/36b6f5657cde24feae14c9773b/0608422639029.jpeg HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=LwdKU8Wvki6zNcF&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D1708554391%26z%3D5170166%26b%3D14505327%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DezCWK0912-_bCVNGOJ_9syPHTusTZctHeZ3P8MrISB4OZO6u6WlfcGN6Av5gCwMukAZEDjOI70qhiKjvArclAY_fWEmeUw6cu5CmDc_4VvOmLZYXd8Om5xLkoHoSgtIEjJ33s7fC7IJQ2TLhrjiVNVQaJY3aXmhJ1se10dRg7u0UH6d23lg1Wcq7yY0F_hNRLMq2AVtJA0Gl_RigU9l8aH1difmY-J4GMihLkP9SsUNrWiJRuWnV1uFjjfo6T6fGOBxz1YtVEClSQJc1yImsqD_dOd4yQqKISp672e6voJ3yg8IyPi4YzlKGRnJbKTR7OnWjUwJbUZsr-EdCXRiyOTki8rxgM6bUYKJ4H_c07b5xwuM_vx_djv7lhS1GiwiKL_OSU-sfYvf64LtrBv-VFflhyyHfBAhxl_GKCh7xQ8MlsN8y8jrpXyD31G4yiH4XQA1vb5dRR5jW0DcAJC1cGBj27U81fYiqWROmpikXc00pQccMCKY7lNYeU9b3OUdWXxVJIPTvkl3VhgdCjIUV0SOLxszxqFHer8XSUEtkymKiE50xeIYOu2YkhY3QwPVmCG_RVJ76f3O-_0lrJ31va2jzF-hvZGxCAGByfELfySCXa8-YSDpIN9VidWucyTfWmAQa1MJ-ZnQ2PWTrbwbejA%3D%3D%26bag%3DK9GC8xFjczykNNyRrWsoXw%3D%3D%26ruid%3Dcf094b14-5786-4c0d-90b4-4c0075ca0318%26ng%3D1%26ix%3D1%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fianime-fr.com%252Fmagical-sempai-episode-1-vostfr%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         139.45.197.151
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
content-length: 25424
last-modified: Mon, 21 Mar 2022 17:16:40 GMT
etag: "6238b2f8-6350"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Size:   25424
Md5:    22c3d736b6f5657cde24feae14c9773b
Sha1:   126151dc35c149dad2aa1e7ad40856eda756a0a3
Sha256: 686dabfa96f39e22f655edd3bf99484caf1aa3b63165e6d47ae6c6c2de974bec
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 14:29:20 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 03:02:15 GMT
Expires: Fri, 30 Sep 2022 03:02:14 GMT
Etag: "b2673f83983c7590c1898a953c55e41b100dfea5"
Cache-Control: max-age=476573,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fc3632fcd00b31-OSL

                                        
                                            GET /apu.php?zoneid=5307276 HTTP/1.1 
Host: cdn.itskiddoan.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ianime-fr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.236
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
content-length: 968
x-trace-id: 65ca7dd63937994532e19e736df71b6b
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=d0fad27212844739a7da86c7141f8d9e; expires=Sun, 24 Sep 2023 14:29:20 GMT; path=/; secure; SameSite=None oaidts=1664029760; expires=Sun, 24 Sep 2023 14:29:20 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (801)
Size:   968
Md5:    5399824d020fe6d02a52b9cbc8adb26f
Sha1:   7a8ec0daaa8865ca8bea06908a9a2fc6dbf87cc8
Sha256: b75abfa215e335534e2799eaffd541975cecd6d3aebefbd6a090e0db6959a76c
                                        
                                            GET /contents/s/ad/18/0b/3aac326b9289a67e128b909273/0826749865589.jpeg HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=LwdKU8Wvki6zNcF&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D1708554391%26z%3D5170166%26b%3D14505327%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DezCWK0912-_bCVNGOJ_9syPHTusTZctHeZ3P8MrISB4OZO6u6WlfcGN6Av5gCwMukAZEDjOI70qhiKjvArclAY_fWEmeUw6cu5CmDc_4VvOmLZYXd8Om5xLkoHoSgtIEjJ33s7fC7IJQ2TLhrjiVNVQaJY3aXmhJ1se10dRg7u0UH6d23lg1Wcq7yY0F_hNRLMq2AVtJA0Gl_RigU9l8aH1difmY-J4GMihLkP9SsUNrWiJRuWnV1uFjjfo6T6fGOBxz1YtVEClSQJc1yImsqD_dOd4yQqKISp672e6voJ3yg8IyPi4YzlKGRnJbKTR7OnWjUwJbUZsr-EdCXRiyOTki8rxgM6bUYKJ4H_c07b5xwuM_vx_djv7lhS1GiwiKL_OSU-sfYvf64LtrBv-VFflhyyHfBAhxl_GKCh7xQ8MlsN8y8jrpXyD31G4yiH4XQA1vb5dRR5jW0DcAJC1cGBj27U81fYiqWROmpikXc00pQccMCKY7lNYeU9b3OUdWXxVJIPTvkl3VhgdCjIUV0SOLxszxqFHer8XSUEtkymKiE50xeIYOu2YkhY3QwPVmCG_RVJ76f3O-_0lrJ31va2jzF-hvZGxCAGByfELfySCXa8-YSDpIN9VidWucyTfWmAQa1MJ-ZnQ2PWTrbwbejA%3D%3D%26bag%3DK9GC8xFjczykNNyRrWsoXw%3D%3D%26ruid%3Dcf094b14-5786-4c0d-90b4-4c0075ca0318%26ng%3D1%26ix%3D1%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fianime-fr.com%252Fmagical-sempai-episode-1-vostfr%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         139.45.197.151
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
content-length: 64787
last-modified: Tue, 12 Apr 2022 16:09:22 GMT
etag: "6255a432-fd13"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Size:   64787
Md5:    ad180b3aac326b9289a67e128b909273
Sha1:   ba733f261d913ab102602e449058a72d515f943b
Sha256: 202defc20d82c83f15257ccaac9cf945e9802406c4f8288178e46d8977920536
                                        
                                            POST /custom HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ianime-fr.com/
Content-Type: application/json
Origin: https://ianime-fr.com
Content-Length: 377
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
content-length: 39
x-trace-id: 02bd6609e0d392999ca5c5ce3bea3f91
access-control-allow-origin: https://ianime-fr.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /apu.php?zoneid=5307276 HTTP/1.1 
Host: cdn.itskiddoan.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ianime-fr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
content-length: 968
x-trace-id: bc8597be150291d54e711f52703929c8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=a3049c1f68fd467a90d1bcd38346aa0b; expires=Sun, 24 Sep 2023 14:29:20 GMT; path=/; secure; SameSite=None oaidts=1664029760; expires=Sun, 24 Sep 2023 14:29:20 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (801)
Size:   968
Md5:    5399824d020fe6d02a52b9cbc8adb26f
Sha1:   7a8ec0daaa8865ca8bea06908a9a2fc6dbf87cc8
Sha256: b75abfa215e335534e2799eaffd541975cecd6d3aebefbd6a090e0db6959a76c
                                        
                                            GET /500/5170165?excludes=&oaid=656fa0616a8f40b68af316cd3fc808e1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fianime-fr.com%2Fmagical-sempai-episode-1-vostfr%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ianime-fr.com
Connection: keep-alive
Referer: https://ianime-fr.com/
Cookie: OAID=b908c58a55c34e45ab9ac2336c50f10f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
x-trace-id: 55234bd114f0bee4ae2565e779894587
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://ianime-fr.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=656fa0616a8f40b68af316cd3fc808e1; expires=Sun, 24 Sep 2023 14:29:20 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (1458), with no line terminators
Size:   1173
Md5:    99d8e59dd2c71f8af2700b5c4f0719e0
Sha1:   4207519547fb82f8bc4c6eb6a8a9c71a38c60eef
Sha256: 44da132393744e3a432171e7a5e2d50d19f1eac24dd469de27806dc6cbd4cf65
                                        
                                            GET /fv.js?t=72747&cb=686929384 HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.236
HTTP/2 200 OK
content-type: text/javascript; charset=utf8
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 522179bae08abaa133e44e6ecb3902e6
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5213), with no line terminators
Size:   2153
Md5:    0254fb1dad74628b7ad0f97d304fac92
Sha1:   35f7af13a08eb87023ec7df4d3c35c21b2cde79d
Sha256: 47fb6ce428ca80ea69b772e4f66e4e5c622a4005db601746033d04511bd27536

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 204 No Content
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 645853069377ec9b99fd9a722b39bca3
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 204 No Content
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 35d6679b2d6d954690c5ffcde197a1ba
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /impression/OYDi5M61GwFSdqHkxoZPP3yuabso3ZQzhJd0ZihoYi1QgbxHGG2lmIPQa4rJjNMro-oeNaaIMXsQcG4SlZFp8qJ-w8O3DLNrrEjMFmenmp1sKaRzUvAtgVD-a6VE-bd12_fH2sHpza1LsCL0JVGTHvug-zK-rRRgy6ehVeEYf4CeK9bZRgCQC5-RaQYICjLDQixzDxD0qQskYEwOsuEXountLdqbZF2q7pzUYjU52gdfNesr0kFsGoFraSBj7tmIFwe5j5x_a1JcmNIpLrERKFHUWQdf_X9Qcr1jtBad5SHN9Me3jqCGClGg0eiii5AwgHt0Cr27o9RCE9xeo4qex_K4_eefP_wBmPnIWHRH6qXxK6PtYUtKGz_x_qpd55a2wHuHy3xGSpX2gR1UOIUSRMIUScB7N_rkhpmTqMjg93KcoIETsAMLMkzKo3vi4RCDRv4sZ_i7EhCQlB4dkMtOs4A3reVYSHUFQ-p9eNELjYr52iL7bSmDZsjRlKpTl_VYhHsiVBXp3uh8uCdvND3wbgneaUylo8O8-cw1JuK95UCi4Z1u1E2ylbM9fG_WcGPW5wiYNWaaCphi3IuyJAj5dmV-FfFixQOd?_z=5170165&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fianime-fr.com%2Fmagical-sempai-episode-1-vostfr%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ianime-fr.com/
Cookie: OAID=656fa0616a8f40b68af316cd3fc808e1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:24 GMT
content-length: 43
x-trace-id: 1ae537321315f5a909a9ef02d8434390
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            POST /custom HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ianime-fr.com/
Content-Type: application/json
Origin: https://ianime-fr.com
Content-Length: 403
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:26 GMT
content-length: 39
x-trace-id: b603274e312680041feaf52ea0eb61cc
access-control-allow-origin: https://ianime-fr.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /gid.js?pub=0&userId=518b91286dd84983be5e62544e81eb82&zoneId=5170167&checkDuplicate=true&ymid=&var= HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ianime-fr.com/
Origin: https://ianime-fr.com
Connection: keep-alive
Cookie: ID=656fa0616a8f40b68af316cd3fc808e1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:26 GMT
content-length: 65
access-control-allow-origin: https://ianime-fr.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=656fa0616a8f40b68af316cd3fc808e1; expires=Sun, 24 Sep 2023 14:29:26 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    44a2379cfc2175aa16f323644e57202f
Sha1:   f8769df01a8dd033e48d2c9e5afb76a37ef8bafa
Sha256: 52062bbe21d8d9eaf27c71378e747f93c14dad851ff35e69f0a995f92815e486
                                        
                                            GET /?rb=1MC15Uxc5ZdMZa2CIPWtWBoeFy8-cbG2uUqbEsoKuNd5eLr97tk8mQTHwxtBKvPUYIBlr6tzkO0_IJsam5_-WnI22jzGlxVeeNmVhV87rKYtgHHZerITtpCp_zLf9Io3ZBrDoUsUhbuJ5OLPgS3os-eUetGlDjLdToRkjmvciQTUb6J68nGTK4k8yzgbHrJsQSqvRT9n_F4lh4OB-WSRBA%3D%3D&request_ab2=0&zoneid=5170168&js_build=iclick-v1.430.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1080&wiw=1080&wih=608&wfc=2&pl=https%3A%2F%2Fianime-fr.com%2Fv%2Fmy4jxu57dn15d-2&drf=https%3A%2F%2Fianime-fr.com%2Fmagical-sempai-episode-1-vostfr%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.430.0&bs=0edb54ab-7671-4c34-a717-73aa8dc9a9de&userId=656fa0616a8f40b68af316cd3fc808e1&m=link HTTP/1.1 
Host: onmarshtompor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ianime-fr.com/
Origin: https://ianime-fr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.243
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
x-trace-id: 756ff5a8a7b14cf9720daf697db389d2
access-control-allow-origin: https://ianime-fr.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=656fa0616a8f40b68af316cd3fc808e1; expires=Sun, 24 Sep 2023 14:29:20 GMT; path=/; secure; SameSite=None oaidts=1664029760; expires=Sun, 24 Sep 2023 14:29:20 GMT; path=/; secure; SameSite=None syncedCookie=true; expires=Sat, 01 Oct 2022 14:29:20 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /tag.min.js HTTP/1.1 
Host: inklinkor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ianime-fr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.91.63
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
date: Sat, 24 Sep 2022 14:29:18 GMT
x-trace-id: 3481c6005e902120c56b4e49188e568e
cache-control: max-age=86400
last-modified: Fri, 23 Sep 2022 16:05:00 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Sun, 25 Sep 2022 13:44:58 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 2660
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oOiFmygu%2BM1yOzJkXVXMpAJ0GdnfLvMBzZUIB5gZ1M7aEIAJNRRpw%2BldZ7QDUqbObebOPojyCRWnmjMp7mGaLS2bx5o59WYmFH5Xip%2B92njajR8qhJx%2Bo1ZuXoyYDyij"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc36293c9ab500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /magical-sempai-episode-1-vostfr/ HTTP/1.1 
Host: ianime-fr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         172.67.151.11
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Sat, 24 Sep 2022 14:29:18 GMT
vary: X-Forwarded-Proto,Accept-Encoding
last-modified: Sat, 24 Sep 2022 08:27:56 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s9NcVfngG7Eb5Eb9PnzGiIcQPrDlABA6rLQhjX3CIEiUE%2BmCP3El2PTdR2CvaWvC70duUA1KyJ7ZvLAdXS6kjcQGFeR%2BxBUn1D4qyGZL9VrSDTSU%2BWlOiCdxfag2W8le"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fc3626ffb7b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /5/5170168/?oo=1&js_build=iclick-v1.430.0 HTTP/1.1 
Host: bedrapiona.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ianime-fr.com
Connection: keep-alive
Referer: https://ianime-fr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.234
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:19 GMT
x-trace-id: 51acf0884e2cd999d0a559a0518d2933
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://ianime-fr.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=656fa0616a8f40b68af316cd3fc808e1; expires=Sun, 24 Sep 2023 14:29:19 GMT; path=/; secure; SameSite=None oaidts=1664029759; expires=Sun, 24 Sep 2023 14:29:19 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /9?z=5170166&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fianime-fr.com%2Fmagical-sempai-episode-1-vostfr%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=656fa0616a8f40b68af316cd3fc808e1 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 69
Origin: https://ianime-fr.com
Connection: keep-alive
Referer: https://ianime-fr.com/
Cookie: scm=1; OAID=656fa0616a8f40b68af316cd3fc808e1; oaidts=1664029759
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ianime-fr.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: e05aba0324988ae4e39f52a7429e3584
access-control-expose-headers: X-Sc
set-cookie: OAID=656fa0616a8f40b68af316cd3fc808e1; expires=Sun, 24 Sep 2023 14:29:20 GMT; secure; SameSite=None oaidts=1664029759; expires=Sun, 24 Sep 2023 14:29:20 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /stattag.js HTTP/1.1 
Host: tzegilo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ianime-fr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.84.149
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 24 Sep 2022 14:29:19 GMT
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2444
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BedMF47mll%2F7DO50SQXo3ZVLq6v8wl%2FFAaMn2qcQKhvW2mBpZ4c2XTlg8bjLmT6Y987Ts30EDX8MvOvwG4lL%2Bg2UnFCaKwaiZphpG89n1JdT9VHKGCyvrx4HdlORjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc362d897eb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /player-0.0.10.min.js HTTP/1.1 
Host: cdn.embed.ly
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendvid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.89.50
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 24 Sep 2022 14:29:19 GMT
x-amz-id-2: 2ekDMzp17cq+gx1XMEIjDm/2Yqub/sluON7pfkIdmWy0/vD4wg7dmdpaKc19xTumUNMmib4Juf8=
x-amz-request-id: 52W0RSDB5W1CQYN1
cache-control: public, max-age=14400
last-modified: Wed, 07 May 2014 11:38:57 GMT
x-amz-version-id: null
etag: W/"c613d6445cca8cf218e42bc06f189b3b"
cf-cache-status: HIT
age: 72
expires: Sat, 24 Sep 2022 18:29:19 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc362afa57b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /pfe/current/tag.min.js?z=5170167 HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ianime-fr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:19 GMT
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: W/"63296afd-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/player-9fec1f58351fca04074257d19bf19803.js HTTP/1.1 
Host: sendvid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendvid.com/embed/p0f2o0gu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.142.86
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.20.1
Date: Sat, 24 Sep 2022 14:29:19 GMT
Content-Length: 877017
Last-Modified: Tue, 19 Apr 2022 14:59:08 GMT
Connection: keep-alive
Expires: Sun, 24 Sep 2023 14:29:19 GMT
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes


--- Additional Info ---
                                        
                                            GET /?l=LwdKU8Wvki6zNcF&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D1708554391%26z%3D5170166%26b%3D14505327%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DezCWK0912-_bCVNGOJ_9syPHTusTZctHeZ3P8MrISB4OZO6u6WlfcGN6Av5gCwMukAZEDjOI70qhiKjvArclAY_fWEmeUw6cu5CmDc_4VvOmLZYXd8Om5xLkoHoSgtIEjJ33s7fC7IJQ2TLhrjiVNVQaJY3aXmhJ1se10dRg7u0UH6d23lg1Wcq7yY0F_hNRLMq2AVtJA0Gl_RigU9l8aH1difmY-J4GMihLkP9SsUNrWiJRuWnV1uFjjfo6T6fGOBxz1YtVEClSQJc1yImsqD_dOd4yQqKISp672e6voJ3yg8IyPi4YzlKGRnJbKTR7OnWjUwJbUZsr-EdCXRiyOTki8rxgM6bUYKJ4H_c07b5xwuM_vx_djv7lhS1GiwiKL_OSU-sfYvf64LtrBv-VFflhyyHfBAhxl_GKCh7xQ8MlsN8y8jrpXyD31G4yiH4XQA1vb5dRR5jW0DcAJC1cGBj27U81fYiqWROmpikXc00pQccMCKY7lNYeU9b3OUdWXxVJIPTvkl3VhgdCjIUV0SOLxszxqFHer8XSUEtkymKiE50xeIYOu2YkhY3QwPVmCG_RVJ76f3O-_0lrJ31va2jzF-hvZGxCAGByfELfySCXa8-YSDpIN9VidWucyTfWmAQa1MJ-ZnQ2PWTrbwbejA%3D%3D%26bag%3DK9GC8xFjczykNNyRrWsoXw%3D%3D%26ruid%3Dcf094b14-5786-4c0d-90b4-4c0075ca0318%26ng%3D1%26ix%3D1%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fianime-fr.com%252Fmagical-sempai-episode-1-vostfr%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ianime-fr.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.151
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Sat, 24 Sep 2022 14:29:20 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.25
set-cookie: reverse=mmYuCRBNHsPF2wKlrEqQ_Hdt4D-6iswaLiNcXJigkTM; expires=Sat, 24-Sep-2022 15:29:20 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---