firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 18 Oct 2022 15:00:34 GMT
Expires: Tue, 18 Oct 2022 15:20:21 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zWENxuXM-6cKMfdh8D1MGSjfSzCCMqE7vpbOZpRvFJrur_6FcXOv5g==
Age: 822
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 10ab470535c002d333b4f27d38b51091
ed3b0850c5d75881de410f7e8ca35e012e38bd38
31d6655d048ec8a62e00125766fea65cde04beae0b11f12ce7f722c9a5f7e232
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "31D6655D048EC8A62E00125766FEA65CDE04BEAE0B11F12CE7F722C9A5F7E232"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4300
Expires: Tue, 18 Oct 2022 16:25:56 GMT
Date: Tue, 18 Oct 2022 15:14:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 533e1d53f291993ed5886f88a85c6e55
eb4396e8422f71168d32ac6ff3ef49496f625e62
0d1b73b2a228fe76bf14688e603741025a40803971e05570f873b28788334b33
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D1B73B2A228FE76BF14688E603741025A40803971E05570F873B28788334B33"
Last-Modified: Mon, 17 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11853
Expires: Tue, 18 Oct 2022 18:31:49 GMT
Date: Tue, 18 Oct 2022 15:14:16 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: SXrOlXMczKLnQkt1nJ7Fapg5U/uuNZ6By7rLMs2Pz9W228koEPa3tms2ALcd3c19e3LL59soqmQ=
x-amz-request-id: EFS24JPCSWRYES31
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 18 Oct 2022 15:03:53 GMT
age: 623
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 15:14:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
kickassanime.cc/chainsaw-man
172.67.188.230301 Moved Permanently 162 B URL HTTP/1.1 kickassanime.cc/chainsaw-man
IP 172.67.188.230:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 0c7d483bf9ae48584aaa8ac5d1f61cdd
6f0f5800b979066cdb300535a4a2ea0f467ff8d2
5e5c14e535f1310cdc30cfaeeadd83bba21b52102fd7f4eae41e28d33fa0530c
GET /chainsaw-man HTTP/1.1
Host: kickassanime.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 18 Oct 2022 15:14:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://kickassanime.cc/chainsaw-man
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DmaDlQNO2tFGED1RCAtBCGnWCH9sf7VghrcMY5L4N0BE4pW%2FDdZrZxTTsCdLm60BY%2FE8%2BoWdWoaZouK6gfZlxQJlh5z5vcES%2BdvExAy6%2FBQvpg18%2FNojzMbBpbY6%2FunPxzY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75c23905eff40b06-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5aa6f95ce90faf132ee87e115e9977fd
cbe703dd752107e58f93a8f2994380aa6217f513
a31870b42660a89677e31f1a243f51c3710d1756cea62f39343bc052b6e06ef4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=162987
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:17 GMT
Etag: "634e9c74-117"
Expires: Thu, 20 Oct 2022 12:30:44 GMT
Last-Modified: Tue, 18 Oct 2022 12:30:44 GMT
Server: nginx
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 18 Oct 2022 14:43:40 GMT
Expires: Tue, 18 Oct 2022 14:45:27 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tIWJeBLkbJCw20--3J58jHNnjZb5J-ZtjN5ycpanumi0EbGRYxXLaA==
Age: 1837
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c9b278637bdca251f78b46e4a0850473
a48fe5095fc27af1c6b6628149d9e8f655295621
eea38f271e134a85a7b586631a8831888ab81f0edb33120b26bd35cdfa032e52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3542
Cache-Control: max-age=150690
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:17 GMT
Etag: "634e5e95-1d7"
Expires: Thu, 20 Oct 2022 09:05:47 GMT
Last-Modified: Tue, 18 Oct 2022 08:06:45 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.242.32.27101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.32.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nYXGyip0HprwsQi2Ptnihw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vEZKjT+bqtCuoszSeoT6bFzflI0=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5aa6f95ce90faf132ee87e115e9977fd
cbe703dd752107e58f93a8f2994380aa6217f513
a31870b42660a89677e31f1a243f51c3710d1756cea62f39343bc052b6e06ef4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=162987
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:18 GMT
Etag: "634e9c74-117"
Expires: Thu, 20 Oct 2022 12:30:45 GMT
Last-Modified: Tue, 18 Oct 2022 12:30:44 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c0294b2cb214f959d3c331c372303a34
055f65ee8cb123b854edaf5d3e3946a289b12918
04ab21add8f01ad63f9798563fb968cf4b381cd50aeb1fc0ec43498e75cd8ff6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "04AB21ADD8F01AD63F9798563FB968CF4B381CD50AEB1FC0EC43498E75CD8FF6"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12520
Expires: Tue, 18 Oct 2022 18:42:58 GMT
Date: Tue, 18 Oct 2022 15:14:18 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash e2c464d4e4ea5f15a3e49ad57549c260
7bfc1c84c1c6d1f8069fa9e4ec5233eb3ee46d13
022cbc47b3c78a12f143082fb0ee78099a528b71a873603ae3de64d06098302b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash e2c464d4e4ea5f15a3e49ad57549c260
7bfc1c84c1c6d1f8069fa9e4ec5233eb3ee46d13
022cbc47b3c78a12f143082fb0ee78099a528b71a873603ae3de64d06098302b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.195200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 19172, version 1.0\012- data
Hash bc3aa95dca08f5fee5291e34959c27bc
7b7c670ef2f0ba7fc0ce6437e523ccbdc847fde2
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
GET /s/montserrat/v14/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kickassanime.cc
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19172
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 17 Oct 2022 21:56:03 GMT
expires: Tue, 17 Oct 2023 21:56:03 GMT
cache-control: public, max-age=31536000
age: 62295
last-modified: Tue, 23 Jul 2019 03:46:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
216.58.207.195200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 19480, version 1.0\012- data
Hash 39d93cf678c740f9f6b2b1cfde34bee3
0d98d755bbbdfbb0943665c2c2a644005952e4cd
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
GET /s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kickassanime.cc
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19480
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 18 Oct 2022 05:41:57 GMT
expires: Wed, 18 Oct 2023 05:41:57 GMT
cache-control: public, max-age=31536000
age: 34341
last-modified: Tue, 23 Jul 2019 03:47:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash badfa8970af89b2979a47786300a8399
fda3982376a0738d48a5f35fe4e31017a6b0bb20
8daa91d40df911fdb4d51bb423d598bfdcabedd1e0f37546e76434729078a529
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5992
Cache-Control: max-age=143051
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:18 GMT
Etag: "634e372d-118"
Expires: Thu, 20 Oct 2022 06:58:29 GMT
Last-Modified: Tue, 18 Oct 2022 05:18:37 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c190204159a1cbcfa30e3b35639f47ef
37f20a9f9e47377d8036d8cf8f2b5393d7e2a2d5
54acc7148382a5219d0c0d0ca5aa83c6fe65d6269415adc56a69d1c89373d9c8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c030912a47a5157cef60a2224d01c701
9aaee0150d03f077befa7a9180029f8078053564
7756353aee859972480a6863a5d3bf6b630ef9cadcd379b172f43ef23965369a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 510
Cache-Control: max-age=93648
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:18 GMT
Etag: "634d8b9c-1d7"
Expires: Wed, 19 Oct 2022 17:15:06 GMT
Last-Modified: Mon, 17 Oct 2022 17:06:36 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c030912a47a5157cef60a2224d01c701
9aaee0150d03f077befa7a9180029f8078053564
7756353aee859972480a6863a5d3bf6b630ef9cadcd379b172f43ef23965369a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1755
Cache-Control: max-age=94893
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:18 GMT
Etag: "634d8b9c-1d7"
Expires: Wed, 19 Oct 2022 17:35:51 GMT
Last-Modified: Mon, 17 Oct 2022 17:06:36 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 789f5fe5a9b6fc4c3773ee9b5237568c
e90fc4fbe68c55a48a47873d0e3cbe42639ff98b
5e460a4253cc0d96911978f084591e5518aeb6cb3d2bc8bfc2244c8c3a21362c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E460A4253CC0D96911978F084591E5518AEB6CB3D2BC8BFC2244C8C3A21362C"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5175
Expires: Tue, 18 Oct 2022 16:40:33 GMT
Date: Tue, 18 Oct 2022 15:14:18 GMT
Connection: keep-alive
in-page-push.com/400/3850975
139.45.197.15200 OK 31 kB URL HTTP/2 in-page-push.com/400/3850975
IP 139.45.197.15:0
Hash 92c35de33706335e080a50fedb043ec4
e94036c8c177d609da35cd0cfe90904d49757edd
8ce4e96dc46f28295870e5c9a6b231cafd29ad733c6795d6ffb1f220798d605a
Analyzer Verdict Alert quad9 Sinkholed
GET /400/3850975 HTTP/1.1
Host: in-page-push.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 15:14:18 GMT
content-type: application/javascript
x-trace-id: 860bae8c6c0dfeb8617c337cbc261545
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=44ff429e02a54e6a9a3acc025ab649e8; expires=Wed, 18 Oct 2023 15:14:18 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 2.0 kB IP 93.184.220.29:0
Hash 23cd9e19dce2bab1141e8b5f23ca5e54
311e59cfa3b062e61fed468665a85330fba43bba
5b995c87fab067ebbbe0f8abc0f7ee90d9244fa951ac21497b11daef114d3bce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5122
Cache-Control: max-age=147976
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:18 GMT
Etag: "634e4dd0-117"
Expires: Thu, 20 Oct 2022 08:20:34 GMT
Last-Modified: Tue, 18 Oct 2022 06:55:12 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
kickassanime.cc/chainsaw-man
104.21.73.64200 OK 16 kB URL HTTP/2 kickassanime.cc/chainsaw-man
IP 104.21.73.64:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2684), with CRLF, LF line terminators
Hash c874260d7b5c918f6c558e6ed2403d35
b4730bfa4420681baeef520111c4c417956127f8
147bfc14cf551d9ff833db8f033079a0a5e16ea73b0c792cc95c69bca26fe4c8
GET /chainsaw-man HTTP/1.1
Host: kickassanime.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:18 GMT
content-type: text/html; charset=UTF-8
x-pingback: https://kickassanime.cc/xmlrpc.php
link: <https://kickassanime.cc/wp-json/>; rel="https://api.w.org/", <https://kickassanime.cc/?p=37943>; rel=shortlink
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3VtPX1M5xNdqb%2FBLLRp9RGvI4NIYmXg1Sxk%2BYawm%2FVQ5jID3d03GPwNbgvZhgvBycoTMOiLgnH1DxDy%2BuCdLCja8SjQLIz0x4XnD16yTqL0TOMcseLWPWoQ1XPiiTauC2o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75c2390a0f541c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 4.4 kB IP 142.250.74.3:0
File type gzip compressed data, from Unix\012- data
Hash d778edc216f3a65d628d69b7a6b81e94
467029522194b37a207cfff8dfc103d9cf782f00
7ef3521bc9cb2fda88296fb35f9f9f8d339dc6210dbc7a098844e9cd7ac3fe60
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5551c9f0ee0ae504e835b141595231d2
edb6f3ce5227907bbae31ad372785d7e33673fee
a6ee2686917e41bc6abd0d181f064a3d06ace97d3321f50a66723d13428ead64
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5123
Cache-Control: max-age=147976
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:19 GMT
Etag: "634e4dd0-117"
Expires: Thu, 20 Oct 2022 08:20:35 GMT
Last-Modified: Tue, 18 Oct 2022 06:55:12 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash b6c290be8c23259daa38c3678e335e33
e6268075ca0f2b23b7e17aae4e92073af6156317
1dbb02059ec661f68eef1e3d66d66027cf0cbc07c5d06a37d4808c701bdfbcff
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kickassanime.cc
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 72afefb35aba768a5973bc0de6fbb84f
etag: "a31f1733c78b357ef6781103f3012ca9"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 18 Oct 2022 15:16:48 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: tsKQvowjJZ2qOMNnjjNeMw==
x-fb-debug: ODtvvIy/zoCxg9F0+Tb8O6MsK74etwAikT3CBia9T5OXe57AvACznnGR0D7ynyv03+iC8m1v5xzcd7CX+hO13Q==
content-length: 1684
x-fb-trip-id: 1904183273
date: Tue, 18 Oct 2022 15:14:19 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 19e7990cd87b450055801628f57bfe40
8869bbbf322291dfd468fe01553509760a764aba
4858bc26a8d7222655553e101042583abbdbcd2b988f8c59db688bab3da48801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FAnimejp-101595461856747&tabs=timeline&width=340&height=130&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
31.13.72.36200 OK 11 kB URL HTTP/2 www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FAnimejp-101595461856747&tabs=timeline&width=340&height=130&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
IP 31.13.72.36:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (14710)
Hash d07fbc8a5f8cb72fa13bc17f72183341
dbe77290462575965f191c278062b7b408a66781
01dfdacb5c3b114e519ff20424c28bf3c281c066803ebef856e90c4e61a6671d
GET /plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FAnimejp-101595461856747&tabs=timeline&width=340&height=130&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: v4yRMC7jH3qgnsGIWTBIIF2qxF6AHBwyEwZKYZmSiuomfsgnAF8s4Lqk1BFrxyyMJ9OtggCcnAcxrN37vtAeFQ==
date: Tue, 18 Oct 2022 15:14:18 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-92KEDE6FQ0
142.250.74.168200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-92KEDE6FQ0
IP 142.250.74.168:0
File type ASCII text, with very long lines (18991)
Hash 3bf7b14353407a784af2afc5ba73eac0
cada637b27240469a0871eb16727d265e74c5776
e2396f3757c978e9d5b0420d26decaddd8b062db9b372c4c3a45c78133e5be2c
GET /gtag/js?id=G-92KEDE6FQ0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 18 Oct 2022 15:14:19 GMT
expires: Tue, 18 Oct 2022 15:14:19 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74865
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ce6f9b426571b2427d4718188f8dc1f0
a0e31d473300d143e16ff62fb88672252ef5c594
80e6d85e32f5a3971d5c1bfae00a2feb5f8a2402c91057f84b55ac3103462ee7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "80E6D85E32F5A3971D5C1BFAE00A2FEB5F8A2402C91057F84B55AC3103462EE7"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4551
Expires: Tue, 18 Oct 2022 16:30:10 GMT
Date: Tue, 18 Oct 2022 15:14:19 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 00793600302d280c0f99bf96cfb0f009
98cea63c09c9c100bfdfc64ce73946d0a916aafb
31634dcf178009925d65ad67462bfa02c239b5b5f2c9a79aecc3b9a011015957
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jwplayer.com/libraries/lqsWlr4Z.js?ver=5.1.15
143.204.55.18404 Not Found 35 B URL HTTP/2 cdn.jwplayer.com/libraries/lqsWlr4Z.js?ver=5.1.15
IP 143.204.55.18:0
Hash 0c95963587b88fe536da5fe30c62f18f
b9fd71be5361cb995dfa22f3f15a44342338ec99
4873c8f7829815503b84181d74e638b850ce1e8e399f387a3ec2516814f7280f
GET /libraries/lqsWlr4Z.js?ver=5.1.15 HTTP/1.1
Host: cdn.jwplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: text/plain
content-length: 35
access-control-allow-origin: *
content-encoding: gzip
date: Tue, 18 Oct 2022 15:14:19 GMT
server: openresty
x-cache: Error from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XJJFk4yhtlAiqwPzupZtBKDUn8wFNkq5-z_abtaOyTy0mdM1O7NX1g==
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.162200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.162:0
File type ASCII text, with very long lines (6761), with CRLF line terminators
Hash 80dbdebfb368a242c2e0bd742e1b822f
c98fcf33c1d52a64e8fdd07df388b33b6c0c0b86
67887d564ceac1cd551443ebf65a0bf417ca31b708947332cc5970f6a5bcffa4
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 18 Oct 2022 15:14:19 GMT
expires: Tue, 18 Oct 2022 15:14:19 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 7020911473384034475
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 55286
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 59c9f4b6a5cb5571f7e8ec52f3548732
9bd1c495d09547b8cc983f71b90471f42ec61f94
25c4798d1ef0730368cc5c6d41a4596c5c914865f6f7a4fad97bdd4ce017894e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25C4798D1EF0730368CC5C6D41A4596C5C914865F6F7A4FAD97BDD4CE017894E"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4002
Expires: Tue, 18 Oct 2022 16:21:01 GMT
Date: Tue, 18 Oct 2022 15:14:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 59c9f4b6a5cb5571f7e8ec52f3548732
9bd1c495d09547b8cc983f71b90471f42ec61f94
25c4798d1ef0730368cc5c6d41a4596c5c914865f6f7a4fad97bdd4ce017894e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25C4798D1EF0730368CC5C6D41A4596C5C914865F6F7A4FAD97BDD4CE017894E"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4002
Expires: Tue, 18 Oct 2022 16:21:01 GMT
Date: Tue, 18 Oct 2022 15:14:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 59c9f4b6a5cb5571f7e8ec52f3548732
9bd1c495d09547b8cc983f71b90471f42ec61f94
25c4798d1ef0730368cc5c6d41a4596c5c914865f6f7a4fad97bdd4ce017894e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25C4798D1EF0730368CC5C6D41A4596C5C914865F6F7A4FAD97BDD4CE017894E"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4002
Expires: Tue, 18 Oct 2022 16:21:01 GMT
Date: Tue, 18 Oct 2022 15:14:19 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1da8a8e-07d7-4788-a750-b444d5b94049.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1da8a8e-07d7-4788-a750-b444d5b94049.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa40305eef05745db4726fd428bd8b84
b957772b40c2485d9a50038d9ffa490f85fe1db9
19735ce0eebf21dd8029a7d0766061ad446232b20b2ac3c9d8b138b263f8fde2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1da8a8e-07d7-4788-a750-b444d5b94049.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9746
x-amzn-requestid: 483d8ab7-5f45-489a-b610-ae9fe9d635d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z1AKaEtcIAMFxnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634513dc-027bf86916a9f9dd239ce02f;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 06:57:32 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V06O2hLkjoNgh-cJ22sHGodd_ocVq1Dch6tdy4PLuiirypqd0HUYGg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 07:53:36 GMT
age: 26443
etag: "b957772b40c2485d9a50038d9ffa490f85fe1db9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 59c9f4b6a5cb5571f7e8ec52f3548732
9bd1c495d09547b8cc983f71b90471f42ec61f94
25c4798d1ef0730368cc5c6d41a4596c5c914865f6f7a4fad97bdd4ce017894e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25C4798D1EF0730368CC5C6D41A4596C5C914865F6F7A4FAD97BDD4CE017894E"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4002
Expires: Tue, 18 Oct 2022 16:21:01 GMT
Date: Tue, 18 Oct 2022 15:14:19 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e0224bc-3141-475c-88f3-48e2d36f204f.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e0224bc-3141-475c-88f3-48e2d36f204f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ddd17c7d44a2e136710171f237ded665
577a22b126e54bfe0e4e4ce26b0fb866bc7fe007
b1327c4f33db5488ae49b1c2f7d5b49804d4245fd0bd92c41005b9045281f2a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e0224bc-3141-475c-88f3-48e2d36f204f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6352
x-amzn-requestid: c0479303-34b2-45d8-b794-4b83003312ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aHjNXE81IAMFWaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634c7f22-702cee0d437cbdc349efa2e8;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 22:01:06 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: BAmcO20Ujqli3EGGQaTGlMbQ7VxPPQDgxv-qi3gsygBrZ0Z3tcZZuA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 17 Oct 2022 22:34:39 GMT
age: 59980
etag: "577a22b126e54bfe0e4e4ce26b0fb866bc7fe007"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3213a7c7-0ccd-4354-bd64-432d8cd565cd.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3213a7c7-0ccd-4354-bd64-432d8cd565cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d5f3e230617c19df2161f174976caa0c
4bca04916f92c53d5f56d7553ac3677a9a14c085
b59139f61666eea62bca4ff5bb8bf36a0093f484d865f7e7c54ef94f3d31139c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3213a7c7-0ccd-4354-bd64-432d8cd565cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7205
x-amzn-requestid: 4534c655-60a2-41bd-ac80-d60614921988
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aKyQxHD6oAMFbig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634dca6b-1e32b5bf437ab9586a2175c5;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 21:34:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 737UWQdimbxdQFU9ENL9K0RrqduTRQEkw0aiST-Reztl0DD5-oH87w==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Mon, 17 Oct 2022 22:08:27 GMT
age: 61552
etag: "4bca04916f92c53d5f56d7553ac3677a9a14c085"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F12c82a90-f45d-4e0f-b73c-10a7abfd551e.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F12c82a90-f45d-4e0f-b73c-10a7abfd551e.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e74f4de677631204256431e010756dd9
698ac04247bc52f9b200138ccfb8bf6184f3582f
a578e99e57e22f5ad3f8aaf102d80e4a6a79aab92ae1be6efdcf0c67968d31e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F12c82a90-f45d-4e0f-b73c-10a7abfd551e.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12891
x-amzn-requestid: 57575612-3eaa-4979-b7e6-4eca29498e9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aKyqfEkdIAMFvYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634dcb0f-0cd3874a59496e6e2f685eab;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 21:37:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QxJbPi0RezvItuQg75q2OkJ7tj4YHN6SQJmA9kn5XJoZKlVLLAPcxA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 17 Oct 2022 21:55:19 GMT
age: 62340
etag: "698ac04247bc52f9b200138ccfb8bf6184f3582f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a291dbb-7f30-4ffb-8098-3b5f0093f379.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a291dbb-7f30-4ffb-8098-3b5f0093f379.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e7fd6e50e59e93dd5329060ecbe7fef
1d89b8268579f42b0265df7b14f77930033b23fe
7c03b8ca2822417615d12bc133b199bb64ccdba10aa0656d1dc6843c6471b39d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a291dbb-7f30-4ffb-8098-3b5f0093f379.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6836
x-amzn-requestid: ad5ca7f1-a21c-44d3-b419-dfa7cf868e12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aKzQZHPFIAMFuig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634dcc02-38b229432e2fbaa8779daa52;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 21:41:22 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dUm6WGDUVTB3WOdPSILAuSAQFCxj5sNwu2pmzi_ax7mhbrj-_tdWQg==
via: 1.1 2a44ef7b9d28e74c78ffadeedcbb887c.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 17 Oct 2022 21:55:26 GMT
etag: "1d89b8268579f42b0265df7b14f77930033b23fe"
content-type: image/jpeg
age: 62333
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 19e7990cd87b450055801628f57bfe40
8869bbbf322291dfd468fe01553509760a764aba
4858bc26a8d7222655553e101042583abbdbcd2b988f8c59db688bab3da48801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F183e5182-d899-4aa5-9644-f2b1544cb135.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F183e5182-d899-4aa5-9644-f2b1544cb135.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f6bf4f5731a4aa97b78bae1ffd519cb
5ac8a79bf62ff1dda432036aacacbb69c853eabd
f4a1ec168c097a6f2d95e6c3c790e8cb20890cb6e376faa79c8aeeee08b1f370
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F183e5182-d899-4aa5-9644-f2b1544cb135.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10748
x-amzn-requestid: 0d5c19df-5776-4c7b-9f62-904adcbe6e1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aKyosGUJoAMFt_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634dcb04-44bb56725b31b5f240865d99;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 21:37:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IiF3b1hUN3X38JLzoLhvqggtupKgzCTBgdanlj4-OnHpHHWhXjRvvw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 17 Oct 2022 21:46:13 GMT
age: 62886
etag: "5ac8a79bf62ff1dda432036aacacbb69c853eabd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
secure.gravatar.com/avatar/?s=20&d=mm&r=g
192.0.73.2200 OK 837 B URL HTTP/2 secure.gravatar.com/avatar/?s=20&d=mm&r=g
IP 192.0.73.2:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 20x20, components 3\012- data
Hash 3ff66f60ce04121323c5534fe136190f
612276ab8fbb7500e6f01c559e21b327a095ffdb
e2b94f353fafcae37092fdd244b0c1af1c80d050c614dc3c1f9bcd7ff2d1bdd6
GET /avatar/?s=20&d=mm&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 15:14:19 GMT
content-type: image/jpeg
content-length: 837
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://www.gravatar.com/avatar/?s=20&d=mm&r=g>; rel="canonical"
access-control-allow-origin: *
content-disposition: inline; filename="none.png"
expires: Tue, 18 Oct 2022 15:19:19 GMT
cache-control: max-age=300
x-nc: HIT arn 1
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 82571dc3b59726a8e88def1043dd5dc2
ee071d908b0d2e32f05c1f82ccf7c620dc4e8015
5f0d328ff3c1a099fc8a405c0ef33168dbdb6fdec93d0db8ea9c0b7795ad7e34
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 15:14:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 06:25:19 GMT
Expires: Mon, 24 Oct 2022 06:25:18 GMT
Etag: "ee071d908b0d2e32f05c1f82ccf7c620dc4e8015"
Cache-Control: max-age=486058,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75c23915ed8fb4f7-OSL
cdn.jwplayer.com/libraries/lqsWlr4Z.js?ver=5.1.15
143.204.55.18404 Not Found 35 B URL HTTP/2 cdn.jwplayer.com/libraries/lqsWlr4Z.js?ver=5.1.15
IP 143.204.55.18:0
Hash 0c95963587b88fe536da5fe30c62f18f
b9fd71be5361cb995dfa22f3f15a44342338ec99
4873c8f7829815503b84181d74e638b850ce1e8e399f387a3ec2516814f7280f
GET /libraries/lqsWlr4Z.js?ver=5.1.15 HTTP/1.1
Host: cdn.jwplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
content-type: text/plain
content-length: 35
access-control-allow-origin: *
content-encoding: gzip
date: Tue, 18 Oct 2022 15:14:19 GMT
server: openresty
x-cache: Error from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8GgIrF2xd65to3n9R1SQJ3lqimsEAP3f_eljGnxMtzKz3ry_Pt2mtA==
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=31aa1bbb80124272bae1475daed9e4c3
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=31aa1bbb80124272bae1475daed9e4c3
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash e5f6d8674f77f9402d00da375ae575f2
56425c788b317cf3edce57870b1f689301e4ae62
0b4a0ffb4e5bea91dee7d0ff706ef4eada8a0711be386dc2b7b878489fc7b2aa
GET /gid.js?userId=31aa1bbb80124272bae1475daed9e4c3 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kickassanime.cc
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 15:14:19 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://kickassanime.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=31aa1bbb80124272bae1475daed9e4c3; expires=Wed, 18 Oct 2023 15:14:19 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
172.64.133.2200 OK 5.5 kB IP 172.64.133.2:0
File type ASCII text, with very long lines (13017), with no line terminators
Hash 9de9eb049f09d7c543546b344d34fbfb
7c83b52c747ce7542c09fca8e4a4d33202070558
aed576634e78a25a5e2ab22238175c2c5df8d31938d146a0f3b7dabf884718e7
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:19 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 14:05:58 GMT
etag: W/"634eb2c6-32d9"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3536
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lqzTwB9QH6DtbDTdbwr3Xt0c6EXZWP3rIDelnv7k5wlR5QAD99fmCJ0oi0tO2M7IuL2mqV4xlsWtcLaVcHUF3wNn4ayvaien1%2BZtQmme8oTljZZMpGIWgWllgywAbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c23914faf5f433-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash fe0b56fc613f5dab541b0e2a2a2e9b7e
4129feb16e8879c74fe192a86fe94b0a677f87e9
9681deb7baa03f3d7554d7539a268663f5bf55427f442f965878567a976389bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4628
Cache-Control: max-age=157528
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:19 GMT
Etag: "634e750f-118"
Expires: Thu, 20 Oct 2022 10:59:47 GMT
Last-Modified: Tue, 18 Oct 2022 09:42:39 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
cdn.discordapp.com/widget-avatars/yKtHNmMFKcux-YKYl9OgYmXAQJPE6RyM4fQ3nEKalBM/E6PNmXkoRk2G0--aybluFy6fkhsMyPQPkh7Daeii1adKCaaHHAfpgEbyYdg7A00PJiyu63sjWa6VLNAvMJM
162.159.135.233200 OK 3.4 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/yKtHNmMFKcux-YKYl9OgYmXAQJPE6RyM4fQ3nEKalBM/E6PNmXkoRk2G0--aybluFy6fkhsMyPQPkh7Daeii1adKCaaHHAfpgEbyYdg7A00PJiyu63sjWa6VLNAvMJM
IP 162.159.135.233:0
Hash fce986e6b438fb2d6ce7fd7f0a096166
4d371b8fa2620883e3d2ad2d806d0785991fa3a7
153e64ad3f9eab5ce63d1a439e14e0ddeda8412d051f6741e41e1d4e0944441e
GET /widget-avatars/yKtHNmMFKcux-YKYl9OgYmXAQJPE6RyM4fQ3nEKalBM/E6PNmXkoRk2G0--aybluFy6fkhsMyPQPkh7Daeii1adKCaaHHAfpgEbyYdg7A00PJiyu63sjWa6VLNAvMJM HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:19 GMT
content-type: image/png
content-length: 1324
cf-ray: 75c23917df0e0b55-OSL
accept-ranges: bytes
age: 39
cache-control: public, max-age=14400
etag: "c09a43a372ba81e3018c3151d4ed4773"
expires: Tue, 18 Oct 2022 19:14:19 GMT
last-modified: Fri, 14 May 2021 01:14:16 GMT
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-goog-generation: 1620954856403229
x-goog-hash: crc32c=Y/unMw==, md5=wJpDo3K6geMBjDFR1O1Hcw==
x-goog-metageneration: 2
x-goog-storage-class: NEARLINE
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1324
x-guploader-uploadid: ADPycdt_VzmQvVOsaepIm-Bk_07h2lxjcqNf74ckpE-blq30MByVH-9iFr9JJDzky5DAL2TGLqQOV4vA9PYk5GHdkSk
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTuDD4Rnsn7yVnvizsUcalpe1xfYlHOQQQsXnnPKnDfVaqjSJU1v%2Bu0oP0zKopW48fOsfKO%2BfX4gJpzOd0LKV2pJ8Np0dor7b6HyVzngclAO7hFBiaAqjTHVQ9GMigOVl01RhA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/TGBknpi87fTz6Bo7STWxPhmuYJUHi43_cQzEXPT4fb0/w41_esQnvKfZqjq7Us1BI4zHf1oM8PeiAeesae8De1C-PKlTritq9RVNnJ-84hcWVotJkwocv69U7WLPZi-LjtWIXI-2AgC6lht2nkGjDrkcA767MJoLWZVpDRvpUQh3VmkKNzuE7VUCGg
162.159.135.233200 OK 3.5 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/TGBknpi87fTz6Bo7STWxPhmuYJUHi43_cQzEXPT4fb0/w41_esQnvKfZqjq7Us1BI4zHf1oM8PeiAeesae8De1C-PKlTritq9RVNnJ-84hcWVotJkwocv69U7WLPZi-LjtWIXI-2AgC6lht2nkGjDrkcA767MJoLWZVpDRvpUQh3VmkKNzuE7VUCGg
IP 162.159.135.233:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 77ddac6c98c6c4ba875a58a7f51d7876
b0c87914309b9c9a67e063cb65a1d1e82619acb3
7960ba43eeeedba2e371c071ca51c5bd8c88ad2d2eca1277cbe8d24515eba320
GET /widget-avatars/TGBknpi87fTz6Bo7STWxPhmuYJUHi43_cQzEXPT4fb0/w41_esQnvKfZqjq7Us1BI4zHf1oM8PeiAeesae8De1C-PKlTritq9RVNnJ-84hcWVotJkwocv69U7WLPZi-LjtWIXI-2AgC6lht2nkGjDrkcA767MJoLWZVpDRvpUQh3VmkKNzuE7VUCGg HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:19 GMT
content-type: image/jpeg
content-length: 3487
cf-ray: 75c23917df120b55-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 435537
cache-control: public, max-age=31536000
expires: Wed, 18 Oct 2023 15:14:19 GMT
last-modified: Sat, 27 Aug 2022 16:10:50 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-envoy-upstream-service-time: 51
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nb2tJPXH70d3Hos3hT9AsbLzYuxpQBBRzKEl04RNk6xG3CUYzn4Y3qnVbdtf9FXCnQpzPEf9dLxYH%2FEogBAgWAoeq3byFbam4bGHgnMDibwLhyRZR6NLOWoQ5CWDmAc4oc93Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/yxoZp5UfHCymMVkCMLyLgA0uGiF899NfbIOE9Jdmp2A/IXi5Tuu_UwYw03Q-qUy2fMh01Odm48Y-Nn_Wxlnzggf47INYh12amWbZKjQ59MGw3iI4oLcCy_ws5V-c3CDNAQ_3xnX9ilEP9S3lDgPVxq3cDNlRpBv3pQkzyhrpoXK8fjjC2L0j4cYOEQ
162.159.135.233200 OK 4.5 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/yxoZp5UfHCymMVkCMLyLgA0uGiF899NfbIOE9Jdmp2A/IXi5Tuu_UwYw03Q-qUy2fMh01Odm48Y-Nn_Wxlnzggf47INYh12amWbZKjQ59MGw3iI4oLcCy_ws5V-c3CDNAQ_3xnX9ilEP9S3lDgPVxq3cDNlRpBv3pQkzyhrpoXK8fjjC2L0j4cYOEQ
IP 162.159.135.233:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash ea5832c53b4d0311d14c6191ba5e2170
b9726990be4b8f137ca11504c17b637a7ba812f9
2142132116492707f971c9527b476e9db203f8cebfe0bd948d79f1f4f91eaac1
GET /widget-avatars/yxoZp5UfHCymMVkCMLyLgA0uGiF899NfbIOE9Jdmp2A/IXi5Tuu_UwYw03Q-qUy2fMh01Odm48Y-Nn_Wxlnzggf47INYh12amWbZKjQ59MGw3iI4oLcCy_ws5V-c3CDNAQ_3xnX9ilEP9S3lDgPVxq3cDNlRpBv3pQkzyhrpoXK8fjjC2L0j4cYOEQ HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:19 GMT
content-type: image/jpeg
content-length: 4462
cf-ray: 75c23917df110b55-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 465518
cache-control: public, max-age=31536000
expires: Wed, 18 Oct 2023 15:14:19 GMT
last-modified: Tue, 18 Aug 2020 07:59:28 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-envoy-upstream-service-time: 23
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TAa1sRcCCaXylphNeB1zTPiCNpFNfBXpXJ2fihcQSWqEcfNiufHHqRDQwColcs%2FJeIV8aF8oFDcRrYFm%2FOV0nDHPYNvWI%2BU31qnNpF9G5DB2%2F4obbZViPHhX%2Bp7NnCSVPsrk6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/MVNA7j65FBMbJJVoevVNm-5wR_400DMajUJHi6dh9r4/MimGf2rwWDDe-tUkJgDGtXTlqqWeqmhBgkmtHeHdmIuONcPCcmX0MDct4dFOT5XqRrI9YxC-eypug293fZrq_t8TkxEhvrx3uXNSYluP_znQWvxGHDLhAI7BdqiNA0N9LT-fhXQg1EM2_Q
162.159.135.233200 OK 5.2 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/MVNA7j65FBMbJJVoevVNm-5wR_400DMajUJHi6dh9r4/MimGf2rwWDDe-tUkJgDGtXTlqqWeqmhBgkmtHeHdmIuONcPCcmX0MDct4dFOT5XqRrI9YxC-eypug293fZrq_t8TkxEhvrx3uXNSYluP_znQWvxGHDLhAI7BdqiNA0N9LT-fhXQg1EM2_Q
IP 162.159.135.233:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash a16338c84f8c424b89afa65e7fb01bd3
0a6308c67479eeb97a705d7244eb388f08da9cd6
15f205a35eed1ec99f9ae24cbbb2ecac679366d449908d36625b0f08fe43c4f2
GET /widget-avatars/MVNA7j65FBMbJJVoevVNm-5wR_400DMajUJHi6dh9r4/MimGf2rwWDDe-tUkJgDGtXTlqqWeqmhBgkmtHeHdmIuONcPCcmX0MDct4dFOT5XqRrI9YxC-eypug293fZrq_t8TkxEhvrx3uXNSYluP_znQWvxGHDLhAI7BdqiNA0N9LT-fhXQg1EM2_Q HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:19 GMT
content-type: image/jpeg
content-length: 5208
cf-ray: 75c23917df100b55-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 1115492
cache-control: public, max-age=31536000
expires: Wed, 18 Oct 2023 15:14:19 GMT
last-modified: Sat, 01 Jan 2022 04:18:15 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-envoy-upstream-service-time: 3
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LPlTlk33tx64yUtBWbKS0vZ%2FvZvdurNm7JUVGY6ZD8mdEA5kpHbxTCI8GREwTiA%2ByXEqzoWnu8g97O87OnLBz1fUux6065wcAXGuwmR%2FvCblIpdUrxGNH7JFXWvzqsH4XbsIOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 21b822dbc467d49e0b06670b69060fd3
d8eab1aff33082b08d92e677c7cdf24b5ac61053
424a5d48f8c5e725e3a23dbee762954ad74411dece0ea384db87da7a10b019e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "424A5D48F8C5E725E3A23DBEE762954AD74411DECE0EA384DB87DA7A10B019E9"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11481
Expires: Tue, 18 Oct 2022 18:25:40 GMT
Date: Tue, 18 Oct 2022 15:14:19 GMT
Connection: keep-alive
grunoaph.net/5/3639461
139.45.197.238200 OK 53 kB IP 139.45.197.238:0
Hash f465a46f31de92c8213cb0c2d829b896
1eed11201c86acc4f966790d7c465ec8a7baaf4c
f0e3d37115cf0f391e0c652e5f8609bf00061e4d9359a370a346d8a9aecdaeb2
Analyzer Verdict Alert quad9 Sinkholed
GET /5/3639461 HTTP/1.1
Host: grunoaph.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 15:14:18 GMT
content-type: application/javascript
x-trace-id: 8c78b2df4240caef6e61435d4c470c8c
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=31aa1bbb80124272bae1475daed9e4c3; expires=Wed, 18 Oct 2023 15:14:18 GMT; path=/; secure; SameSite=None
oaidts=1666106058; expires=Wed, 18 Oct 2023 15:14:18 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/PmJTfWR6J-XV3ghl6gxMX-S_hBg91vbboJCQIotZm_0/9iPIzECxde2UcISeHTCqAHWdORa8pJhPPN_ptvm8IUI0ioH81z8WJzwzdAdM5rRWQHvc7qHxO7384h1S4xcrbdAwpGOnNTCD-dcXSuVut670zPs86L30zpc1lhZSug0pdR2tparS33Y04w
162.159.135.233200 OK 5.1 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/PmJTfWR6J-XV3ghl6gxMX-S_hBg91vbboJCQIotZm_0/9iPIzECxde2UcISeHTCqAHWdORa8pJhPPN_ptvm8IUI0ioH81z8WJzwzdAdM5rRWQHvc7qHxO7384h1S4xcrbdAwpGOnNTCD-dcXSuVut670zPs86L30zpc1lhZSug0pdR2tparS33Y04w
IP 162.159.135.233:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 5ec008f2d5852fa6e6695f18957c09f0
eb04396952d16d65a1d4d32376a3bb0d79472a00
09c2fcf37281f85e2cddbd8d30d32386706649ae4a4e3092926797baf1bda15e
GET /widget-avatars/PmJTfWR6J-XV3ghl6gxMX-S_hBg91vbboJCQIotZm_0/9iPIzECxde2UcISeHTCqAHWdORa8pJhPPN_ptvm8IUI0ioH81z8WJzwzdAdM5rRWQHvc7qHxO7384h1S4xcrbdAwpGOnNTCD-dcXSuVut670zPs86L30zpc1lhZSug0pdR2tparS33Y04w HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:19 GMT
content-type: image/jpeg
content-length: 5129
cf-ray: 75c23917df130b55-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 239119
cache-control: public, max-age=31536000
expires: Wed, 18 Oct 2023 15:14:19 GMT
last-modified: Sat, 02 Apr 2022 19:03:35 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-envoy-upstream-service-time: 28
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VG6bd3DOyk%2BcUZvHb7hSXduV6ljsAqc8O35Fn7DcS5bnNs%2FMa2i%2FK7SxptCp8d0TeL6fcsWKdhPMSOMjZdL4qYM4D1e7REPaFW62piSg9FmV%2Fy2iMHaLDCuzpXQbEjwAKk6CDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/TI5srZhWBUkAOcR9oMFEEKQ8x4Jk0taHz-wTkpJX60A/0Alkc0tO9k-On6DH7dv16qTOwlNiRT70rC7gFBtvMDLRi_8VVcticUojoVO3pGInVdjdDlcDaWYVc_FLFLeEmA0U5d8tvJIDAyo6PnMkJLpHEsTLc4Tq7hiMkOkqR-utifY-3y8F0QqRQA
162.159.135.233200 OK 3.4 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/TI5srZhWBUkAOcR9oMFEEKQ8x4Jk0taHz-wTkpJX60A/0Alkc0tO9k-On6DH7dv16qTOwlNiRT70rC7gFBtvMDLRi_8VVcticUojoVO3pGInVdjdDlcDaWYVc_FLFLeEmA0U5d8tvJIDAyo6PnMkJLpHEsTLc4Tq7hiMkOkqR-utifY-3y8F0QqRQA
IP 162.159.135.233:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 70d215a765f9e5bbe3faac9b0a3f5d18
aadd4a422da963c2fc5bacb923f7983d660b4571
120d8200f5de68cf7fbdb28e14cb94de59ceaca522bb6af0e37c1bdac692058a
GET /widget-avatars/TI5srZhWBUkAOcR9oMFEEKQ8x4Jk0taHz-wTkpJX60A/0Alkc0tO9k-On6DH7dv16qTOwlNiRT70rC7gFBtvMDLRi_8VVcticUojoVO3pGInVdjdDlcDaWYVc_FLFLeEmA0U5d8tvJIDAyo6PnMkJLpHEsTLc4Tq7hiMkOkqR-utifY-3y8F0QqRQA HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:19 GMT
content-type: image/jpeg
content-length: 3386
cf-ray: 75c23917df0d0b55-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 435537
cache-control: public, max-age=31536000
expires: Wed, 18 Oct 2023 15:14:19 GMT
last-modified: Mon, 30 May 2022 02:31:33 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-envoy-upstream-service-time: 67
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Um6hJx%2FWhrgGRy3jGQNZ6sUbRCtDNe9eSE0uWQFJnHrqUrtSb%2B29R9bJvl9dyj5hpI55LJrE%2FBpm1wjmSblYjW61eMyL61x0RHw0yHp8XbVLfaL0RMuaelaCyUMWur7kmDWB1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 9699c4757c3bf315e7395ebfe5d19498
e7945c2c6fa92aa636b057721dc0fd67e1981612
fbe8260af2565f669a9d75a0f085d65c1e4c6de39758fe511701a24b20fbeece
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 15:14:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 00:52:19 GMT
Expires: Mon, 24 Oct 2022 00:52:18 GMT
Etag: "e7945c2c6fa92aa636b057721dc0fd67e1981612"
Cache-Control: max-age=466078,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75c23916db18b509-OSL
discord.com/widget?id=796224689483415613&theme=dark
162.159.138.232200 OK 69 kB URL HTTP/2 discord.com/widget?id=796224689483415613&theme=dark
IP 162.159.138.232:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1559)
Hash 5a3ce99b1d5843428fcb4233cd41cbf1
3546ebc064fba0de5d7d9c78d512c52f78c25f7f
14d8bfdd27bb7332f0f5d21e9a24169adb094a98d5a09baa76d490c1566b7cf5
GET /widget?id=796224689483415613&theme=dark HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:18 GMT
content-type: text/html
cf-ray: 75c239138c0eb4ee-OSL
cache-control: public, max-age=14400
last-modified: Mon, 06 Jun 2022 20:56:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
permissions-policy: interest-cohort=()
x-build-id: 658afa3e9b2fd84f7825b019e925af528bcb2f76
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSalqxUyGE4ANCrnqFxOtrqOo%2FPKMMTklakXpdo2dkoyziofHOWqyabmbKWeGxxq3akAmUYYQvCoZocXsUVXYrZG3C6g9QeEWk6qKyR%2Bk5tty8A7%2FV2SLFnaj1sf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: __dcfduid=897331b04ef711ed8b76fda943a3afae; Expires=Sun, 17 Oct 2027 15:14:18 GMT; Max-Age=157680000; Path=/; Secure; HttpOnly; SameSite=Lax
__sdcfduid=897331b14ef711ed8b76fda943a3afae8f6d647619d97adadf81bd2ef5af0d231a43fb638d271466a9f31eb5d38f9a18; Expires=Sun, 17 Oct 2027 15:14:18 GMT; Max-Age=157680000; Path=/; Secure; HttpOnly; SameSite=Lax
__cfruid=386ca950e979bffe142352d3e45c190ad32e01d0-1666106058; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/Kwg2S6_pETtH2Br_OjZMJm5z6qYRkVINH1K4CT5n33w/sb3YVrlG1RZS_hjxAettHZjBGkcL6CUTwB8iyjCk6P517Y6ponS_9gOd8Zx9dyoJSoTa9LsVBpV0qrzCSY845K2nwOuf1XjVyNA0bWgym2scaIHCXsOAsGiRcCO15rBZ2192vjSBls0uGA
162.159.135.233200 OK 3.7 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/Kwg2S6_pETtH2Br_OjZMJm5z6qYRkVINH1K4CT5n33w/sb3YVrlG1RZS_hjxAettHZjBGkcL6CUTwB8iyjCk6P517Y6ponS_9gOd8Zx9dyoJSoTa9LsVBpV0qrzCSY845K2nwOuf1XjVyNA0bWgym2scaIHCXsOAsGiRcCO15rBZ2192vjSBls0uGA
IP 162.159.135.233:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash f21c965284380a3a2c8658a2e1fe6990
34044c8b130dde444d7696e9d4364fde9d561a0b
74db06fba0c6c532ebbe3d4f352709061d2d022203afa7e8b55035d459fc7d4a
GET /widget-avatars/Kwg2S6_pETtH2Br_OjZMJm5z6qYRkVINH1K4CT5n33w/sb3YVrlG1RZS_hjxAettHZjBGkcL6CUTwB8iyjCk6P517Y6ponS_9gOd8Zx9dyoJSoTa9LsVBpV0qrzCSY845K2nwOuf1XjVyNA0bWgym2scaIHCXsOAsGiRcCO15rBZ2192vjSBls0uGA HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:19 GMT
content-type: image/jpeg
content-length: 3710
cf-ray: 75c239180f3b0b55-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 941046
cache-control: public, max-age=31536000
expires: Wed, 18 Oct 2023 15:14:19 GMT
last-modified: Thu, 13 Jul 2017 04:12:11 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-envoy-upstream-service-time: 36
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3i6MeKM4EX%2BRq4k7OtolxzlAVeMYPI169WHwoyL5mn50kIFtvBQ5cz3GZE%2FTBH9FgccC3tEWJ6SyhMY23ZAvr2%2Fjawymy8uGoTm9RqP%2BIMLSW7ZiFrjXkMxt10sQNeXDuQa93w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/uUG2Vz91sJh96nhmmEMv7PSTke4AfVz_aXcgIvMN1Ps/i5L2cltHlaBIRp3jJ4kJ4dnzSaKdp-kc7XMvrU94JgZCgOXCCWhRq6huwxMvB_eqahputF8XScXsyK4URUS0td3jQ_Z4QY1BT4fk2kgmC495BtTnDrpFXt6I8H7KA7OKRUV3NoV_Oem7BQ
162.159.135.233200 OK 8.4 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/uUG2Vz91sJh96nhmmEMv7PSTke4AfVz_aXcgIvMN1Ps/i5L2cltHlaBIRp3jJ4kJ4dnzSaKdp-kc7XMvrU94JgZCgOXCCWhRq6huwxMvB_eqahputF8XScXsyK4URUS0td3jQ_Z4QY1BT4fk2kgmC495BtTnDrpFXt6I8H7KA7OKRUV3NoV_Oem7BQ
IP 162.159.135.233:0
Hash a3189fa313e6778b328321d9afaa5e6c
f09dbd8b1714e5bf708ca49245bffc574813bd63
36b95332737cb7015a2975ba2d68a1cea57ca09f6d4f93d421c0389a9defef3a
GET /widget-avatars/uUG2Vz91sJh96nhmmEMv7PSTke4AfVz_aXcgIvMN1Ps/i5L2cltHlaBIRp3jJ4kJ4dnzSaKdp-kc7XMvrU94JgZCgOXCCWhRq6huwxMvB_eqahputF8XScXsyK4URUS0td3jQ_Z4QY1BT4fk2kgmC495BtTnDrpFXt6I8H7KA7OKRUV3NoV_Oem7BQ HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:19 GMT
content-type: image/jpeg
content-length: 5131
cf-ray: 75c239180f3e0b55-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 219063
cache-control: public, max-age=31536000
expires: Wed, 18 Oct 2023 15:14:19 GMT
last-modified: Sat, 18 Jun 2022 10:25:08 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-envoy-upstream-service-time: 61
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTjW1PclO87PG1LV752JOhxDnk5Q%2FoiVIoyIRO1rXRoKKoXrj3itUahIqpK98SHEFSzsytu7He%2Bo%2F81V2r5nV4vJnAbhd1gt56U5nfI6TI4GtHgCVB2JzC6jWCSYdUamq4zWHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/krz0m3gfNAN4dwWu93AneQAiHSlibLytkvBZ68TmIBU/6WGO8UFZNZ2QRfSHhb1dML3Qy-N7mDuYy3svJgCIsmu4XsBeme5zzsh04r6oDPpa2W_11m6q3FIwuKBxR1Ic5wKjF2JMYb5T_JxW-qyxP7I8RY5Oy_nYGKJ5vCHG3FESsPpfInsTGem1ew
162.159.135.233200 OK 5.0 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/krz0m3gfNAN4dwWu93AneQAiHSlibLytkvBZ68TmIBU/6WGO8UFZNZ2QRfSHhb1dML3Qy-N7mDuYy3svJgCIsmu4XsBeme5zzsh04r6oDPpa2W_11m6q3FIwuKBxR1Ic5wKjF2JMYb5T_JxW-qyxP7I8RY5Oy_nYGKJ5vCHG3FESsPpfInsTGem1ew
IP 162.159.135.233:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 01a6f83b776d6f010ecca26ebb196662
4d5e04cb77a0fc8a802fe52bbdf8713b629b52a7
95d0ee407869ca40bf00a5457e9f3872cf364fc94d24a4ea7c63833d9c2d544f
GET /widget-avatars/krz0m3gfNAN4dwWu93AneQAiHSlibLytkvBZ68TmIBU/6WGO8UFZNZ2QRfSHhb1dML3Qy-N7mDuYy3svJgCIsmu4XsBeme5zzsh04r6oDPpa2W_11m6q3FIwuKBxR1Ic5wKjF2JMYb5T_JxW-qyxP7I8RY5Oy_nYGKJ5vCHG3FESsPpfInsTGem1ew HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:19 GMT
content-type: image/jpeg
content-length: 4963
cf-ray: 75c239180f3a0b55-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 477887
cache-control: public, max-age=31536000
expires: Wed, 18 Oct 2023 15:14:19 GMT
last-modified: Mon, 06 Jan 2020 20:38:10 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-envoy-upstream-service-time: 24
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PFpDL9Y84TtBm6qawAHSx5Ii3hEL6lu4Nx1LQLGrEhhiQi1N%2F%2FFMpm1O979ctq4LH1fn68JY6QgmImkEPEtyniMAyaj2tlCSL31oxjHKPR7KfVEM3RAxHhIBRg4fFggisRGIUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash fe0b56fc613f5dab541b0e2a2a2e9b7e
4129feb16e8879c74fe192a86fe94b0a677f87e9
9681deb7baa03f3d7554d7539a268663f5bf55427f442f965878567a976389bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5812
Cache-Control: max-age=158712
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:19 GMT
Etag: "634e750f-118"
Expires: Thu, 20 Oct 2022 11:19:31 GMT
Last-Modified: Tue, 18 Oct 2022 09:42:39 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0b2f72aafba972b25f2937351cd08c7a
0cbe8d0dbe27cc6e13919dfcd0d4e65df4cb8b51
fe7785b101d41cca7d6246ef25c1ec999af0c1d079a9588ff4c29db4132ec8a8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE7785B101D41CCA7D6246EF25C1EC999AF0C1D079A9588FF4C29DB4132EC8A8"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4556
Expires: Tue, 18 Oct 2022 16:30:15 GMT
Date: Tue, 18 Oct 2022 15:14:19 GMT
Connection: keep-alive
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 894
Origin: https://kickassanime.cc
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Tue, 18 Oct 2022 15:14:46 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://kickassanime.cc
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
in-page-push.com/500/3850975?excludes=&oaid=31aa1bbb80124272bae1475daed9e4c3&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fkickassanime.cc%2Fchainsaw-man&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.15200 OK 0 B URL HTTP/2 in-page-push.com/500/3850975?excludes=&oaid=31aa1bbb80124272bae1475daed9e4c3&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fkickassanime.cc%2Fchainsaw-man&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/3850975?excludes=&oaid=31aa1bbb80124272bae1475daed9e4c3&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fkickassanime.cc%2Fchainsaw-man&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: in-page-push.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://kickassanime.cc/
Origin: https://kickassanime.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 15:14:19 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://kickassanime.cc
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
js.wpadmngr.com/npc/sdk/wp-banners.js
45.133.44.25200 OK 0 B URL HTTP/2 js.wpadmngr.com/npc/sdk/wp-banners.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Tue, 18 Oct 2022 15:19:19 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 61090662d219189c5d6cdbcb1795fb38
4b229f95a5d5c3ed8386e8a16756544197abaedd
6aa7c659c03e9b343980543b89081eab7d68229e97371865dbd0a1651b43ebd7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AA7C659C03E9B343980543B89081EAB7D68229E97371865DBD0A1651B43EBD7"
Last-Modified: Mon, 17 Oct 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4858
Expires: Tue, 18 Oct 2022 16:35:17 GMT
Date: Tue, 18 Oct 2022 15:14:19 GMT
Connection: keep-alive
in-page-push.com/500/3850975?excludes=&oaid=31aa1bbb80124272bae1475daed9e4c3&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fkickassanime.cc%2Fchainsaw-man&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.15200 OK 248 kB URL HTTP/2 in-page-push.com/500/3850975?excludes=&oaid=31aa1bbb80124272bae1475daed9e4c3&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fkickassanime.cc%2Fchainsaw-man&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.15:0
Size 248 kB (247471 bytes)
Hash 487b21a63e88eca87c1e96ac8bb2c0eb
e90ca2fa5fb161f7f21729dd19918139918faaf0
cd308a741e54d105b170b0b11873833733bc3d2272b094ad87291ca5c84a5c08
Analyzer Verdict Alert quad9 Sinkholed
GET /500/3850975?excludes=&oaid=31aa1bbb80124272bae1475daed9e4c3&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fkickassanime.cc%2Fchainsaw-man&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: in-page-push.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://kickassanime.cc
Connection: keep-alive
Referer: https://kickassanime.cc/
Cookie: OAID=44ff429e02a54e6a9a3acc025ab649e8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 15:14:19 GMT
content-type: application/javascript
x-trace-id: 7731ed8b29741a4f6ddb0bd02e8b8fbc
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://kickassanime.cc
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=31aa1bbb80124272bae1475daed9e4c3; expires=Wed, 18 Oct 2023 15:14:19 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6f9b3c62d85a5ee1488b29315c114eb4
49009bc0a2c7ceb076edc89cb0d97962202d661e
d91b181a33cf10f551d6bca4b35da25e2975b2325aa8d1713b9bcb18c7bf66de
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3676
Cache-Control: max-age=122026
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:19 GMT
Etag: "634dee19-117"
Expires: Thu, 20 Oct 2022 01:08:05 GMT
Last-Modified: Tue, 18 Oct 2022 00:06:49 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
offerimage.com/www/images/3cc187c3294f050cb0f2632e70e60563.png
172.67.22.216200 OK 93 kB URL HTTP/2 offerimage.com/www/images/3cc187c3294f050cb0f2632e70e60563.png
IP 172.67.22.216:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 3cc187c3294f050cb0f2632e70e60563
3f827edd982ebb762f5aa277031e479b915ec3ca
b19c84a72b1d44fb0226991b96e3ad276549cb40af572411320212828d77a498
GET /www/images/3cc187c3294f050cb0f2632e70e60563.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:19 GMT
content-type: image/png
content-length: 93324
last-modified: Thu, 10 Dec 2020 17:25:26 GMT
etag: "5fd25a06-16c8c"
expires: Tue, 18 Oct 2022 22:14:45 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 61174
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c2391a8d74fac4-OSL
X-Firefox-Spdy: h2
outoctillerytor.com/400/3850975
139.45.197.236200 OK 33 kB URL HTTP/2 outoctillerytor.com/400/3850975
IP 139.45.197.236:0
Hash caeef274fe0e8896dec5a9893e2bb1e5
b4dad632a8a323fa73573f1ccbcf0615b71afb59
d8fb0945d8c88c2af96fe9a5c7ae8d5592a0c152878ad37608724f41a1ad8be1
GET /400/3850975 HTTP/1.1
Host: outoctillerytor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 15:14:19 GMT
content-type: application/javascript
x-trace-id: 0dfd21fc2e1c8fb298279c8455b4b5b1
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=13232cacb96d4554a1265b384e0b17e6; expires=Wed, 18 Oct 2023 15:14:19 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js?hash=d8abcacfd9878e46abc0e02924c6c88d
31.13.72.12200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=d8abcacfd9878e46abc0e02924c6c88d
IP 31.13.72.12:0
File type ASCII text, with very long lines (17777)
Hash a5f2c645ee08afb1cf87124fe972c71f
610877e5651212bdfdf2d499f7d458cd52c6cd8c
0c63df097135065f802d16037978cbd3e39b07ce53cecbbc144a50b09269ab87
GET /en_US/sdk.js?hash=d8abcacfd9878e46abc0e02924c6c88d HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kickassanime.cc
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 38cc4440b48c1a334087eb730bcf5d8a
etag: "cdc614bee95c52d0261293e60f95af13"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 18 Oct 2023 08:42:10 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: pfLGRe4Ir7HPhxJP6XLHHw==
x-fb-debug: V4S58hfwXxDUciY2pYYPOGe6KVxPxO2HlDxFg0zE9QtcTL0di2RAVlJDKnlp7Kk/ARb36mcP2c0lwvpwcmW2Sg==
content-length: 88394
x-fb-trip-id: 1904183273
date: Tue, 18 Oct 2022 15:14:20 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d10d6b2b6fe85a52d6e4f650d58a0260
9658c9fef7ee313e823b304b325b8594310ed752
488f2bfeef899c3f8a80ad1f0b732ea4054c57dec1939f947370b93fb9c15c63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d10d6b2b6fe85a52d6e4f650d58a0260
9658c9fef7ee313e823b304b325b8594310ed752
488f2bfeef899c3f8a80ad1f0b732ea4054c57dec1939f947370b93fb9c15c63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.analytics.google.com/g/collect?v=2&tid=G-92KEDE6FQ0>m=2oeaa0&_p=592205955&_gaz=1&cid=1200322514.1666106067&ul=en-us&sr=1280x1024&_s=1&sid=1666106066&sct=1&seg=0&dl=https%3A%2F%2Fkickassanime.cc%2Fchainsaw-man&dt=Chainsaw%20Man%20-%20HD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-92KEDE6FQ0>m=2oeaa0&_p=592205955&_gaz=1&cid=1200322514.1666106067&ul=en-us&sr=1280x1024&_s=1&sid=1666106066&sct=1&seg=0&dl=https%3A%2F%2Fkickassanime.cc%2Fchainsaw-man&dt=Chainsaw%20Man%20-%20HD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-92KEDE6FQ0>m=2oeaa0&_p=592205955&_gaz=1&cid=1200322514.1666106067&ul=en-us&sr=1280x1024&_s=1&sid=1666106066&sct=1&seg=0&dl=https%3A%2F%2Fkickassanime.cc%2Fchainsaw-man&dt=Chainsaw%20Man%20-%20HD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kickassanime.cc
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://kickassanime.cc
date: Tue, 18 Oct 2022 15:14:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dffe12ac16db6c55dd67de4dcbd27f13
729f1626e0d515531baa91c8d0dd1dd7afa1215a
6f48a34280454fe8e64ab04dbc8ba0ca2e0b89c41c602a32d90adeadf762da15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-92KEDE6FQ0&cid=1200322514.1666106067>m=2oeaa0&aip=1
173.194.73.157204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-92KEDE6FQ0&cid=1200322514.1666106067>m=2oeaa0&aip=1
IP 173.194.73.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-92KEDE6FQ0&cid=1200322514.1666106067>m=2oeaa0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kickassanime.cc
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://kickassanime.cc
date: Tue, 18 Oct 2022 15:14:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dffe12ac16db6c55dd67de4dcbd27f13
729f1626e0d515531baa91c8d0dd1dd7afa1215a
6f48a34280454fe8e64ab04dbc8ba0ca2e0b89c41c602a32d90adeadf762da15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5d45fc2295607d8394cc1375e67ea8ff
c88d22b98664013b6ec40c372331de6e7c4b0542
348e8f7ed57f4cac5691bdeb4d712573e42b3bcbdf89b7211a94cc420d4a3ff1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=kickassanime.cc
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=kickassanime.cc
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=kickassanime.cc HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 18 Oct 2022 15:14:20 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dacaeafb819026a188905266558de0dc
5761fb8515e08e4cc3e16a0036a1337d599a6dd8
3f016a36f39a7ca47ed44040ea6e145863cba28057cd50d972afdbd2b42053c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=kickassanime.cc&callback=_gfp_s_&client=ca-pub-1719831927616069&gpid_exp=1
172.217.21.162200 OK 254 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=kickassanime.cc&callback=_gfp_s_&client=ca-pub-1719831927616069&gpid_exp=1
IP 172.217.21.162:0
File type ASCII text, with very long lines (397), with no line terminators
Hash 957df199288207c8c76e7a34a4d67f3f
86a2e7b0027a88e0ed42012027c72b904fc58189
7a42f268dbe01601610ac61a74fe55adb688c56b8fd8ad36d58978ed4f2c9c65
GET /gampad/cookie.js?domain=kickassanime.cc&callback=_gfp_s_&client=ca-pub-1719831927616069&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 18 Oct 2022 15:14:20 GMT
server: cafe
cache-control: private
content-length: 254
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=kickassanime.cc
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=kickassanime.cc
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=kickassanime.cc HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 18 Oct 2022 15:14:20 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5d45fc2295607d8394cc1375e67ea8ff
c88d22b98664013b6ec40c372331de6e7c4b0542
348e8f7ed57f4cac5691bdeb4d712573e42b3bcbdf89b7211a94cc420d4a3ff1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dacaeafb819026a188905266558de0dc
5761fb8515e08e4cc3e16a0036a1337d599a6dd8
3f016a36f39a7ca47ed44040ea6e145863cba28057cd50d972afdbd2b42053c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fp.metricswpsh.com/fp?tag_id=1706
157.90.84.246204 No Content 0 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=1706
IP 157.90.84.246:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=1706 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://kickassanime.cc/
Origin: https://kickassanime.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Tue, 18 Oct 2022 15:14:20 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://kickassanime.cc
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
notification.tubecup.net/tags?tag_id=1706&timezone_olson=UTC&version_name=c
88.198.200.20200 OK 2.0 kB URL HTTP/2 notification.tubecup.net/tags?tag_id=1706&timezone_olson=UTC&version_name=c
IP 88.198.200.20:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with very long lines (2003), with no line terminators
Hash 9a7f2c16c7124733ba22c020b061de8b
1a63a47369f2c50b4a25f6b939842d7d99df71de
3f44e7d3c4f5dfb57bd97ae4765ffd7fcea626510537b2797b21bfaf1fad42c7
GET /tags?tag_id=1706&timezone_olson=UTC&version_name=c HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kickassanime.cc
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 18 Oct 2022 15:14:20 GMT
content-type: application/json
content-length: 2003
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
fp.metricswpsh.com/fp?tag_id=1706
157.90.84.246200 OK 27 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=1706
IP 157.90.84.246:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text
Hash 26fb0f9e78b0eeace1f1c1622cb895ce
58e12ba70dfe38ffde0888e10e0b004da9a550f0
edb572feeecc65bb3ed151d594305552e6089f90b67224db28b7a7e2277d0078
POST /fp?tag_id=1706 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22285
Origin: https://kickassanime.cc
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 18 Oct 2022 15:14:20 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 27
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://kickassanime.cc
Set-Cookie: id=2666895610935415302; Expires=Wed, 18 Oct 2023 15:14:20 GMT; Secure; SameSite=None
Vary: Origin
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 63836b06183b72bdc8b7aae80e469b30
561044560f69806cce5f5b885c98b349a2ba0a91
7a47dbfd794be909857c185bd362f95e6852e3dfefa352a9dcef5d776574cf41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7A47DBFD794BE909857C185BD362F95E6852E3DFEFA352A9DCEF5D776574CF41"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11131
Expires: Tue, 18 Oct 2022 18:19:51 GMT
Date: Tue, 18 Oct 2022 15:14:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b439bb1b01c638ede4f5c0d28f3404ab
7b97f79cff4ab705b06dc71539b4c413639093f2
eb2e8ba5e8e64176b41f5c48c13294680a9e68d888c85f5e6fafce508652daf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB2E8BA5E8E64176B41F5C48C13294680A9E68D888C85F5E6FAFCE508652DAF3"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5166
Expires: Tue, 18 Oct 2022 16:40:26 GMT
Date: Tue, 18 Oct 2022 15:14:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31b832a4bf9a026041f7547346304f94
e1363c7355f713fcb75d8bfc430d7bfc86eab99f
8dcda5f11627f2108290584b73214431d0dadcd21d249aa963a105bfee96da84
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8DCDA5F11627F2108290584B73214431D0DADCD21D249AA963A105BFEE96DA84"
Last-Modified: Mon, 17 Oct 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17681
Expires: Tue, 18 Oct 2022 20:09:01 GMT
Date: Tue, 18 Oct 2022 15:14:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 63836b06183b72bdc8b7aae80e469b30
561044560f69806cce5f5b885c98b349a2ba0a91
7a47dbfd794be909857c185bd362f95e6852e3dfefa352a9dcef5d776574cf41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7A47DBFD794BE909857C185BD362F95E6852E3DFEFA352A9DCEF5D776574CF41"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11131
Expires: Tue, 18 Oct 2022 18:19:51 GMT
Date: Tue, 18 Oct 2022 15:14:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8158cb09bdc3f39008b1048291ed03a4
d3569d4a70738a92956ab33ab4b19bfe0ebabd8d
b013c5aa115f384142d182118643114f61de7a8d0874f14a322bb7a944aee752
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B013C5AA115F384142D182118643114F61DE7A8D0874F14A322BB7A944AEE752"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4877
Expires: Tue, 18 Oct 2022 16:35:37 GMT
Date: Tue, 18 Oct 2022 15:14:20 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6016dea5f80664eb009e16dd4989630a
b0aa29f72bd449aa2f33c7f9f531067fa741a6da
5dd595913b3fa11b3a64d2636abd887fa2d7dd85e16a2095d83431adf23408d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4e9f986fac76c4b02dfe65d0b534a308
c0e5c4ba5e8eddd9cdbdcf645f8b8d45018444a0
813fd64e93043af69799a0994a625da62e93c2663d9185a6d8210113ad9a655b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
b1707df9d4.4d2a483049.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI3NTgxNDgzNzQxNDY2NjY1MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTMuMCIsInRhZ19pZCI6MTcwNiwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjoxLjA1LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOm51bGwsInVzZXJfa2V5d29yZHMiOiJDaGFpbnNhdyUyQ01hbiUyQ0hEJTJDQ2hhaW5zYXclMkNNYW4lMjAifQ==
45.133.44.25200 OK 0 B URL HTTP/2 b1707df9d4.4d2a483049.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI3NTgxNDgzNzQxNDY2NjY1MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTMuMCIsInRhZ19pZCI6MTcwNiwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjoxLjA1LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOm51bGwsInVzZXJfa2V5d29yZHMiOiJDaGFpbnNhdyUyQ01hbiUyQ0hEJTJDQ2hhaW5zYXclMkNNYW4lMjAifQ==
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI3NTgxNDgzNzQxNDY2NjY1MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTMuMCIsInRhZ19pZCI6MTcwNiwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjoxLjA1LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOm51bGwsInVzZXJfa2V5d29yZHMiOiJDaGFpbnNhdyUyQ01hbiUyQ0hEJTJDQ2hhaW5zYXclMkNNYW4lMjAifQ== HTTP/1.1
Host: b1707df9d4.4d2a483049.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kickassanime.cc
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:20 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4e9f986fac76c4b02dfe65d0b534a308
c0e5c4ba5e8eddd9cdbdcf645f8b8d45018444a0
813fd64e93043af69799a0994a625da62e93c2663d9185a6d8210113ad9a655b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/abg_lite_fy2021.js
142.250.74.33200 OK 9.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221013/r20110914/abg_lite_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1631)
Hash 987bb06a5cb4423130b128d36060202b
ad0f545506bc8b6c38288a6ba7ffb33395cac9ed
eb48e970818004a1fad89b6c23211bbadad19dd614ce64ef2f7f8cf247d1ccfe
GET /pagead/js/r20221013/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 9578
x-xss-protection: 0
date: Tue, 18 Oct 2022 00:36:14 GMT
expires: Tue, 01 Nov 2022 00:36:14 GMT
cache-control: public, max-age=1209600
age: 52686
etag: 2674910403068493586
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/qs_click_protection_fy2021.js
142.250.74.33200 OK 7.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/qs_click_protection_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1501)
Hash c6def1c673290d48c7ddd057a3db5bc3
568836748528cf4f16f7df409ba138f717eedc5a
0dec8545640095f6c9bf1bc3a3ce7db3f111dfaf47ca2248b25e847b15e70130
GET /pagead/js/r20221013/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 7570
x-xss-protection: 0
date: Mon, 17 Oct 2022 20:33:00 GMT
expires: Mon, 31 Oct 2022 20:33:00 GMT
cache-control: public, max-age=1209600
age: 67280
etag: 17992891929817281641
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.130200 OK 47 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.130:0
File type ASCII text, with very long lines (3502)
Hash 764d567b04ae890812470641e97d71de
39be25edd877cf5c05a1942e7bfea670a897c70d
d3b61d36d4a7e810aec17c65f5b4043b0a1661fd07b5fa8fce86660c58e1790e
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 47415
date: Tue, 18 Oct 2022 15:14:20 GMT
expires: Tue, 18 Oct 2022 15:14:20 GMT
cache-control: private, max-age=3000
etag: "1665574756386403"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
142.250.74.10200 OK 1.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
IP 142.250.74.10:0
Hash 8903ab20ea6768813d3edc0c34c971b1
4b0191ffcd50b9e39bdac543d1c7199b77417a8a
197a59f5bcddfcb0028c42fe09d8d3192287f2bf3500e92fad00408cb79afab6
GET /css?family=Google%20Sans%3A400%2C500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 18 Oct 2022 15:14:20 GMT
date: Tue, 18 Oct 2022 15:14:20 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js.wpshsdk.com/npc/sdk/wp-banners.js
45.133.44.25200 OK 0 B URL HTTP/2 js.wpshsdk.com/npc/sdk/wp-banners.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Tue, 18 Oct 2022 15:19:21 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
js.cabnnr.com/banner-admanager/build.m.js
45.133.44.24200 OK 36 kB URL HTTP/2 js.cabnnr.com/banner-admanager/build.m.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash b98f74aac854c9b4dde5bf884d3052d2
a9f3c42fd864019ba969ef4b7ed53dab0eb2a64d
3a088bf10cc8bb78bbf5359b75fcd37fd2b871083f8f2811245e928825296c35
GET /banner-admanager/build.m.js HTTP/1.1
Host: js.cabnnr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:20 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 18 Oct 2022 08:59:34 GMT
etag: W/"634e6af6-bee8"
content-encoding: gzip
expires: Tue, 18 Oct 2022 15:19:20 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
js.wpushsdk.com/npc/sdk/wpu/npush.m.js
45.133.44.24200 OK 64 kB URL HTTP/2 js.wpushsdk.com/npc/sdk/wpu/npush.m.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6e64f493114eec819e7e49090c98649b
e6bf861bc9be630b03654cabea969731f6acd242
63d3f5ee23d5b60f02427ca931c54473f012dc8e88cfbd450611194fc99d7334
GET /npc/sdk/wpu/npush.m.js HTTP/1.1
Host: js.wpushsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:20 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 14 Oct 2022 14:43:31 GMT
etag: W/"63497593-3d20c"
content-encoding: gzip
expires: Tue, 18 Oct 2022 15:19:20 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
js.wpshsdk.com/npc/sdk/push.m.js?v=1
45.133.44.25200 OK 39 kB URL HTTP/2 js.wpshsdk.com/npc/sdk/push.m.js?v=1
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (61709)
Hash fc69b4793e4e68b8075321ad5f4efb6f
d872dde4cbce44179adc7340adca13b401c07466
12174f851d7c3501c8980d57bfb19984d77eea567e7e4830665b6ad8f0ea6f2c
GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:20 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 14 Oct 2022 13:11:50 GMT
etag: W/"63496016-f1b6"
content-encoding: gzip
expires: Tue, 18 Oct 2022 15:19:20 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3e9e32faa922638fe29c34796ea5d207
d68f3b81f094b05fe4d99d810f809e9752b74807
0a0c14a598a635609eeaa95df9ebba9bb6b546a2683ae39b6ea4ab695b17dbf9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0A0C14A598A635609EEAA95DF9EBBA9BB6B546A2683AE39B6EA4AB695B17DBF9"
Last-Modified: Mon, 17 Oct 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10748
Expires: Tue, 18 Oct 2022 18:13:29 GMT
Date: Tue, 18 Oct 2022 15:14:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3e9e32faa922638fe29c34796ea5d207
d68f3b81f094b05fe4d99d810f809e9752b74807
0a0c14a598a635609eeaa95df9ebba9bb6b546a2683ae39b6ea4ab695b17dbf9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0A0C14A598A635609EEAA95DF9EBBA9BB6B546A2683AE39B6EA4AB695B17DBF9"
Last-Modified: Mon, 17 Oct 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10748
Expires: Tue, 18 Oct 2022 18:13:29 GMT
Date: Tue, 18 Oct 2022 15:14:21 GMT
Connection: keep-alive
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
216.58.207.195200 OK 55 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 216.58.207.195:0
File type gzip compressed data, from Unix\012- data
Hash c558394a22b6277808c73ec55f1eee04
1fad5d3f25e850e6133c5fb4bbcdf7ca9c9bf8d9
331f5d86bca5daa65d33bd7974b313d10e15339ec455e86630032111e6a1fc43
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Oct 2022 15:21:36 GMT
expires: Thu, 12 Oct 2023 15:21:36 GMT
cache-control: public, max-age=31536000
age: 517965
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
46fe7fa264.4d2a483049.com/in/multy
168.119.25.22204 No Content 0 B URL HTTP/2 46fe7fa264.4d2a483049.com/in/multy
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /in/multy HTTP/1.1
Host: 46fe7fa264.4d2a483049.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://kickassanime.cc/
Origin: https://kickassanime.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.18.0
date: Tue, 18 Oct 2022 15:14:21 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
nereserv.com/in/dip?site=native-push&wl=0&event_id=dcd5bbd2-3df3-4a54-821e-8d8cf7e74d44&subid=1898427395&sid=3905227357&spot_id=771&created_at=2022-10-18&timezone=0&ver=7.9.1&is_native=1
168.119.25.22200 OK 0 B URL HTTP/2 nereserv.com/in/dip?site=native-push&wl=0&event_id=dcd5bbd2-3df3-4a54-821e-8d8cf7e74d44&subid=1898427395&sid=3905227357&spot_id=771&created_at=2022-10-18&timezone=0&ver=7.9.1&is_native=1
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=0&event_id=dcd5bbd2-3df3-4a54-821e-8d8cf7e74d44&subid=1898427395&sid=3905227357&spot_id=771&created_at=2022-10-18&timezone=0&ver=7.9.1&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kickassanime.cc
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 18 Oct 2022 15:14:21 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 42812d3f44ded0aff3f3bd6af584b333
f98e2681013fa424d076ce5fd4cf27c8f40c2ba8
9126685a5cdda4639796632366d3a2935317cf7a51d724d5bb56e315f5142262
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 15:14:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 75739ec38156ee774eedabec3dcbfb43
c7e140e52ed20896ceb08903de3a2869d7b1f085
42837b87c1b5c08d3c3cf82c2250ceca14880128593621c3ba8598ca87bbd6d8
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 18 Oct 2022 15:14:22 GMT
date: Tue, 18 Oct 2022 15:14:22 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-lXg9w5ewB7kEvvQjEvR9vw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cab0ad2499c9f14f05e55334c29341d9
616b5e750d9e941614080696a9a64e9151924747
fd9eea629713fe848a84f033afe22b7970772f72b45d52c6dcc457250b99de9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD9EEA629713FE848A84F033AFE22B7970772F72B45D52C6DCC457250B99DE9B"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2764
Expires: Tue, 18 Oct 2022 16:00:26 GMT
Date: Tue, 18 Oct 2022 15:14:22 GMT
Connection: keep-alive
46fe7fa264.4d2a483049.com/in/multy
168.119.25.22200 OK 20 kB URL HTTP/2 46fe7fa264.4d2a483049.com/in/multy
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (19854), with no line terminators
Hash b1685fda1d9a7034eed313179d820b27
f12b4e3604ace107093628c32733064aaab02e80
69eaecb41c9d7e6e5874bf97a640c21acbb49fbabc7c3376a09f4cbb7db896fb
Analyzer Verdict Alert quad9 Sinkholed
POST /in/multy HTTP/1.1
Host: 46fe7fa264.4d2a483049.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 716
Origin: https://kickassanime.cc
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 18 Oct 2022 15:14:22 GMT
content-type: application/json
content-length: 19857
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
46fe7fa264.4d2a483049.com/in/show/?mid=1796396555&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=1898427395&sid=3905227357&cid=13359&price=0.0004&is_cpm=0&cpm=0&ecpm=0.016322324611555795&crid=3577992&crtid=41e2b054b7d7fdd561f6651d06d511e5&tcid=0&out_id=1&ver=7.9.1&ver_c=&refdom=kickassanime.cc&hostname=auc-inpage-hz-4-a&site_id=31771&spot_id=771&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1666192461&created_at=2022-10-18&is_native=2&auction_queue=0&burl=LkqRc4kiWTl8MsVhCJz-ncI-TurQI2_adobcUBfo7Zn_Yz88nvuy6RJ95HipLDU2wXlc2HZE1ZP96A6HYYDdz3HUXo3PJKVNtTFFkqu1cR8-EsXIgzhZBYpTSRvGRBKW9Cw9EwElxEZhR9WXORIVFYH8jobcxcugMzl3Zz7zVY4j5sc6zsPmqa4ET418WVJ6x4H7GUlkODaZvQoYl2TS5liOCJo407uGBw43qGSaZnUl0mOyhSZbLmTam8NCukqaCNmkaok46Oeq7lCDWjuqHm1B99Lrex5rilGQECMgKSrMt_D-0KfSuIfCGIiR_7InmKGcMeQBnY5JsULDKpS4bsJevlSJ4G-jlGlGsVvq54a9HeEPOjZFpBejIwO0pNSGgSdLmQyj1TOT9PAbZ_qFMUzh7sDC_c9_4ePqwwN5LiNwFw511EjgQEK_ZRYV2I4hqzYvN9-LxfEIddsFk8BnkC8IZzAQ6cXxlxEvqAINTJ1lSOVnYmRqd4Lu6VmfwvLvYteaD8kRoLhnYeVWlf6gaOhxsBXj8mciYgo2ImWFM4C5vQDblnGaET4j4mIrYLQ24FocwZZv3WmzIJf1_j8eCAQkDkQLtZxSVSLM8mlK6THu6CAdbnmZv1Vx17chBkinythd9J1mw7wZJqTgbh11LOz_4ftiRRKVWUKNdSpNCGymsgCbhbP3F6DzzS4dt57zMgy1Z2XRE2dCgiYoLOVflkB27xxiEDn5BoBj8w4fCJIwGKpWSD2CcuJrx1vJCrTDyoBcbQjDmDhhEhRvtZbMHMYeP-WiHscflCXWyQbCBUagbZs3cIUj6H7q3TieiYGxtNY5Lbcd5miI7wTAAh7Fj_ub75yYZClW3T28T5uNp-Os6eRFfmlZdywF9A44Zbhv4h8vXC5hZBUyM-3DpbZnBJ_AWU6aFCuzJPErWAODsgwrJ6qXmhCjHbotLqiXr4Gln0B4QTwXFwmZ_qvw8FGrKVQKrgMWsR9oBtl_iAtHbpR6XoSxlqP2wHm9wKaAymRFvMaOhlUPMOlE3vrbjral6NFDNgfxnr2LCwhLlJoTFxJVWwsDDzx0QSfnblduSVrH3LN8MMoevNUkgLxtX8YBl_K5Ytzei584H7FTWRvuNlm6zErDzulWis1tFP55IalaBXSNqcChBTjB4f1qveSibrLxcEvXfbxgVunbrtJQ-VqawPNpm-kMf-jINAVkkxjuruAv4BwFVcIajHkeo6W2xcsk5b7yEMdOZfdb7DPvW_UKGxpJ5urHD0beRGmlHwk8lJ918dv0D6mOc-3jEhYfj9_RJMy-QKE6w3JhLCA-PJRuKr71uZ8iBD1QR_b-o6maTNjUgj3XO8GTPZRN8dqMqS2UaN-3FSBmFUW8yPVWUESGRbGRBv-Tu6XTMYToQL2ZgcRYYApFf51WVl6ZOuDklbAbPR0q_10lYBRrt4yFlM902bucp2dVe8I0_06rWQnnWhZ6rwo33PkP-IvpPoIwaAmFZC3p9Fk-9H-A31aUBFFFyXYfQ4-SU0VkoXgjlrTugky8xChbFtGBv9aJaNLOC4mRlKm07W28CoRyGFSLhmwNa3NWyAjb-fsmgnyQe6s9D1Jf7eJHwQ4y9_Y4-N5B2bmYubwkd_d0aGNDWrw213a5b5ZzYbpZVPJDpjt68ZYGvmykKLUA1fwXW-skznwUadF4eDNUzoMqhvalT8nUShF3gyQMdHwbLMHOYKejf-CsoD97JS35JHVKPmOcfYcDntUBa1rZwnejKPRO3NYFTsuhPEPddFMEGX505l4qg3VmCQZt0d0_06tKTelj6Njl2WWBZXJrpOb6NUQ3uD_mPL3qt9TLlPTSoqL-zkmcfMoEM7gB_ak-LSlUjQOjN27UEusHTW10k3Kni2aqe8hwYt-FWKctZ2jt0HBR5qYdmZW9NA&pop_winurl=&ip=91.90.42.154&testab=0&px_id=53771&adblock=0&auction_host=timezone&mm=0&yc=0&render_type=mq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB1-5&min_cpm=0.002923767000403578&placement_type_id=&skin_test=0&verify_hash=0bffe18888a7c9f6ab5e1d2e92b495b5&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1898427395%26spot_id%3D771%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fkickassanime.cc%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=c&original_bid=0.0004&v2_track=0&url=PoCM1uu0Y7xnMrs62XwjN_TCX3Ae0gFKSyS184MeJ1h9MuslBV7rVCFQY_yen78bAZOYpUajsKYrNWObk5-JiKzcl4IuZzmPeKzAE9_7PIjwj40edIXPlTkJKNXOsj-UVqhPVublo7EExqSqAbPNOpxJK-SHFFBtaY9m2xFfvJyXJbX96w&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&skin_id=25&vertical_id=0&real_bid=0.0004&pr=&user_keywords=&auc_type=1&aid=116&ext_cid=0&device_theme=light&keywords=&mlc=1&format=compact2-slide-b_r-body&mlf=1&cpa=48058348-6402-4e08-bc1c-e9e60c8ea0c8
168.119.25.22302 Found 0 B URL HTTP/2 46fe7fa264.4d2a483049.com/in/show/?mid=1796396555&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=1898427395&sid=3905227357&cid=13359&price=0.0004&is_cpm=0&cpm=0&ecpm=0.016322324611555795&crid=3577992&crtid=41e2b054b7d7fdd561f6651d06d511e5&tcid=0&out_id=1&ver=7.9.1&ver_c=&refdom=kickassanime.cc&hostname=auc-inpage-hz-4-a&site_id=31771&spot_id=771&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1666192461&created_at=2022-10-18&is_native=2&auction_queue=0&burl=LkqRc4kiWTl8MsVhCJz-ncI-TurQI2_adobcUBfo7Zn_Yz88nvuy6RJ95HipLDU2wXlc2HZE1ZP96A6HYYDdz3HUXo3PJKVNtTFFkqu1cR8-EsXIgzhZBYpTSRvGRBKW9Cw9EwElxEZhR9WXORIVFYH8jobcxcugMzl3Zz7zVY4j5sc6zsPmqa4ET418WVJ6x4H7GUlkODaZvQoYl2TS5liOCJo407uGBw43qGSaZnUl0mOyhSZbLmTam8NCukqaCNmkaok46Oeq7lCDWjuqHm1B99Lrex5rilGQECMgKSrMt_D-0KfSuIfCGIiR_7InmKGcMeQBnY5JsULDKpS4bsJevlSJ4G-jlGlGsVvq54a9HeEPOjZFpBejIwO0pNSGgSdLmQyj1TOT9PAbZ_qFMUzh7sDC_c9_4ePqwwN5LiNwFw511EjgQEK_ZRYV2I4hqzYvN9-LxfEIddsFk8BnkC8IZzAQ6cXxlxEvqAINTJ1lSOVnYmRqd4Lu6VmfwvLvYteaD8kRoLhnYeVWlf6gaOhxsBXj8mciYgo2ImWFM4C5vQDblnGaET4j4mIrYLQ24FocwZZv3WmzIJf1_j8eCAQkDkQLtZxSVSLM8mlK6THu6CAdbnmZv1Vx17chBkinythd9J1mw7wZJqTgbh11LOz_4ftiRRKVWUKNdSpNCGymsgCbhbP3F6DzzS4dt57zMgy1Z2XRE2dCgiYoLOVflkB27xxiEDn5BoBj8w4fCJIwGKpWSD2CcuJrx1vJCrTDyoBcbQjDmDhhEhRvtZbMHMYeP-WiHscflCXWyQbCBUagbZs3cIUj6H7q3TieiYGxtNY5Lbcd5miI7wTAAh7Fj_ub75yYZClW3T28T5uNp-Os6eRFfmlZdywF9A44Zbhv4h8vXC5hZBUyM-3DpbZnBJ_AWU6aFCuzJPErWAODsgwrJ6qXmhCjHbotLqiXr4Gln0B4QTwXFwmZ_qvw8FGrKVQKrgMWsR9oBtl_iAtHbpR6XoSxlqP2wHm9wKaAymRFvMaOhlUPMOlE3vrbjral6NFDNgfxnr2LCwhLlJoTFxJVWwsDDzx0QSfnblduSVrH3LN8MMoevNUkgLxtX8YBl_K5Ytzei584H7FTWRvuNlm6zErDzulWis1tFP55IalaBXSNqcChBTjB4f1qveSibrLxcEvXfbxgVunbrtJQ-VqawPNpm-kMf-jINAVkkxjuruAv4BwFVcIajHkeo6W2xcsk5b7yEMdOZfdb7DPvW_UKGxpJ5urHD0beRGmlHwk8lJ918dv0D6mOc-3jEhYfj9_RJMy-QKE6w3JhLCA-PJRuKr71uZ8iBD1QR_b-o6maTNjUgj3XO8GTPZRN8dqMqS2UaN-3FSBmFUW8yPVWUESGRbGRBv-Tu6XTMYToQL2ZgcRYYApFf51WVl6ZOuDklbAbPR0q_10lYBRrt4yFlM902bucp2dVe8I0_06rWQnnWhZ6rwo33PkP-IvpPoIwaAmFZC3p9Fk-9H-A31aUBFFFyXYfQ4-SU0VkoXgjlrTugky8xChbFtGBv9aJaNLOC4mRlKm07W28CoRyGFSLhmwNa3NWyAjb-fsmgnyQe6s9D1Jf7eJHwQ4y9_Y4-N5B2bmYubwkd_d0aGNDWrw213a5b5ZzYbpZVPJDpjt68ZYGvmykKLUA1fwXW-skznwUadF4eDNUzoMqhvalT8nUShF3gyQMdHwbLMHOYKejf-CsoD97JS35JHVKPmOcfYcDntUBa1rZwnejKPRO3NYFTsuhPEPddFMEGX505l4qg3VmCQZt0d0_06tKTelj6Njl2WWBZXJrpOb6NUQ3uD_mPL3qt9TLlPTSoqL-zkmcfMoEM7gB_ak-LSlUjQOjN27UEusHTW10k3Kni2aqe8hwYt-FWKctZ2jt0HBR5qYdmZW9NA&pop_winurl=&ip=91.90.42.154&testab=0&px_id=53771&adblock=0&auction_host=timezone&mm=0&yc=0&render_type=mq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB1-5&min_cpm=0.002923767000403578&placement_type_id=&skin_test=0&verify_hash=0bffe18888a7c9f6ab5e1d2e92b495b5&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1898427395%26spot_id%3D771%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fkickassanime.cc%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=c&original_bid=0.0004&v2_track=0&url=PoCM1uu0Y7xnMrs62XwjN_TCX3Ae0gFKSyS184MeJ1h9MuslBV7rVCFQY_yen78bAZOYpUajsKYrNWObk5-JiKzcl4IuZzmPeKzAE9_7PIjwj40edIXPlTkJKNXOsj-UVqhPVublo7EExqSqAbPNOpxJK-SHFFBtaY9m2xFfvJyXJbX96w&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&skin_id=25&vertical_id=0&real_bid=0.0004&pr=&user_keywords=&auc_type=1&aid=116&ext_cid=0&device_theme=light&keywords=&mlc=1&format=compact2-slide-b_r-body&mlf=1&cpa=48058348-6402-4e08-bc1c-e9e60c8ea0c8
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /in/show/?mid=1796396555&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=1898427395&sid=3905227357&cid=13359&price=0.0004&is_cpm=0&cpm=0&ecpm=0.016322324611555795&crid=3577992&crtid=41e2b054b7d7fdd561f6651d06d511e5&tcid=0&out_id=1&ver=7.9.1&ver_c=&refdom=kickassanime.cc&hostname=auc-inpage-hz-4-a&site_id=31771&spot_id=771&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1666192461&created_at=2022-10-18&is_native=2&auction_queue=0&burl=LkqRc4kiWTl8MsVhCJz-ncI-TurQI2_adobcUBfo7Zn_Yz88nvuy6RJ95HipLDU2wXlc2HZE1ZP96A6HYYDdz3HUXo3PJKVNtTFFkqu1cR8-EsXIgzhZBYpTSRvGRBKW9Cw9EwElxEZhR9WXORIVFYH8jobcxcugMzl3Zz7zVY4j5sc6zsPmqa4ET418WVJ6x4H7GUlkODaZvQoYl2TS5liOCJo407uGBw43qGSaZnUl0mOyhSZbLmTam8NCukqaCNmkaok46Oeq7lCDWjuqHm1B99Lrex5rilGQECMgKSrMt_D-0KfSuIfCGIiR_7InmKGcMeQBnY5JsULDKpS4bsJevlSJ4G-jlGlGsVvq54a9HeEPOjZFpBejIwO0pNSGgSdLmQyj1TOT9PAbZ_qFMUzh7sDC_c9_4ePqwwN5LiNwFw511EjgQEK_ZRYV2I4hqzYvN9-LxfEIddsFk8BnkC8IZzAQ6cXxlxEvqAINTJ1lSOVnYmRqd4Lu6VmfwvLvYteaD8kRoLhnYeVWlf6gaOhxsBXj8mciYgo2ImWFM4C5vQDblnGaET4j4mIrYLQ24FocwZZv3WmzIJf1_j8eCAQkDkQLtZxSVSLM8mlK6THu6CAdbnmZv1Vx17chBkinythd9J1mw7wZJqTgbh11LOz_4ftiRRKVWUKNdSpNCGymsgCbhbP3F6DzzS4dt57zMgy1Z2XRE2dCgiYoLOVflkB27xxiEDn5BoBj8w4fCJIwGKpWSD2CcuJrx1vJCrTDyoBcbQjDmDhhEhRvtZbMHMYeP-WiHscflCXWyQbCBUagbZs3cIUj6H7q3TieiYGxtNY5Lbcd5miI7wTAAh7Fj_ub75yYZClW3T28T5uNp-Os6eRFfmlZdywF9A44Zbhv4h8vXC5hZBUyM-3DpbZnBJ_AWU6aFCuzJPErWAODsgwrJ6qXmhCjHbotLqiXr4Gln0B4QTwXFwmZ_qvw8FGrKVQKrgMWsR9oBtl_iAtHbpR6XoSxlqP2wHm9wKaAymRFvMaOhlUPMOlE3vrbjral6NFDNgfxnr2LCwhLlJoTFxJVWwsDDzx0QSfnblduSVrH3LN8MMoevNUkgLxtX8YBl_K5Ytzei584H7FTWRvuNlm6zErDzulWis1tFP55IalaBXSNqcChBTjB4f1qveSibrLxcEvXfbxgVunbrtJQ-VqawPNpm-kMf-jINAVkkxjuruAv4BwFVcIajHkeo6W2xcsk5b7yEMdOZfdb7DPvW_UKGxpJ5urHD0beRGmlHwk8lJ918dv0D6mOc-3jEhYfj9_RJMy-QKE6w3JhLCA-PJRuKr71uZ8iBD1QR_b-o6maTNjUgj3XO8GTPZRN8dqMqS2UaN-3FSBmFUW8yPVWUESGRbGRBv-Tu6XTMYToQL2ZgcRYYApFf51WVl6ZOuDklbAbPR0q_10lYBRrt4yFlM902bucp2dVe8I0_06rWQnnWhZ6rwo33PkP-IvpPoIwaAmFZC3p9Fk-9H-A31aUBFFFyXYfQ4-SU0VkoXgjlrTugky8xChbFtGBv9aJaNLOC4mRlKm07W28CoRyGFSLhmwNa3NWyAjb-fsmgnyQe6s9D1Jf7eJHwQ4y9_Y4-N5B2bmYubwkd_d0aGNDWrw213a5b5ZzYbpZVPJDpjt68ZYGvmykKLUA1fwXW-skznwUadF4eDNUzoMqhvalT8nUShF3gyQMdHwbLMHOYKejf-CsoD97JS35JHVKPmOcfYcDntUBa1rZwnejKPRO3NYFTsuhPEPddFMEGX505l4qg3VmCQZt0d0_06tKTelj6Njl2WWBZXJrpOb6NUQ3uD_mPL3qt9TLlPTSoqL-zkmcfMoEM7gB_ak-LSlUjQOjN27UEusHTW10k3Kni2aqe8hwYt-FWKctZ2jt0HBR5qYdmZW9NA&pop_winurl=&ip=91.90.42.154&testab=0&px_id=53771&adblock=0&auction_host=timezone&mm=0&yc=0&render_type=mq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB1-5&min_cpm=0.002923767000403578&placement_type_id=&skin_test=0&verify_hash=0bffe18888a7c9f6ab5e1d2e92b495b5&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1898427395%26spot_id%3D771%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fkickassanime.cc%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=c&original_bid=0.0004&v2_track=0&url=PoCM1uu0Y7xnMrs62XwjN_TCX3Ae0gFKSyS184MeJ1h9MuslBV7rVCFQY_yen78bAZOYpUajsKYrNWObk5-JiKzcl4IuZzmPeKzAE9_7PIjwj40edIXPlTkJKNXOsj-UVqhPVublo7EExqSqAbPNOpxJK-SHFFBtaY9m2xFfvJyXJbX96w&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&skin_id=25&vertical_id=0&real_bid=0.0004&pr=&user_keywords=&auc_type=1&aid=116&ext_cid=0&device_theme=light&keywords=&mlc=1&format=compact2-slide-b_r-body&mlf=1&cpa=48058348-6402-4e08-bc1c-e9e60c8ea0c8 HTTP/1.1
Host: 46fe7fa264.4d2a483049.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.18.0
date: Tue, 18 Oct 2022 15:14:22 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
X-Firefox-Spdy: h2
js.wpshsdk.com/npc/sdk/common/config.js
45.133.44.25200 OK 19 B URL HTTP/2 js.wpshsdk.com/npc/sdk/common/config.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 34e9efa9d162ad9a82b14a250ee4c3a4
0cb157c94c8b939ba8a0e066858eeb81d1628aae
8e4eac59b661e68fd1c80c0f8724afe7776bb353f348811053171f9a7f841b7d
GET /npc/sdk/common/config.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kickassanime.cc/
Origin: https://kickassanime.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 19
server: nginx/1.18.0
last-modified: Fri, 14 Oct 2022 13:11:50 GMT
etag: "63496016-13"
expires: Tue, 18 Oct 2022 15:19:22 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
116.202.204.12200 OK 790 B URL HTTP/2 static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
IP 116.202.204.12:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 65156a660e465299370ebd90d84aa461
12ff60b17f579a77e42a8be7b6b1892fc71be33d
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18
GET /creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 18 Oct 2022 15:14:22 GMT
content-type: image/webp
content-length: 790
last-modified: Tue, 24 Nov 2020 14:20:43 GMT
etag: "5fbd16bb-316"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
46fe7fa264.4d2a483049.com/in/show/?mid=1796396555&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=1898427395&sid=3905227357&cid=13061&price=0.01675000024959445&is_cpm=0&cpm=0&ecpm=0.20414897814410857&crid=5713643&crtid=1c81c2cc33a9d6c8cd6172aeefa0077e&tcid=0&out_id=0&ver=7.9.1&ver_c=&refdom=kickassanime.cc&hostname=auc-inpage-hz-4-a&site_id=31771&spot_id=771&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1666192461&created_at=2022-10-18&is_native=1&auction_queue=0&burl=c82dN8r66rqwGOitcpER3OcNALKrOkoNYrWyDXVIuxilXkFLflZpPw&pop_winurl=&ip=91.90.42.154&testab=0&px_id=31771&adblock=0&auction_host=timezone&mm=0&yc=0&render_type=mq&campaign_type=mq&uniq=&exp=&resp_type=&iabcat=IAB1-5&min_cpm=0.001015440970343168&placement_type_id=&skin_test=0&verify_hash=31e6668b9282c7ce3bc5fc9d30d0db10&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1898427395%26spot_id%3D771%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fkickassanime.cc%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=c&original_bid=0.01675000024959445&v2_track=0&url=u1GntHX_BNh3WqBDPqpEf0CdlzF46xfXChNlg7HpZ5dq70b8Nq7O7PvRY0vm1SpHGgt78JiY2IAcLBuw7olatifsSrW4reDANjgqsXMvfPVX18qh1Hd4qIkVNn9aQHBm2TYZwf4QrgWNi311HDhfRdPNBbiBYgW-Q5aeqsseOg28B21PLlZYKfTUeJbbrGLP3FkpWtggiy8oJisBTiLNvf-1kYH7XdmWIJ2zxXtZZ6JqE2WE5SOVSvUQZGiCrd7N9Ea-wYmsKKo-AQXTZLA5ldzrDLBX5_--kl2Bl3S5S11uaa2mdcbErIKJ00ap0K-7QIWQLLuIfmLKxikBBYN8R6S-M4dsX07kRSudRxXvMuF23kgmfW98nygKYNuRQ0Q9gzs__78SM0YQL3BJegvD0xXyt1V3SVzT-qRkDR1KgesI6GkQasCzR7h21pRlOa5P4D8Jt7SbIrbAabHl-FXUktuecwypqw414_anZAEdLPea82hHJALAcV9kA69T1WDtDXnN7UXXrXntnaxDDB57k9f02TDj95pDetHBgJJCw66Mfw6fq_TtM7yEoxboPjbPAoplz7k6N5OJIDbYli-6g1I1FnTw_4z37-U3hhQj00QDcMzvduQdw2FFdAqNgj9pUq7s_HWqsTzhhxhpcX3Az1f64nLgkMiz4hJS2NMNKLstJ0hCA4tj-seRUF59eqWSIYtz6dm9NA8LzLXasZEiRsuqffiaSysqI-E8EPgsnI6MCspAVBnxtMAXoMF9QUBCpT88CbUC6R5ih0goJta5CpXiaKCbrgjEGpXkuYOLNP5HJrByBpVMIkVlFgPiw2U7BD1oAxPiquOrUWfK0eC0ws19Zfa_hh9bQlpqaf6Ib74w-Leuqkgdk58rM7YIWHYpxP1xONZl36gse_1I9w1ECbTtZo1PRZWoH54-fNmMrIPfclpmHH53s-TnLaDCzHw1qHCW77HTd1ilGq_Od8SHoFturbOxCQf-oKjdMeaRMbYCzMuLHdq98LVjFXUKyiQYyua3M4mmLR2Ugg_PPp6ihjiyE4m8Ts1IdgCgVzvPeqFYmVPoiNHXPHZnJkcDAjYPEPQxmNDLEHml&image_url=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F492x328%2Fq85%2Fimage%2Fvk%2F3643%2F643%2Frect_626aadf074621t1651158512r522.png.webp&skin_id=25&vertical_id=0&real_bid=0.014405000214651227&pr=&user_keywords=&auc_type=1&aid=412&ext_cid=0&device_theme=light&keywords=&format=compact2-slide-b_r-body&cpa=41f86f87-7b81-45df-bc7a-5198a56d4842
168.119.25.22302 Found 0 B URL HTTP/2 46fe7fa264.4d2a483049.com/in/show/?mid=1796396555&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=1898427395&sid=3905227357&cid=13061&price=0.01675000024959445&is_cpm=0&cpm=0&ecpm=0.20414897814410857&crid=5713643&crtid=1c81c2cc33a9d6c8cd6172aeefa0077e&tcid=0&out_id=0&ver=7.9.1&ver_c=&refdom=kickassanime.cc&hostname=auc-inpage-hz-4-a&site_id=31771&spot_id=771&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1666192461&created_at=2022-10-18&is_native=1&auction_queue=0&burl=c82dN8r66rqwGOitcpER3OcNALKrOkoNYrWyDXVIuxilXkFLflZpPw&pop_winurl=&ip=91.90.42.154&testab=0&px_id=31771&adblock=0&auction_host=timezone&mm=0&yc=0&render_type=mq&campaign_type=mq&uniq=&exp=&resp_type=&iabcat=IAB1-5&min_cpm=0.001015440970343168&placement_type_id=&skin_test=0&verify_hash=31e6668b9282c7ce3bc5fc9d30d0db10&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1898427395%26spot_id%3D771%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fkickassanime.cc%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=c&original_bid=0.01675000024959445&v2_track=0&url=u1GntHX_BNh3WqBDPqpEf0CdlzF46xfXChNlg7HpZ5dq70b8Nq7O7PvRY0vm1SpHGgt78JiY2IAcLBuw7olatifsSrW4reDANjgqsXMvfPVX18qh1Hd4qIkVNn9aQHBm2TYZwf4QrgWNi311HDhfRdPNBbiBYgW-Q5aeqsseOg28B21PLlZYKfTUeJbbrGLP3FkpWtggiy8oJisBTiLNvf-1kYH7XdmWIJ2zxXtZZ6JqE2WE5SOVSvUQZGiCrd7N9Ea-wYmsKKo-AQXTZLA5ldzrDLBX5_--kl2Bl3S5S11uaa2mdcbErIKJ00ap0K-7QIWQLLuIfmLKxikBBYN8R6S-M4dsX07kRSudRxXvMuF23kgmfW98nygKYNuRQ0Q9gzs__78SM0YQL3BJegvD0xXyt1V3SVzT-qRkDR1KgesI6GkQasCzR7h21pRlOa5P4D8Jt7SbIrbAabHl-FXUktuecwypqw414_anZAEdLPea82hHJALAcV9kA69T1WDtDXnN7UXXrXntnaxDDB57k9f02TDj95pDetHBgJJCw66Mfw6fq_TtM7yEoxboPjbPAoplz7k6N5OJIDbYli-6g1I1FnTw_4z37-U3hhQj00QDcMzvduQdw2FFdAqNgj9pUq7s_HWqsTzhhxhpcX3Az1f64nLgkMiz4hJS2NMNKLstJ0hCA4tj-seRUF59eqWSIYtz6dm9NA8LzLXasZEiRsuqffiaSysqI-E8EPgsnI6MCspAVBnxtMAXoMF9QUBCpT88CbUC6R5ih0goJta5CpXiaKCbrgjEGpXkuYOLNP5HJrByBpVMIkVlFgPiw2U7BD1oAxPiquOrUWfK0eC0ws19Zfa_hh9bQlpqaf6Ib74w-Leuqkgdk58rM7YIWHYpxP1xONZl36gse_1I9w1ECbTtZo1PRZWoH54-fNmMrIPfclpmHH53s-TnLaDCzHw1qHCW77HTd1ilGq_Od8SHoFturbOxCQf-oKjdMeaRMbYCzMuLHdq98LVjFXUKyiQYyua3M4mmLR2Ugg_PPp6ihjiyE4m8Ts1IdgCgVzvPeqFYmVPoiNHXPHZnJkcDAjYPEPQxmNDLEHml&image_url=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F492x328%2Fq85%2Fimage%2Fvk%2F3643%2F643%2Frect_626aadf074621t1651158512r522.png.webp&skin_id=25&vertical_id=0&real_bid=0.014405000214651227&pr=&user_keywords=&auc_type=1&aid=412&ext_cid=0&device_theme=light&keywords=&format=compact2-slide-b_r-body&cpa=41f86f87-7b81-45df-bc7a-5198a56d4842
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /in/show/?mid=1796396555&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=1898427395&sid=3905227357&cid=13061&price=0.01675000024959445&is_cpm=0&cpm=0&ecpm=0.20414897814410857&crid=5713643&crtid=1c81c2cc33a9d6c8cd6172aeefa0077e&tcid=0&out_id=0&ver=7.9.1&ver_c=&refdom=kickassanime.cc&hostname=auc-inpage-hz-4-a&site_id=31771&spot_id=771&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1666192461&created_at=2022-10-18&is_native=1&auction_queue=0&burl=c82dN8r66rqwGOitcpER3OcNALKrOkoNYrWyDXVIuxilXkFLflZpPw&pop_winurl=&ip=91.90.42.154&testab=0&px_id=31771&adblock=0&auction_host=timezone&mm=0&yc=0&render_type=mq&campaign_type=mq&uniq=&exp=&resp_type=&iabcat=IAB1-5&min_cpm=0.001015440970343168&placement_type_id=&skin_test=0&verify_hash=31e6668b9282c7ce3bc5fc9d30d0db10&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1898427395%26spot_id%3D771%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fkickassanime.cc%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=c&original_bid=0.01675000024959445&v2_track=0&url=u1GntHX_BNh3WqBDPqpEf0CdlzF46xfXChNlg7HpZ5dq70b8Nq7O7PvRY0vm1SpHGgt78JiY2IAcLBuw7olatifsSrW4reDANjgqsXMvfPVX18qh1Hd4qIkVNn9aQHBm2TYZwf4QrgWNi311HDhfRdPNBbiBYgW-Q5aeqsseOg28B21PLlZYKfTUeJbbrGLP3FkpWtggiy8oJisBTiLNvf-1kYH7XdmWIJ2zxXtZZ6JqE2WE5SOVSvUQZGiCrd7N9Ea-wYmsKKo-AQXTZLA5ldzrDLBX5_--kl2Bl3S5S11uaa2mdcbErIKJ00ap0K-7QIWQLLuIfmLKxikBBYN8R6S-M4dsX07kRSudRxXvMuF23kgmfW98nygKYNuRQ0Q9gzs__78SM0YQL3BJegvD0xXyt1V3SVzT-qRkDR1KgesI6GkQasCzR7h21pRlOa5P4D8Jt7SbIrbAabHl-FXUktuecwypqw414_anZAEdLPea82hHJALAcV9kA69T1WDtDXnN7UXXrXntnaxDDB57k9f02TDj95pDetHBgJJCw66Mfw6fq_TtM7yEoxboPjbPAoplz7k6N5OJIDbYli-6g1I1FnTw_4z37-U3hhQj00QDcMzvduQdw2FFdAqNgj9pUq7s_HWqsTzhhxhpcX3Az1f64nLgkMiz4hJS2NMNKLstJ0hCA4tj-seRUF59eqWSIYtz6dm9NA8LzLXasZEiRsuqffiaSysqI-E8EPgsnI6MCspAVBnxtMAXoMF9QUBCpT88CbUC6R5ih0goJta5CpXiaKCbrgjEGpXkuYOLNP5HJrByBpVMIkVlFgPiw2U7BD1oAxPiquOrUWfK0eC0ws19Zfa_hh9bQlpqaf6Ib74w-Leuqkgdk58rM7YIWHYpxP1xONZl36gse_1I9w1ECbTtZo1PRZWoH54-fNmMrIPfclpmHH53s-TnLaDCzHw1qHCW77HTd1ilGq_Od8SHoFturbOxCQf-oKjdMeaRMbYCzMuLHdq98LVjFXUKyiQYyua3M4mmLR2Ugg_PPp6ihjiyE4m8Ts1IdgCgVzvPeqFYmVPoiNHXPHZnJkcDAjYPEPQxmNDLEHml&image_url=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F492x328%2Fq85%2Fimage%2Fvk%2F3643%2F643%2Frect_626aadf074621t1651158512r522.png.webp&skin_id=25&vertical_id=0&real_bid=0.014405000214651227&pr=&user_keywords=&auc_type=1&aid=412&ext_cid=0&device_theme=light&keywords=&format=compact2-slide-b_r-body&cpa=41f86f87-7b81-45df-bc7a-5198a56d4842 HTTP/1.1
Host: 46fe7fa264.4d2a483049.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.18.0
date: Tue, 18 Oct 2022 15:14:22 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://s.viiqvmfb.com/n/1154/pniesytebz4fsbdgpf5fgykkmzvq26cqajxhw4sqmrhwntq7v5ktqxrkonjdetdnmihfw3qhmf7hqv3ejnglluc2jhvkpduwt6xypk5nhf4wqcsgd7ewqcaqgtolv4uxvhhntfvlkeijtv4d2nxufvu3uo5vkabk3a4rsyozrojus6kojfkfeohj6cv464add4uxqvcshbewtqtjz5fgbwdzl3bdtsgshlte5nxdotafldbtrfuntc4tjgwfc37dqmajy2byqfwhbbcrwwmj4bfbnawkwts422aub7cta74wqmpojyv3suokrh4jasujgpsjfyojkoifku6kjbvgobilyjrscrk6qwnttdanyzguvs2spmaqc7hznotkl2entgxypk5nhgfwwgs7j5fwd4hbzxfqowb3rjedfishyfdwirqaluugb3srg2ehn2llam4es2jskzh3wxuypi7yaosjweyfjl2j4xn3pvkvzbfwzocvi4vaazy4gayawk7zgfk66sa77b5vlyr3jcmtdc6b5tdvf6sqkm55s3nbktlu6yhqpsm5pa6tn6nfetx3mweitfmpy3c5imhojppzf556vsw4pnuwgogewqksnfegcyakpznaoyppjzqa====?f=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F192%2Fq85%2Fimage%2Fvk%2F3643%2F643%2F626aadf074621t1651158512r522.png.webp
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d0a7aab02764d0b2ff1456ad4c2ddcf2
a0effc312f80d73692d8fa0136a7347e3a437951
22fd613643687dc4ca6369304b8d31eaca4b38c3c004cb94c63f5ea2e9b8bfb2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22FD613643687DC4CA6369304B8D31EACA4B38C3C004CB94C63F5EA2E9B8BFB2"
Last-Modified: Tue, 18 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4718
Expires: Tue, 18 Oct 2022 16:33:00 GMT
Date: Tue, 18 Oct 2022 15:14:22 GMT
Connection: keep-alive
i.cdnkimg.com/auto/492x328/q85/image/vk/3643/643/rect_626aadf074621t1651158512r522.png.webp
45.133.44.36200 OK 10 kB URL HTTP/2 i.cdnkimg.com/auto/492x328/q85/image/vk/3643/643/rect_626aadf074621t1651158512r522.png.webp
IP 45.133.44.36:0
ASN #39572 DataWeb Global Group B.V.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 68329d624a42af6145117bed5c9a2f03
4439b8d8b7e2dc706b5e9a417852bf16e6eb17dd
ede7a9f931abc7e53d07dbf4a82e992cfc38ebb280158f7fa4d12d00cab03bc6
GET /auto/492x328/q85/image/vk/3643/643/rect_626aadf074621t1651158512r522.png.webp HTTP/1.1
Host: i.cdnkimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:22 GMT
content-type: image/webp
content-length: 10348
server: nginx/1.19.0
cache-control: max-age=1209600
x-cache-status: MISS
expires: Tue, 01 Nov 2022 15:14:22 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d174f4402542763a39ab68688970467d
4349b6bbfe45ab7dd1ce69f0c4e9f21f24f94745
7284e9cf883504083e946233f0e7a8ac7f8a75abf280bbde60d65132247b8f5b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7284E9CF883504083E946233F0E7A8AC7F8A75ABF280BBDE60D65132247B8F5B"
Last-Modified: Mon, 17 Oct 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4680
Expires: Tue, 18 Oct 2022 16:32:23 GMT
Date: Tue, 18 Oct 2022 15:14:23 GMT
Connection: keep-alive
s.viiqvmfb.com/n/1154/pniesytebz4fsbdgpf5fgykkmzvq26cqajxhw4sqmrhwntq7v5ktqxrkonjdetdnmihfw3qhmf7hqv3ejnglluc2jhvkpduwt6xypk5nhf4wqcsgd7ewqcaqgtolv4uxvhhntfvlkeijtv4d2nxufvu3uo5vkabk3a4rsyozrojus6kojfkfeohj6cv464add4uxqvcshbewtqtjz5fgbwdzl3bdtsgshlte5nxdotafldbtrfuntc4tjgwfc37dqmajy2byqfwhbbcrwwmj4bfbnawkwts422aub7cta74wqmpojyv3suokrh4jasujgpsjfyojkoifku6kjbvgobilyjrscrk6qwnttdanyzguvs2spmaqc7hznotkl2entgxypk5nhgfwwgs7j5fwd4hbzxfqowb3rjedfishyfdwirqaluugb3srg2ehn2llam4es2jskzh3wxuypi7yaosjweyfjl2j4xn3pvkvzbfwzocvi4vaazy4gayawk7zgfk66sa77b5vlyr3jcmtdc6b5tdvf6sqkm55s3nbktlu6yhqpsm5pa6tn6nfetx3mweitfmpy3c5imhojppzf556vsw4pnuwgogewqksnfegcyakpznaoyppjzqa====?f=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F192%2Fq85%2Fimage%2Fvk%2F3643%2F643%2F626aadf074621t1651158512r522.png.webp
31.220.27.135302 Found 0 B URL HTTP/2 s.viiqvmfb.com/n/1154/pniesytebz4fsbdgpf5fgykkmzvq26cqajxhw4sqmrhwntq7v5ktqxrkonjdetdnmihfw3qhmf7hqv3ejnglluc2jhvkpduwt6xypk5nhf4wqcsgd7ewqcaqgtolv4uxvhhntfvlkeijtv4d2nxufvu3uo5vkabk3a4rsyozrojus6kojfkfeohj6cv464add4uxqvcshbewtqtjz5fgbwdzl3bdtsgshlte5nxdotafldbtrfuntc4tjgwfc37dqmajy2byqfwhbbcrwwmj4bfbnawkwts422aub7cta74wqmpojyv3suokrh4jasujgpsjfyojkoifku6kjbvgobilyjrscrk6qwnttdanyzguvs2spmaqc7hznotkl2entgxypk5nhgfwwgs7j5fwd4hbzxfqowb3rjedfishyfdwirqaluugb3srg2ehn2llam4es2jskzh3wxuypi7yaosjweyfjl2j4xn3pvkvzbfwzocvi4vaazy4gayawk7zgfk66sa77b5vlyr3jcmtdc6b5tdvf6sqkm55s3nbktlu6yhqpsm5pa6tn6nfetx3mweitfmpy3c5imhojppzf556vsw4pnuwgogewqksnfegcyakpznaoyppjzqa====?f=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F192%2Fq85%2Fimage%2Fvk%2F3643%2F643%2F626aadf074621t1651158512r522.png.webp
IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /n/1154/pniesytebz4fsbdgpf5fgykkmzvq26cqajxhw4sqmrhwntq7v5ktqxrkonjdetdnmihfw3qhmf7hqv3ejnglluc2jhvkpduwt6xypk5nhf4wqcsgd7ewqcaqgtolv4uxvhhntfvlkeijtv4d2nxufvu3uo5vkabk3a4rsyozrojus6kojfkfeohj6cv464add4uxqvcshbewtqtjz5fgbwdzl3bdtsgshlte5nxdotafldbtrfuntc4tjgwfc37dqmajy2byqfwhbbcrwwmj4bfbnawkwts422aub7cta74wqmpojyv3suokrh4jasujgpsjfyojkoifku6kjbvgobilyjrscrk6qwnttdanyzguvs2spmaqc7hznotkl2entgxypk5nhgfwwgs7j5fwd4hbzxfqowb3rjedfishyfdwirqaluugb3srg2ehn2llam4es2jskzh3wxuypi7yaosjweyfjl2j4xn3pvkvzbfwzocvi4vaazy4gayawk7zgfk66sa77b5vlyr3jcmtdc6b5tdvf6sqkm55s3nbktlu6yhqpsm5pa6tn6nfetx3mweitfmpy3c5imhojppzf556vsw4pnuwgogewqksnfegcyakpznaoyppjzqa====?f=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F192%2Fq85%2Fimage%2Fvk%2F3643%2F643%2F626aadf074621t1651158512r522.png.webp HTTP/1.1
Host: s.viiqvmfb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Tue, 18 Oct 2022 15:14:23 GMT
content-length: 0
location: https://i.cdnkimg.com/auto/192/q85/image/vk/3643/643/626aadf074621t1651158512r522.png.webp
X-Firefox-Spdy: h2
i.cdnkimg.com/auto/192/q85/image/vk/3643/643/626aadf074621t1651158512r522.png.webp
45.133.44.36200 OK 7.7 kB URL HTTP/2 i.cdnkimg.com/auto/192/q85/image/vk/3643/643/626aadf074621t1651158512r522.png.webp
IP 45.133.44.36:0
ASN #39572 DataWeb Global Group B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 311dea4d14f115d233335c6e836384b4
8b92a31d5f07440ea67469f1b2827fe1bde271e4
8136f9d883af8abb2895a1c5946063fc41ed4b3a7f7226ffe2f49e49a3d0c961
GET /auto/192/q85/image/vk/3643/643/626aadf074621t1651158512r522.png.webp HTTP/1.1
Host: i.cdnkimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:23 GMT
content-type: image/webp
content-length: 7712
server: nginx/1.19.0
cache-control: max-age=1209600
x-cache-status: MISS
expires: Tue, 01 Nov 2022 15:14:23 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cab0ad2499c9f14f05e55334c29341d9
616b5e750d9e941614080696a9a64e9151924747
fd9eea629713fe848a84f033afe22b7970772f72b45d52c6dcc457250b99de9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD9EEA629713FE848A84F033AFE22B7970772F72B45D52C6DCC457250B99DE9B"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2763
Expires: Tue, 18 Oct 2022 16:00:26 GMT
Date: Tue, 18 Oct 2022 15:14:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9b7baf40da56dd526e33a824d735d64a
e751dc28c188795aa8276deacf203742e9c8723b
63623529117d0f9819fe60dc77f3c398329d4a9ebdb89a1f439e2af533773537
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63623529117D0F9819FE60DC77F3C398329D4A9EBDB89A1F439E2AF533773537"
Last-Modified: Mon, 17 Oct 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8835
Expires: Tue, 18 Oct 2022 17:41:39 GMT
Date: Tue, 18 Oct 2022 15:14:24 GMT
Connection: keep-alive
7a81b19a2d.123feb4327.com/health/
116.202.60.158200 OK 0 B URL HTTP/2 7a81b19a2d.123feb4327.com/health/
IP 116.202.60.158:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /health/ HTTP/1.1
Host: 7a81b19a2d.123feb4327.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 18 Oct 2022 15:14:24 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
7a81b19a2d.123feb4327.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkNoYWluc2F3JTJDTWFuJTJDSEQlMkNDaGFpbnNhdyUyQ01hbiUyMCIsImxhYmVscyI6IjQsNSw2LDcsOCw5LDQ2LDQ3LDU0LDU1LDYxLDEwOSIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjM3MTAzNjgyMCIsInV0bTEiOiIiLCJ1dG0yIjoiIiwidXRtNCI6IiIsInNwb3RfaWQiOjEwNTkwLCJtdWx0aXBsZSI6ZmFsc2UsImlzX2lmcmFtZSI6ZmFsc2UsInJlZmRvbWFpbiI6IiIsInBsIjowLCJzdHJhdGFnZW0iOm51bGwsImd5ciI6MCwiYWNjZWwiOjAsInNzcCI6Mzc1OCwiYnR5cGUiOjB9LCJiYW5uZXIiOnsidyI6MSwiaCI6MX19XSwic2l0ZSI6eyJpZCI6IjEwNTkwIiwiY2F0IjpbIklBQjEiXSwicGFnZSI6Imh0dHBzOi8va2lja2Fzc2FuaW1lLmNjL2NoYWluc2F3LW1hbiJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCIsImZwIjpudWxsfSwiZXh0Ijp7ImR0IjoxNjY2MTA2MDcxMzcyfX0=
116.202.60.158302 Found 0 B URL HTTP/2 7a81b19a2d.123feb4327.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkNoYWluc2F3JTJDTWFuJTJDSEQlMkNDaGFpbnNhdyUyQ01hbiUyMCIsImxhYmVscyI6IjQsNSw2LDcsOCw5LDQ2LDQ3LDU0LDU1LDYxLDEwOSIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjM3MTAzNjgyMCIsInV0bTEiOiIiLCJ1dG0yIjoiIiwidXRtNCI6IiIsInNwb3RfaWQiOjEwNTkwLCJtdWx0aXBsZSI6ZmFsc2UsImlzX2lmcmFtZSI6ZmFsc2UsInJlZmRvbWFpbiI6IiIsInBsIjowLCJzdHJhdGFnZW0iOm51bGwsImd5ciI6MCwiYWNjZWwiOjAsInNzcCI6Mzc1OCwiYnR5cGUiOjB9LCJiYW5uZXIiOnsidyI6MSwiaCI6MX19XSwic2l0ZSI6eyJpZCI6IjEwNTkwIiwiY2F0IjpbIklBQjEiXSwicGFnZSI6Imh0dHBzOi8va2lja2Fzc2FuaW1lLmNjL2NoYWluc2F3LW1hbiJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCIsImZwIjpudWxsfSwiZXh0Ijp7ImR0IjoxNjY2MTA2MDcxMzcyfX0=
IP 116.202.60.158:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkNoYWluc2F3JTJDTWFuJTJDSEQlMkNDaGFpbnNhdyUyQ01hbiUyMCIsImxhYmVscyI6IjQsNSw2LDcsOCw5LDQ2LDQ3LDU0LDU1LDYxLDEwOSIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjM3MTAzNjgyMCIsInV0bTEiOiIiLCJ1dG0yIjoiIiwidXRtNCI6IiIsInNwb3RfaWQiOjEwNTkwLCJtdWx0aXBsZSI6ZmFsc2UsImlzX2lmcmFtZSI6ZmFsc2UsInJlZmRvbWFpbiI6IiIsInBsIjowLCJzdHJhdGFnZW0iOm51bGwsImd5ciI6MCwiYWNjZWwiOjAsInNzcCI6Mzc1OCwiYnR5cGUiOjB9LCJiYW5uZXIiOnsidyI6MSwiaCI6MX19XSwic2l0ZSI6eyJpZCI6IjEwNTkwIiwiY2F0IjpbIklBQjEiXSwicGFnZSI6Imh0dHBzOi8va2lja2Fzc2FuaW1lLmNjL2NoYWluc2F3LW1hbiJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCIsImZwIjpudWxsfSwiZXh0Ijp7ImR0IjoxNjY2MTA2MDcxMzcyfX0= HTTP/1.1
Host: 7a81b19a2d.123feb4327.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.18.0
date: Tue, 18 Oct 2022 15:14:24 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://rtbrennab.com/banner/in/show/?mid=817662480&pid=0&site=10590&sc=NO&usage_type=DCH&subid=371036820&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=kickassanime.cc&hostname=auc-banner-hz-7&site_id=0&spot_id=10590&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB1&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=100&ml=&tag_ab=c&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB1&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D10590%26source%3D371036820%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D10590%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DChainsaw%252CMan%252CHD%252CChainsaw%252CMan%2520%26spot_id%3D10590%26p%3Dhttps%253A%252F%252Fkickassanime.cc%252Fchainsaw-man%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26btype%3D0%26score%3D100%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Chainsaw%2CMan%2CHD%2CChainsaw%2CMan%20&stratagem=&ssp=3758
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6a4cb0b1167224aac39f0d642f23639e
c63589dd3991d4e6d2241941ef90150839d556f2
86684be3442d562a45a66c5d62ad0032d30f95f1990ec324a3f3a526ab6795c9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86684BE3442D562A45A66C5D62AD0032D30F95F1990EC324A3F3A526AB6795C9"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3660
Expires: Tue, 18 Oct 2022 16:15:24 GMT
Date: Tue, 18 Oct 2022 15:14:24 GMT
Connection: keep-alive
rtbrennab.com/banner/in/show/?mid=817662480&pid=0&site=10590&sc=NO&usage_type=DCH&subid=371036820&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=kickassanime.cc&hostname=auc-banner-hz-7&site_id=0&spot_id=10590&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB1&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=100&ml=&tag_ab=c&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB1&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D10590%26source%3D371036820%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D10590%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DChainsaw%252CMan%252CHD%252CChainsaw%252CMan%2520%26spot_id%3D10590%26p%3Dhttps%253A%252F%252Fkickassanime.cc%252Fchainsaw-man%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26btype%3D0%26score%3D100%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Chainsaw%2CMan%2CHD%2CChainsaw%2CMan%20&stratagem=&ssp=3758
116.202.60.158302 Found 0 B URL HTTP/2 rtbrennab.com/banner/in/show/?mid=817662480&pid=0&site=10590&sc=NO&usage_type=DCH&subid=371036820&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=kickassanime.cc&hostname=auc-banner-hz-7&site_id=0&spot_id=10590&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB1&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=100&ml=&tag_ab=c&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB1&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D10590%26source%3D371036820%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D10590%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DChainsaw%252CMan%252CHD%252CChainsaw%252CMan%2520%26spot_id%3D10590%26p%3Dhttps%253A%252F%252Fkickassanime.cc%252Fchainsaw-man%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26btype%3D0%26score%3D100%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Chainsaw%2CMan%2CHD%2CChainsaw%2CMan%20&stratagem=&ssp=3758
IP 116.202.60.158:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner/in/show/?mid=817662480&pid=0&site=10590&sc=NO&usage_type=DCH&subid=371036820&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=kickassanime.cc&hostname=auc-banner-hz-7&site_id=0&spot_id=10590&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB1&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=100&ml=&tag_ab=c&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB1&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D10590%26source%3D371036820%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D10590%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DChainsaw%252CMan%252CHD%252CChainsaw%252CMan%2520%26spot_id%3D10590%26p%3Dhttps%253A%252F%252Fkickassanime.cc%252Fchainsaw-man%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26btype%3D0%26score%3D100%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Chainsaw%2CMan%2CHD%2CChainsaw%2CMan%20&stratagem=&ssp=3758 HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kickassanime.cc/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.18.0
date: Tue, 18 Oct 2022 15:14:24 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://btds.zog.link/in/912/?sid=10590&source=371036820&idzone=0&w=1&h=1&mo=&ve=&site_id=10590&utm1=&utm2=&utm3=&utm4=&ad_tags=Chainsaw%2CMan%2CHD%2CChainsaw%2CMan%20&spot_id=10590&p=https%3A%2F%2Fkickassanime.cc%2Fchainsaw-man&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&btype=0&score=100&bf=0.0001
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b97e4e57427c441be7aae8d114ccd8a9
810c7cc6c46e7630f5e686c8f97148dd28775a62
af6c2ff8450ca6df3fa0c5d7b894eaf5870fb3ca8aac6acebc6bccf0582c3056
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AF6C2FF8450CA6DF3FA0C5D7B894EAF5870FB3CA8AAC6ACEBC6BCCF0582C3056"
Last-Modified: Sun, 16 Oct 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5479
Expires: Tue, 18 Oct 2022 16:45:43 GMT
Date: Tue, 18 Oct 2022 15:14:24 GMT
Connection: keep-alive
btds.zog.link/in/912/?sid=10590&source=371036820&idzone=0&w=1&h=1&mo=&ve=&site_id=10590&utm1=&utm2=&utm3=&utm4=&ad_tags=Chainsaw%2CMan%2CHD%2CChainsaw%2CMan%20&spot_id=10590&p=https%3A%2F%2Fkickassanime.cc%2Fchainsaw-man&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&btype=0&score=100&bf=0.0001
109.206.181.2302 Found 0 B URL HTTP/2 btds.zog.link/in/912/?sid=10590&source=371036820&idzone=0&w=1&h=1&mo=&ve=&site_id=10590&utm1=&utm2=&utm3=&utm4=&ad_tags=Chainsaw%2CMan%2CHD%2CChainsaw%2CMan%20&spot_id=10590&p=https%3A%2F%2Fkickassanime.cc%2Fchainsaw-man&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&btype=0&score=100&bf=0.0001
IP 109.206.181.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/912/?sid=10590&source=371036820&idzone=0&w=1&h=1&mo=&ve=&site_id=10590&utm1=&utm2=&utm3=&utm4=&ad_tags=Chainsaw%2CMan%2CHD%2CChainsaw%2CMan%20&spot_id=10590&p=https%3A%2F%2Fkickassanime.cc%2Fchainsaw-man&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&btype=0&score=100&bf=0.0001 HTTP/1.1
Host: btds.zog.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kickassanime.cc/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.20.1
date: Tue, 18 Oct 2022 15:14:25 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://cdn.1vag.com/1x1.png
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: *
set-cookie: 912.0=1; expires=Wed, 19 Oct 2022 15:14:24 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 49148fbcaf888ad55349632641f0b9e3
f76121fa35fac75bd00a699366bd65eb3b8b1e16
c56ffabaeb04d5840a82c38d05386f0f90447edf8868066eaac88b6cacdd88cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C56FFABAEB04D5840A82C38D05386F0F90447EDF8868066EAAC88B6CACDD88CD"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3896
Expires: Tue, 18 Oct 2022 16:19:20 GMT
Date: Tue, 18 Oct 2022 15:14:24 GMT
Connection: keep-alive
cdn.1vag.com/1x1.png
45.133.44.25200 OK 68 B IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /1x1.png HTTP/1.1
Host: cdn.1vag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kickassanime.cc/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:24 GMT
content-type: image/png
content-length: 68
server: nginx/1.20.1
last-modified: Wed, 15 Apr 2020 13:30:15 GMT
etag: "5e970c67-44"
cache-control: max-age=3600
x-request-id: e0cea73041c202c45e6ab3a8b14597f5
expires: Tue, 18 Oct 2022 16:14:24 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.1.15
104.18.225.52200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.1.15
IP 104.18.225.52:0
GET /sdks/OneSignalSDK.js?ver=5.1.15 HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:18 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 1819
expires: Fri, 21 Oct 2022 15:14:18 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 75c239145d53b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
js.wpshsdk.com/npc/sdk/common/core.js
45.133.44.25200 OK 0 B URL HTTP/2 js.wpshsdk.com/npc/sdk/common/core.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
GET /npc/sdk/common/core.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kickassanime.cc/
Origin: https://kickassanime.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:22 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 14 Oct 2022 13:11:50 GMT
etag: W/"63496016-1bb42"
content-encoding: gzip
expires: Tue, 18 Oct 2022 15:19:22 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
sw.wpush.org/ps/sw.js
45.133.44.25200 OK 0 B IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
GET /ps/sw.js HTTP/1.1
Host: sw.wpush.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:22 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 14 Oct 2022 13:11:50 GMT
etag: W/"63496016-158c"
content-encoding: gzip
expires: Tue, 18 Oct 2022 15:19:22 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
sw.wpush.org/ps/sw.js
45.133.44.24200 OK 0 B IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /ps/sw.js HTTP/1.1
Host: sw.wpush.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:23 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 14 Oct 2022 13:11:50 GMT
etag: W/"63496016-158c"
content-encoding: gzip
expires: Tue, 18 Oct 2022 15:19:23 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FAnimejp-101595461856747&tabs=timeline&width=300&height=130&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FAnimejp-101595461856747&tabs=timeline&width=300&height=130&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
IP 31.13.72.36:0
GET /plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FAnimejp-101595461856747&tabs=timeline&width=300&height=130&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: BeQcQFrpaPzB4mmWON60hzJx21e/EtSsYvx6Dnb/c+scbvm47PniG3vKrTS7mjk30znyjAdArTu+guOUQPJC0g==
date: Tue, 18 Oct 2022 15:14:18 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cst.cstwpush.com/static/adManager.js
45.133.44.24200 OK 0 B URL HTTP/2 cst.cstwpush.com/static/adManager.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /static/adManager.js HTTP/1.1
Host: cst.cstwpush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kickassanime.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 15:14:19 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 13 Jul 2022 06:52:04 GMT
etag: W/"62ce6b94-4e2"
content-encoding: gzip
expires: Tue, 18 Oct 2022 15:19:19 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2