Report - vermangasporno.com/doujin/

Report Overview

Visited public
2024-01-04 05:02:10
Tags
URL
vermangasporno.com/doujin/
Finishing URL
vermangasporno.com/doujin
IP / ASN
104.26.12.24
#13335 CLOUDFLARENET
Title
Doujin - ᐈ Ver Mangas Porno: Mangas y doujin hentai en Español

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
scl6gc5l.site	unknown	2021-04-01	2022-11-07 19:40:42	2023-11-20 02:50:43	1.1 kB	700 B	213.189.201.178
go.xlivrdr.com	unknown	2021-06-22	2021-07-02 12:51:24	2023-12-30 14:09:18	763 B	1.5 kB	104.18.51.106
lcdn.tsyndicate.com	12634	2017-03-08	2020-03-31 16:26:34	2024-01-03 13:33:02	940 B	6.0 kB	8.247.219.121
cdn.zblkqa.com	unknown	2022-07-05	2023-10-17 12:02:39	2024-01-03 14:48:11	550 B	49 kB	8.254.252.211
a.realsrv.com	10080	2019-02-07	2019-07-03 18:12:14	2024-01-01 05:18:08	838 B	249 kB	185.76.9.18
cdn.bncloudfl.com	26601	2021-04-20	2021-06-01 17:03:04	2024-01-02 23:44:06	451 B	247 kB	104.21.35.62
dotdealingfilling.com	unknown	2022-09-03	2022-09-03 19:32:45	2023-10-22 22:00:19	455 B	30 kB	173.233.139.164
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2024-01-03 20:11:44	449 B	425 B	3.124.29.117
syndication.exdynsrv.com	34243	2015-10-20	2016-04-20 20:35:15	2024-01-03 05:12:51	1.4 kB	4.2 kB	95.211.229.246
friendshipmale.com	unknown	2022-10-21	2022-10-21 14:15:25	2024-01-04 02:35:24	832 B	173 kB	172.64.99.2
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2024-01-03 09:53:19	437 B	94 kB	142.250.74.168
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-01-03 11:42:52	533 B	17 kB	216.58.207.227
unseenreport.com	unknown	2022-03-30	2022-03-30 16:33:17	2024-01-02 18:12:02	1.5 kB	846 B	173.233.137.44
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-01-03 10:21:29	454 B	39 kB	142.250.74.106
s3t3d2y8.afcdn.net	unknown	2022-06-27	2022-08-09 00:22:56	2024-01-02 18:12:03	2.5 kB	40 kB	185.76.9.26
tsyndicate.com	13042	2017-03-08	2017-03-16 10:04:54	2024-01-02 20:07:23	1.8 kB	19 kB	136.243.81.150
dresserderange.com	unknown	2023-12-30	2023-12-30 12:40:50	2023-12-31 00:25:08	452 B	16 kB	192.243.61.225
a.exdynsrv.com	40663	2015-10-20	2019-05-21 07:34:42	2024-01-03 06:20:32	2.0 kB	130 kB	185.76.9.21
pxl.tsyndicate.com	14763	2017-03-08	2017-07-05 15:51:06	2024-01-03 08:28:07	3.0 kB	410 B	144.76.168.81
go.mnaspm.com	unknown	2022-07-05	2023-10-04 13:16:29	2024-01-02 18:14:40	1.0 kB	2.9 kB	104.18.59.150
vermangasporno.com	407539	2016-03-20	2016-04-13 10:18:09	2023-10-22 22:00:12	13 kB	766 kB	172.67.70.224
cdn.tsyndicate.com	16265	2017-03-08	2017-07-04 08:00:09	2024-01-01 09:56:21	910 B	14 kB	8.254.252.210
syndication.realsrv.com	9112	2019-02-07	2019-07-03 23:39:52	2024-01-03 00:06:21	2.2 kB	15 kB	95.211.229.246
a.magsrv.com	unknown	2023-08-01	2023-08-04 18:18:00	2024-01-02 18:12:03	4.0 kB	259 kB	185.76.9.22
vidogrey.fun	744106	2020-06-04	2020-06-04 18:25:02	2023-10-22 22:00:40	436 B	4.4 kB	37.140.192.137
pnuhondppw.com	unknown	2023-01-31	2023-02-07 10:12:30	2023-11-12 14:43:12	3.2 kB	48 kB	212.117.190.201
s.magsrv.com	unknown	2023-08-01	2023-08-04 14:48:00	2024-01-03 21:33:52	2.8 kB	8.5 kB	95.211.229.248
ts.trafget.com	unknown	2023-01-20	2023-12-11 15:45:19	2024-01-03 07:26:36	1.1 kB	1.5 kB	172.64.131.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-01-04	medium	dotdealingfilling.com	Sinkholed
2024-01-04	medium	dresserderange.com	Sinkholed
2024-01-03	medium	unseenreport.com	Sinkholed
2024-01-03	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (37)

	URL	From	Size	First Seen	Last Seen
	friendshipmale.com/sfp.js	ScriptElement	86 kB	2023-11-23	2024-08-20
Pretty URL friendshipmale.com/sfp.js IP 172.64.99.2 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-23 18:35 Last Seen2024-08-20 18:08 Times Seen6307 Hash 924e967bca1d599992556a8d139b1c5a 222b09dbf164ddc03d39100fd0524a22018d28b2 ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95 Loading...

	tsyndicate.com/iframes2/0724f82a85b44e8a920ba34f5731a62b.html?	ScriptElement	0 B	0001-01-01	2025-06-10
Pretty URL tsyndicate.com/iframes2/0724f82a85b44e8a920ba34f5731a62b.html? IP 136.243.81.150 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-06-10 05:02 Times Seen4904735 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	vermangasporno.com/wp-content/themes/BlackNight24/js/jquery.js	ScriptElement	97 kB	2023-03-07	2025-05-14
Pretty URL vermangasporno.com/wp-content/themes/BlackNight24/js/jquery.js IP 172.67.70.224 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19 Last Seen2025-05-14 10:38 Times Seen245 Hash 233c7d5dea90dffee999afd6891aeb4d 28dcf912a37d855a5072b83aa78e7c432b728717 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919 Loading...

	vermangasporno.com/wp-content/plugins/theia-sticky-sidebar/js/theia-sticky-sidebar.js?ver=1.8.0	ScriptElement	16 kB	2023-03-07	2025-06-05
Pretty URL vermangasporno.com/wp-content/plugins/theia-sticky-sidebar/js/theia-sticky-sidebar.js?ver=1.8.0 IP 172.67.70.224 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:00 Last Seen2025-06-05 18:26 Times Seen96 Hash 90c7bf931df73f0b4f002584a83d6149 394b949517eda81865a2eff4346d4fddd80c71b4 8d01529d6b0a55fc8c5eedbb03768f3a1c21a157dd555172af0b1851687d5c46 Loading...

	vermangasporno.com/wp-content/themes/BlackNight24/js/theia-sticky-sidebar.js	ScriptElement	7.5 kB	2023-03-07	2025-04-05
Pretty URL vermangasporno.com/wp-content/themes/BlackNight24/js/theia-sticky-sidebar.js IP 172.67.70.224 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:06 Last Seen2025-04-05 06:01 Times Seen56 Hash 4edd22b288d78ddc0cac461d55b6de6d a5d8a700fd9ac41f7a19ded3ee428905e4475501 1c3f4135ae3d85f96b87f9ecaab5099b1e9249a778b10114f3e53307e25b7a54 Loading...

	www.googletagmanager.com/gtag/js?id=G-ZQ19DG6V6C	ScriptElement	280 kB	2024-08-20	2024-08-20
Pretty URL www.googletagmanager.com/gtag/js?id=G-ZQ19DG6V6C IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 14:01 Last Seen2024-08-20 14:01 Times Seen1 Hash b8262911822116b4b6484bb7558b7aca bdd88668fb479c9d922fbdd422d884e951e5feac 30b745fb1fc7ca355b27f8de07dd18a951d5c3547ef77be26692e940d46c696b Loading...

	vermangasporno.com/doujin	ScriptElement	153 B	2023-08-25	2025-04-05
Pretty URL vermangasporno.com/doujin IP 172.67.70.224 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-25 01:19 Last Seen2025-04-05 06:01 Times Seen24 Hash 3576c1122ee9b8aa36b7f04a798e51f5 a17b6e0d419f7b6c040bdca23bc6e1c313a88a6f 9e1cbb6548e7d4914b120bf78f165b5178997b3de85971bb17ddace98112780e Loading...

	vermangasporno.com/doujin	ScriptElement	3.3 kB	2024-01-01	2024-08-20
Pretty URL vermangasporno.com/doujin IP 172.67.70.224 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-01 22:32 Last Seen2024-08-20 14:22 Times Seen2 Hash 91c9dee3e091886c4d3b9f6c288ccc43 275abd41e7197007f558412c08ffec972ae04060 1719dc06046d445948feb8907b3160a3893792131ea2355f949f889cb09bec8d Loading...

	pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XQkFGmRowbMMy0uDFGzJgWNA7OaCFGxpgaLMfMsHHDxhgbNMKEySHi4Rg2aSjGsFERYp0xGcvgiCGmTI6GLWbcyCEyJQ6ROMjgbFFjjNcaYWLgKCMDBtKHYtKQyVhjJgwaOHpCJGOHIowabXE8hFNHzEIZMRrKeBgGDhyKNNraeDgHzkQdUnHkwHFjBmEyZv7eeNjGDUaGN3DIoLG38-cbgds-rBMjIxo6dODM0fHiBZ05LujICWPmTBk6Lsa8afPCIBkXcNDA-TFnTo8YiWfKJTM8ox2EbcJ4DtP4jRw3b4JX9xnm8ZahXfbKQapjbAsYekWMgdPmC5z1C2u4sFHmvUMRcthxGGQwPFTGfG0s5N5dq9URlA4i3GDGRjiYFEYLB85wIQ1miIFDC5KVsdKBOeBkBhkymHHVWSKkMaAIT7mQAwwubORCQzTIJccXLmYU44w1ynBjDTmuFkZGTbyhRxpssBHGC_rBAAIKV6ThBnV3zAGCE1SAEAONMOwAQpVu4CQmHmaCECBDd7kAQwogHHHgGm-8UNaXMHwZAwhGpCFHGWa8gccLX0Ypl1cZOfGEXN59gSiEisrFBnsiFOHEdGXY8cWfbFBUww2hzYQDDAUCeIYbf9VA2UMHaSqGHArG1-oXbbyxlg4y4EAUq3K8sZBlIryhkA6kiXCfoHnk99CfmUH4Wmyz1XadHNlt19134QlHnFxzBJhRr3SU510LdbiRBh0txJCDC2SMEYMMjHZbF0M2yGADXoEtJkK7GR30RbvvykVHgqC9NQMNiTEowsDwFkzDwQm3NUOpBm1aRmNflEcRSA8jXIPCmWbMBkK3LbTFwelBJMZj-wIaRh1sTLTXpAuVOsZnMPShQEA%3D&s=37ff102de8f54b2b99804e417abd152da4c1890ec1bd52d04edad5e1796b89981704344505&w=t&r=1&d=5&priv=true	ScriptElement	24 B	2023-03-07	2025-06-09
Pretty URL pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XQkFGmRowbMMy0uDFGzJgWNA7OaCFGxpgaLMfMsHHDxhgbNMKEySHi4Rg2aSjGsFERYp0xGcvgiCGmTI6GLWbcyCEyJQ6ROMjgbFFjjNcaYWLgKCMDBtKHYtKQyVhjJgwaOHpCJGOHIowabXE8hFNHzEIZMRrKeBgGDhyKNNraeDgHzkQdUnHkwHFjBmEyZv7eeNjGDUaGN3DIoLG38-cbgds-rBMjIxo6dODM0fHiBZ05LujICWPmTBk6Lsa8afPCIBkXcNDA-TFnTo8YiWfKJTM8ox2EbcJ4DtP4jRw3b4JX9xnm8ZahXfbKQapjbAsYekWMgdPmC5z1C2u4sFHmvUMRcthxGGQwPFTGfG0s5N5dq9URlA4i3GDGRjiYFEYLB85wIQ1miIFDC5KVsdKBOeBkBhkymHHVWSKkMaAIT7mQAwwubORCQzTIJccXLmYU44w1ynBjDTmuFkZGTbyhRxpssBHGC_rBAAIKV6ThBnV3zAGCE1SAEAONMOwAQpVu4CQmHmaCECBDd7kAQwogHHHgGm-8UNaXMHwZAwhGpCFHGWa8gccLX0Ypl1cZOfGEXN59gSiEisrFBnsiFOHEdGXY8cWfbFBUww2hzYQDDAUCeIYbf9VA2UMHaSqGHArG1-oXbbyxlg4y4EAUq3K8sZBlIryhkA6kiXCfoHnk99CfmUH4Wmyz1XadHNlt19134QlHnFxzBJhRr3SU510LdbiRBh0txJCDC2SMEYMMjHZbF0M2yGADXoEtJkK7GR30RbvvykVHgqC9NQMNiTEowsDwFkzDwQm3NUOpBm1aRmNflEcRSA8jXIPCmWbMBkK3LbTFwelBJMZj-wIaRh1sTLTXpAuVOsZnMPShQEA%3D&s=37ff102de8f54b2b99804e417abd152da4c1890ec1bd52d04edad5e1796b89981704344505&w=t&r=1&d=5&priv=true IP 144.76.168.81 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-09 21:22 Times Seen4522 Hash 0959ba36d476b6dc1994ba3c678b07c4 d30b94da72daa02766965206a85b7e0356375f5e 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Loading...

	vermangasporno.com/wp-content/themes/BlackNight24/js/ResizeSensor.js	ScriptElement	3.3 kB	2023-03-07	2025-04-05
Pretty URL vermangasporno.com/wp-content/themes/BlackNight24/js/ResizeSensor.js IP 172.67.70.224 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:48 Last Seen2025-04-05 06:01 Times Seen44 Hash 81f8ee718433309ed78a396086d7e600 3bdfc7accbf9d89a89e0517d8b6108b47c07ac7a fb4bd4419d686ab440d7ceb2101dcd4155b4f18a12c99052a44fb503c349afed Loading...

	pnuhondppw.com/get/1893204?zoneid=1893204&jp=_cl5myyuj29u4a33hlkqkyq&nojs=0&abvar=0&febuild=1.0.187&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7430045315616768&eclog=0&sp=1&im=1&freq=0	ScriptElement	5.6 kB	2024-08-20	2024-08-20
Pretty URL pnuhondppw.com/get/1893204?zoneid=1893204&jp=_cl5myyuj29u4a33hlkqkyq&nojs=0&abvar=0&febuild=1.0.187&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7430045315616768&eclog=0&sp=1&im=1&freq=0 IP 212.117.190.201 ASN #5577 root SA Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 14:01 Last Seen2024-08-20 14:01 Times Seen1 Hash edea9fe45ae0dced6baec4d9c5e8dbd2 817318ab3d436c4b24a9e9419d5ba96259dd56a9 bd15d470d80048b9c841f3706b2c8614faca7eebac5954f5cedd87bdc8b38594 Loading...

	a.exdynsrv.com/iframe.js?idzone=4852106&size=300x250	ScriptElement	2.3 kB	2023-12-02	2024-08-20
Pretty URL a.exdynsrv.com/iframe.js?idzone=4852106&size=300x250 IP 185.76.9.21 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-02 04:20 Last Seen2024-08-20 17:06 Times Seen9 Hash f197bbd2440252917852884c6f785134 731a84300c9aa2e71a45497bee8dca9df53c6c15 4cff3b5b8c275153497920ef6f36e5bcfb19b9ce5f55bf118d1ebc2e7e561576 Loading...

	unknown	ScriptElement	134 B	2023-03-07	2025-06-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-09 23:53 Times Seen5922 Hash 41eece0da217398b6f4d4ee2f01b6245 72f2098b0520b07dd3c6874646c920a3d367a4e2 62bba8c2295a14bb2d007a3f7f8730fd10cef7348a6474f3f832c99ca6795d35 Loading...

	vermangasporno.com/wp-content/themes/BlackNight24/js/extras.js	ScriptElement	387 B	2023-03-10	2025-04-05
Pretty URL vermangasporno.com/wp-content/themes/BlackNight24/js/extras.js IP 172.67.70.224 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 19:54 Last Seen2025-04-05 06:01 Times Seen30 Hash 3df526f4dc5fd123b9d97b4e2800fc04 0cda6a88be7b655556b58edfa723f17052620f6d c12552690698dbfe8c21479213a7f00e0021d25631fb9b1168b7909f575bf302 Loading...

	cdn.tsyndicate.com/sdk/v1/video.instant.message.js	ScriptElement	18 kB	2023-12-08	2024-08-20
Pretty URL cdn.tsyndicate.com/sdk/v1/video.instant.message.js IP 8.254.252.210 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 14:39 Last Seen2024-08-20 16:22 Times Seen15 Hash ab9a1d81fce7a7935e3141a0d7eee732 1099e3d5d4ebbefe29c311c2af8162e0c4e2b833 4436f7488a2d270b3c29810265e80ac9b71b6400ee2ea0c89354264976dd4cfb Loading...

	a.magsrv.com/ad-provider.js	ScriptElement	124 kB	2024-01-03	2024-08-20
Pretty URL a.magsrv.com/ad-provider.js IP 185.76.9.22 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-03 13:41 Last Seen2024-08-20 14:12 Times Seen489 Hash 93e083f5f8870fa08d8f4cf9d8a0a075 6d322331e398ea28bf10a78ddfb1cd19de4d6108 89b11d677d647277e26e1aee57592a2c77b52dfc60ce5a67a67f041c4d8cbb81 Loading...

	pnuhondppw.com/lv/esnk/1893204/code.js	ScriptElement	107 kB	2024-01-01	2024-08-20
Pretty URL pnuhondppw.com/lv/esnk/1893204/code.js IP 212.117.190.201 ASN #5577 root SA Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-01 22:32 Last Seen2024-08-20 14:22 Times Seen2 Hash 84672c3adeb2bf314ec737119a4577fe 7c280f11b69cba59093154d76862cd1d42726a72 cd09b46d040a609a12dd6b64772ee089bbb571b9150213f2850f1eedd31ac04d Loading...

	vermangasporno.com/doujin	ScriptElement	59 B	2023-03-07	2025-06-09
Pretty URL vermangasporno.com/doujin IP 172.67.70.224 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-06-09 23:53 Times Seen4834 Hash de7507ad26c6c904109c87dd5dfac288 952cae1ce6ce1e74b010b31b4357424c12a5960c 09f81a5c463b570b389ce0b118a29bf489353d0ae7d47eefee9b9e7b703e0e02 Loading...

	vermangasporno.com/wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.min.js?ver=2.2.10081	ScriptElement	1.5 kB	2023-10-15	2025-06-08
Pretty URL vermangasporno.com/wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.min.js?ver=2.2.10081 IP 172.67.70.224 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-15 08:23 Last Seen2025-06-08 23:17 Times Seen488 Hash 28c914914ecb12515a3e3694847d5063 77bcb6a5da1d191b01d42ac3d76f51b97b687c07 620e1bf8ac9225fd82f6bfd9b6e809ec4bed0eea1b844951745454ecba214a44 Loading...

	dresserderange.com/b3/d6/5f/b3d65ff4b4c61e7f7c8efc174698cf5d.js	ScriptElement	43 kB	2024-08-20	2024-08-20
Pretty URL dresserderange.com/b3/d6/5f/b3d65ff4b4c61e7f7c8efc174698cf5d.js IP 192.243.61.225 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 14:01 Last Seen2024-08-20 14:01 Times Seen1 Hash d57cd4f4d54eb9135e848fb671aceadd 9f96460ca4f33447451b71e2f8dbf7395497f80b 5a039473d448351adfe7c76e47ff24ef7e6cc39c8e5e056ea66c872542e8933d Loading...

	vermangasporno.com/wp-content/plugins/theia-sticky-sidebar/js/main.js?ver=1.8.0	ScriptElement	435 B	2023-03-07	2025-06-08
Pretty URL vermangasporno.com/wp-content/plugins/theia-sticky-sidebar/js/main.js?ver=1.8.0 IP 172.67.70.224 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:50 Last Seen2025-06-08 15:36 Times Seen197 Hash 84d0293a31628dc996d081e9bc8d2e87 13617849a087885cda74e6d8366dca00aa69aac4 3e304dfe39fde10af2ee219f794108f785d18dd88658877ddf07bce099f6a9fa Loading...

	a.magsrv.com/build-iframe-js-url.js?idzone=4890454	ScriptElement	759 B	2023-11-11	2024-08-20
Pretty URL a.magsrv.com/build-iframe-js-url.js?idzone=4890454 IP 185.76.9.22 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-11 07:23 Last Seen2024-08-20 20:00 Times Seen168 Hash 900321aeb522ed4d771e27735390ef95 66356fe66385489c120aae1f7777b775cc70c445 6629acfdfc9e78ea827200f1e071980ec775812e9382bb72e8659ea7a6c89776 Loading...

	a.exdynsrv.com/build-iframe-js-url.js?idzone=4852106	ScriptElement	761 B	2023-08-10	2024-08-21
Pretty URL a.exdynsrv.com/build-iframe-js-url.js?idzone=4852106 IP 185.76.9.21 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-10 20:27 Last Seen2024-08-21 09:34 Times Seen11 Hash edacfaf7abcff66892afd77f8d6015b9 ee5c7d5c6f74c562de6e6583c388cd7559765c7a 248a1b6d46165d5082820751c84ee3bb2d049d7704e64491de38d142793cee68 Loading...

	dotdealingfilling.com/cd/8e/95/cd8e952e8a084be067421bba0e22d429.js	ScriptElement	85 kB	2024-08-20	2024-08-20
Pretty URL dotdealingfilling.com/cd/8e/95/cd8e952e8a084be067421bba0e22d429.js IP 173.233.139.164 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 14:01 Last Seen2024-08-20 14:01 Times Seen1 Hash e91a1dd31c846880bc1e20b8335259a6 e50feb69c9a7cd9af6679cf20271d7f2eecdccff 8c5264d2ce66821b917b53fef2ac51e061a414622cf8d05683aef02e67c5f6b7 Loading...

	a.magsrv.com/iframe.js?idzone=4890454&size=300x250&sub=14536	ScriptElement	2.3 kB	2024-01-01	2024-08-20
Pretty URL a.magsrv.com/iframe.js?idzone=4890454&size=300x250&sub=14536 IP 185.76.9.22 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-01 22:32 Last Seen2024-08-20 14:22 Times Seen2 Hash b2595fc281fd35784d8485c1165d6eeb af17702ede0fac34464b3ac980924fa64975fac6 7e78fbd50baaf27843088cadcaa3a5288543dea6ab39e93b9bdf2ed2afa61ee4 Loading...

	vermangasporno.com/wp-content/plugins/theia-sticky-sidebar/js/ResizeSensor.js?ver=1.8.0	ScriptElement	6.0 kB	2023-03-07	2025-06-08
Pretty URL vermangasporno.com/wp-content/plugins/theia-sticky-sidebar/js/ResizeSensor.js?ver=1.8.0 IP 172.67.70.224 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:50 Last Seen2025-06-08 15:36 Times Seen215 Hash 5bf4cf74118e7fc71e1b6166e21d5524 94442c92dcbb40e92709b2c14ffebb8756f474d3 2f826a947a47c13c4af480b9b7853e9ca12d2873c67a9200f3c7a26f8cacae2d Loading...

	vermangasporno.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1	ScriptElement	14 kB	2023-05-09	2025-06-10
Pretty URL vermangasporno.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP 172.67.70.224 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 19:21 Last Seen2025-06-10 04:56 Times Seen111610 Hash 9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Loading...

	vidogrey.fun/banner300G7UqNJRquAYHwhBh4eL6.js	ScriptElement	4.1 kB	2023-03-14	2024-08-21
Pretty URL vidogrey.fun/banner300G7UqNJRquAYHwhBh4eL6.js IP 37.140.192.137 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 04:39 Last Seen2024-08-21 09:34 Times Seen20 Hash 0d94b9d0f40a26c7d11a4ba2756b34ca 2ea0dbc9adb327ebb5810574a59bd4fe3b51f28a 8003cbf629ea9d1c69565cb98e129a71a176c61254205119c4900ee811e14952 Loading...

	lcdn.tsyndicate.com/sdk/v1/b.b.js	ScriptElement	8.0 kB	2023-08-03	2024-08-21
Pretty URL lcdn.tsyndicate.com/sdk/v1/b.b.js IP 8.247.219.121 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-03 19:13 Last Seen2024-08-21 09:44 Times Seen1849 Hash b0a8eae036a72f605538b002e33f7023 5916ea9eeb0b676d6f44637601c40d0dc69542d1 7b9affd37cf01ac1a4c5f4a4ccb1936f0412ff771fb24e36a55682d2bf0ac554 Loading...

	vermangasporno.com/doujin	ScriptElement	1.2 kB	2023-10-15	2024-08-21
Pretty URL vermangasporno.com/doujin IP 172.67.70.224 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-15 08:23 Last Seen2024-08-21 04:40 Times Seen17 Hash 17b7123f19142a35b2e147fbea92a80f 326b19738205d7c87f8bf497221f046b5252714a 1c1c8897d79170714381304af1e54cb2bd6c5c19d11b2275a455c4902c162bf3 Loading...

	a.realsrv.com/ad-provider.js	ScriptElement	124 kB	2024-01-03	2024-08-20
Pretty URL a.realsrv.com/ad-provider.js IP 185.76.9.18 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-03 14:59 Last Seen2024-08-20 14:11 Times Seen92 Hash 83caf9a95630ba181957a6dfd73f4c6f 9252d534220fbfdb57517c15a8adae1810579037 4d87ff3cd1e3a454f2755c9c1ac91e634245cbb7b75cbc41735a8f95ec7cb913 Loading...

	vermangasporno.com/wp-content/themes/BlackNight24/js/main.js	ScriptElement	341 B	2023-03-07	2025-04-05
Pretty URL vermangasporno.com/wp-content/themes/BlackNight24/js/main.js IP 172.67.70.224 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:48 Last Seen2025-04-05 06:01 Times Seen106 Hash 167e4f49d415c3788e83df27c21e12f9 15fd728540f6d72cbc4469265db084e77c090718 a7c860a1505343bc4dc80a473bfe23f625da447d71af4db67b529065295d5171 Loading...

	a.exdynsrv.com/ad-provider.js	ScriptElement	124 kB	2024-01-03	2024-08-20
Pretty URL a.exdynsrv.com/ad-provider.js IP 185.76.9.21 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-03 19:00 Last Seen2024-08-20 14:08 Times Seen31 Hash 9f759d11d360ee80927129caaeb27471 3fc4d71c322dc74dc50c3d716e1a2902dfaa3dfd 11dab0d9ba61b307a0deee15e4debab7e3f14ea0947663ec61640b84f7a265d1 Loading...

	vermangasporno.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1	ScriptElement	88 kB	2023-11-03	2025-06-10
Pretty URL vermangasporno.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP 172.67.70.224 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26 Last Seen2025-06-10 04:56 Times Seen98782 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

	vermangasporno.com/doujin	ScriptElement	226 B	2024-01-01	2024-08-20
Pretty URL vermangasporno.com/doujin IP 172.67.70.224 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-01 22:32 Last Seen2024-08-20 14:22 Times Seen8 Hash 5489ba979195755a8f6a081418e7f870 a9cf275e9309004a73dbfb56557a2dd20181dcfd 057582aa599891baa493c7f8018239018cedf437c75cf43e4638c9d2d9c6945f Loading...

	vermangasporno.com/wp-content/themes/BlackNight24/js/jquery-migrate.min.js	ScriptElement	10 kB	2023-03-07	2025-06-10
Pretty URL vermangasporno.com/wp-content/themes/BlackNight24/js/jquery-migrate.min.js IP 172.67.70.224 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-10 04:46 Times Seen15551 Hash 7121994eec5320fbe6586463bf9651c2 90532aff6d4121954254cdf04994d834f7ec169b 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Loading...

	vermangasporno.com/doujin	ScriptElement	8.3 kB	2023-03-07	2025-06-10
Pretty URL vermangasporno.com/doujin IP 172.67.70.224 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-06-10 02:55 Times Seen3700 Hash eb78fac132e7cff1e4556b0ee5be04cf 8c0633f511df47c21639be83c719ae0e1ea26555 163c4d52fb653e1c2463e1a0e397faa297729ad6269b5205b915f3ed4b8b8d8b Loading...

HTTP Transactions (84)

URL IP Response Size

vermangasporno.com/wp-content/themes/BlackNight24/style.css

172.67.70.224

200 OK

0 B

URL GET HTTP/2
vermangasporno.com/wp-content/themes/BlackNight24/style.css
IP
172.67.70.224:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB9:B8:F0:F3:8C:32:3E:2D:86:56:B2:8C:B3:8F:FC:60:5E:AF:30:2D
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/themes/BlackNight24/style.css HTTP/1.1
Host: vermangasporno.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vermangasporno.com/doujin
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:43 GMT
content-type: text/css
content-length: 0
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=225
etag: "e1-622f21fe-0;gz"
expires: Mon, 23 Dec 2024 11:48:49 GMT
last-modified: Mon, 14 Mar 2022 11:07:42 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 925974
accept-ranges: bytes
server: cloudflare
cf-ray: 8400ecd7fd305685-OSL
X-Firefox-Spdy: h2

cdn.tsyndicate.com/sdk/v1/video.instant.message.js

8.254.252.210

200 OK

7.3 kB

URL GET HTTP/2
cdn.tsyndicate.com/sdk/v1/video.instant.message.js
IP
8.254.252.210:443
ASN
#3356 LEVEL3

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerSectigo Limited
Subjectcdn.tsyndicate.com
FingerprintB6:87:8F:D6:E3:48:CF:61:4E:55:B9:6B:66:FC:B2:13:7F:A0:0D:BA
ValidityWed, 14 Jun 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (17763)
Size
7.3 kB (7347 bytes)
Hash
ab9a1d81fce7a7935e3141a0d7eee732
1099e3d5d4ebbefe29c311c2af8162e0c4e2b833
4436f7488a2d270b3c29810265e80ac9b71b6400ee2ea0c89354264976dd4cfb

HTTP Headers

GET /sdk/v1/video.instant.message.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:43 GMT
content-type: application/javascript
content-length: 7347
server: nginx
last-modified: Thu, 07 Dec 2023 10:05:32 GMT
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
etag: W/"657198ec-45c2"
content-encoding: gzip
age: 2400541
accept-ranges: bytes
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-ZQ19DG6V6C

142.250.74.168

200 OK

93 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-ZQ19DG6V6C
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (5955)
Size
93 kB (93064 bytes)
Hash
b8262911822116b4b6484bb7558b7aca
bdd88668fb479c9d922fbdd422d884e951e5feac
30b745fb1fc7ca355b27f8de07dd18a951d5c3547ef77be26692e940d46c696b

HTTP Headers

GET /gtag/js?id=G-ZQ19DG6V6C HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 04 Jan 2024 05:01:43 GMT
expires: Thu, 04 Jan 2024 05:01:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93064
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

vermangasporno.com/wp-content/themes/BlackNight24/img/search-blue.png

172.67.70.224

200 OK

757 B

URL GET HTTP/2
vermangasporno.com/wp-content/themes/BlackNight24/img/search-blue.png
IP
172.67.70.224:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB9:B8:F0:F3:8C:32:3E:2D:86:56:B2:8C:B3:8F:FC:60:5E:AF:30:2D
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced
Size
757 B (757 bytes)
Hash
c5a8a75575c8ecccbe00a03392335166
893d65859bd0ce2413f0eb2ddd4fe683cb23fec5
70c9ff8a7877b07b1ec8c9422aebf80906bb11b601c407915c27c2df65290024

HTTP Headers

GET /wp-content/themes/BlackNight24/img/search-blue.png HTTP/1.1
Host: vermangasporno.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vermangasporno.com/wp-content/themes/BlackNight24/css/main.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:43 GMT
content-type: image/png
content-length: 757
cache-control: public, max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "2f5-622f21fe-0;;;"
expires: Fri, 13 Dec 2024 23:50:43 GMT
last-modified: Mon, 14 Mar 2022 11:07:42 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 1746660
accept-ranges: bytes
server: cloudflare
cf-ray: 8400ecdba8245685-OSL
X-Firefox-Spdy: h2

vermangasporno.com/wp-content/themes/BlackNight24/js/jquery.js

172.67.70.224

200 OK

35 kB

URL GET HTTP/2
vermangasporno.com/wp-content/themes/BlackNight24/js/jquery.js
IP
172.67.70.224:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB9:B8:F0:F3:8C:32:3E:2D:86:56:B2:8C:B3:8F:FC:60:5E:AF:30:2D
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
35 kB (35082 bytes)
Hash
233c7d5dea90dffee999afd6891aeb4d
28dcf912a37d855a5072b83aa78e7c432b728717
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

HTTP Headers

GET /wp-content/themes/BlackNight24/js/jquery.js HTTP/1.1
Host: vermangasporno.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vermangasporno.com/doujin
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:43 GMT
content-type: application/x-javascript
cache-control: public, max-age=31536000
expires: Fri, 27 Dec 2024 11:28:38 GMT
last-modified: Mon, 14 Mar 2022 11:07:42 GMT
etag: W/"17a62-622f21fe-0;gz"
vary: Accept-Encoding,User-Agent
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 581585
server: cloudflare
cf-ray: 8400ecd7fd335685-OSL
content-encoding: br
X-Firefox-Spdy: h2

pnuhondppw.com/lv/esnk/1893204/code.js

212.117.190.201

200 OK

39 kB

URL GET HTTP/2
pnuhondppw.com/lv/esnk/1893204/code.js
IP
212.117.190.201:443
ASN
#5577 root SA

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint46:B8:C5:64:0C:04:8B:B5:0B:8B:00:09:F8:F4:2B:8D:2D:E9:B9:6C
ValiditySun, 29 Oct 2023 23:45:07 GMT - Fri, 26 Apr 2024 21:59:00 GMT

File type
gzip compressed data, max speed, from Unix
Size
39 kB (39389 bytes)
Hash
9cf924dc740ecac1902d84d0ab03f9b0
2ec9c17a9328de569f56e3d805704136d3227c7b
dd2d62b7d2141fe3045575609bcd356bf8ae5f58ee993346c407155eb2c79296

HTTP Headers

GET /lv/esnk/1893204/code.js HTTP/1.1
Host: pnuhondppw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 04 Jan 2024 05:01:43 GMT
content-type: application/javascript
last-modified: Tue, 26 Dec 2023 10:47:39 GMT
vary: Accept-Encoding
etag: W/"658aaf4b-1a3e3"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vermangasporno.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 30 Dec 2023 00:53:44 GMT
expires: Sun, 29 Dec 2024 00:53:44 GMT
cache-control: public, max-age=31536000
age: 446879
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

scl6gc5l.site/api/data/analytics_ads_v2

213.189.201.178

204 No Content

0 B

URL OPTIONS HTTP/1.1
scl6gc5l.site/api/data/analytics_ads_v2
IP
213.189.201.178:443
ASN
#0

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerGlobalSign nv-sa
Subjectwww.scl6gc5l.site
FingerprintC4:63:2C:B2:9F:48:F2:11:12:9F:DB:A3:7E:39:90:6E:99:72:24:85
ValidityTue, 21 Nov 2023 19:15:40 GMT - Sun, 22 Dec 2024 19:15:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/data/analytics_ads_v2 HTTP/1.1
Host: scl6gc5l.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://vermangasporno.com/
Origin: https://vermangasporno.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 04 Jan 2024 05:01:43 GMT
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *

fonts.googleapis.com/css?family=Roboto&display=swap

142.250.74.106

200 OK

39 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT

File type
ASCII text, with very long lines (29967)
Size
39 kB (38550 bytes)
Hash
de194f3517489317fd13ec96bf74dfc5
0f11f99ce59c6dc1ee72cd1bd759ff29945700ee
9b59e46676fec19a51018b48e1ecc2e64ff2764b617407eee52bf00a79bcb198

HTTP Headers

GET /css?family=Roboto&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 04 Jan 2024 05:01:43 GMT
date: Thu, 04 Jan 2024 05:01:43 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

scl6gc5l.site/api/data/analytics_ads_v2

213.189.201.178

204 No Content

255 B

URL OPTIONS HTTP/1.1
scl6gc5l.site/api/data/analytics_ads_v2
IP
213.189.201.178:443
ASN
#0

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerGlobalSign nv-sa
Subjectwww.scl6gc5l.site
FingerprintC4:63:2C:B2:9F:48:F2:11:12:9F:DB:A3:7E:39:90:6E:99:72:24:85
ValidityTue, 21 Nov 2023 19:15:40 GMT - Sun, 22 Dec 2024 19:15:39 GMT

File type
JSON data
Size
255 B (255 bytes)
Hash
30363dfd448efe89bb0df99ba19bf45e
6d9702737bb3f7d9186f9e58bd99909569d27c77
648d9d773c9d95e39f82c6676edd93ab955ce3466945c888b118845d782ff971

HTTP Headers

POST /api/data/analytics_ads_v2 HTTP/1.1
Host: scl6gc5l.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 158
Origin: https://vermangasporno.com
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 04 Jan 2024 05:01:43 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *

dotdealingfilling.com/cd/8e/95/cd8e952e8a084be067421bba0e22d429.js

173.233.139.164

200 OK

29 kB

URL GET HTTP/1.1
dotdealingfilling.com/cd/8e/95/cd8e952e8a084be067421bba0e22d429.js
IP
173.233.139.164:443
ASN
#7979 SERVERS-COM

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerLet's Encrypt
Subjectdotdealingfilling.com
Fingerprint13:39:90:F7:1B:C0:07:04:68:B9:16:8F:E2:6D:66:F0:CF:A4:31:0F
ValidityThu, 28 Dec 2023 06:39:04 GMT - Wed, 27 Mar 2024 06:39:03 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
29 kB (28803 bytes)
Hash
e91a1dd31c846880bc1e20b8335259a6
e50feb69c9a7cd9af6679cf20271d7f2eecdccff
8c5264d2ce66821b917b53fef2ac51e061a414622cf8d05683aef02e67c5f6b7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cd/8e/95/cd8e952e8a084be067421bba0e22d429.js HTTP/1.1
Host: dotdealingfilling.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 04 Jan 2024 05:01:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0eee4ec61b1009fb56dbb0c21ef9c616
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA22PQU7EMAxFr8IFGn07TuLMmjVIIA6QdlJW06IZCYHkw+N0BCvyFdty/lNsBssEmiAPwAl0kmiVQkUQDpTEnp5fTMg++/XStvd2+9iv2x6W/WLqqIixRiFxqKCIicYYSY0IlrlkCExrUc6s5nU0uDhFJ70KAMgK7O318bg0BPM4PjZ22mt8DUqUWeeWeaFOxFq5RZrXXtdZkdJ5GP8bFHcFRGX38G/DNQ0kkkRfxfzAjna7fW+L2Z9N8pHSwfIIg7u/kydfxwfznbXPSZDX1mvJZ5+xSNH8A29aK1llAQAA

95.211.229.246

200 OK

20 B

URL GET HTTP/1.1
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA22PQU7EMAxFr8IFGn07TuLMmjVIIA6QdlJW06IZCYHkw+N0BCvyFdty/lNsBssEmiAPwAl0kmiVQkUQDpTEnp5fTMg++/XStvd2+9iv2x6W/WLqqIixRiFxqKCIicYYSY0IlrlkCExrUc6s5nU0uDhFJ70KAMgK7O318bg0BPM4PjZ22mt8DUqUWeeWeaFOxFq5RZrXXtdZkdJ5GP8bFHcFRGX38G/DNQ0kkkRfxfzAjna7fW+L2Z9N8pHSwfIIg7u/kydfxwfznbXPSZDX1mvJZ5+xSNH8A29aK1llAQAA
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerLet's Encrypt
Subjectrealsrv.com
Fingerprint44:2D:DC:FD:4A:2E:1C:BD:23:E3:23:21:E2:45:57:13:37:E2:3F:C8
ValidityMon, 18 Dec 2023 09:34:14 GMT - Sun, 17 Mar 2024 09:34:13 GMT

File type
gzip compressed data, max speed, from Unix
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /cimp.php?t=api&data=H4sIAAAAAAAAA22PQU7EMAxFr8IFGn07TuLMmjVIIA6QdlJW06IZCYHkw+N0BCvyFdty/lNsBssEmiAPwAl0kmiVQkUQDpTEnp5fTMg++/XStvd2+9iv2x6W/WLqqIixRiFxqKCIicYYSY0IlrlkCExrUc6s5nU0uDhFJ70KAMgK7O318bg0BPM4PjZ22mt8DUqUWeeWeaFOxFq5RZrXXtdZkdJ5GP8bFHcFRGX38G/DNQ0kkkRfxfzAjna7fW+L2Z9N8pHSwfIIg7u/kydfxwfznbXPSZDX1mvJZ5+xSNH8A29aK1llAQAA HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vermangasporno.com
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265963bb7b6d0b6.558819981469180273%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 04 Jan 2024 05:01:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://vermangasporno.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22110.0199%22%7D; expires=Sat, 03 Jan 2026 05:01:43 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

s3t3d2y8.afcdn.net/library/802444/179ee3ab587e6094f27c3d5081fc701b07651398.webp

185.76.9.26

200 OK

4.5 kB

URL GET HTTP/2
s3t3d2y8.afcdn.net/library/802444/179ee3ab587e6094f27c3d5081fc701b07651398.webp
IP
185.76.9.26:443
ASN
#60068 Datacamp Limited

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerLet's Encrypt
Subjectafcdn.net
FingerprintC5:FB:4C:15:68:19:02:A7:CA:DC:53:AC:6D:AD:7E:D0:57:C2:D0:C9
ValidityMon, 18 Dec 2023 09:17:12 GMT - Sun, 17 Mar 2024 09:17:11 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp
Size
4.5 kB (4498 bytes)
Hash
3a33d738939052a11a2ad76f9eade5d1
179ee3ab587e6094f27c3d5081fc701b07651398
fb72cfbb711af96a1abc7daab64778f7e9a21c0c5da3d5c6b07211e5f0ffb067

HTTP Headers

GET /library/802444/179ee3ab587e6094f27c3d5081fc701b07651398.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:43 GMT
content-type: image/webp
content-length: 4498
last-modified: Fri, 15 Jul 2022 11:08:07 GMT
etag: "62d14a97-1192"
expires: Sat, 15 Jul 2023 11:45:37 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: EQwBuUwJFAH3cP3iAA
x-77-nzt-ray: af585630eef3607bb73b96651f4e883b
x-accel-expires: @1721004487
x-accel-date: 1689468487
x-cache-lb: HIT
x-age-lb: 14876016
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 14876016
accept-ranges: bytes
X-Firefox-Spdy: h2

s3t3d2y8.afcdn.net/library/802444/26d2e9758abed93dcb4846fb53753ea7548231ec.webp

185.76.9.26

200 OK

6.8 kB

URL GET HTTP/2
s3t3d2y8.afcdn.net/library/802444/26d2e9758abed93dcb4846fb53753ea7548231ec.webp
IP
185.76.9.26:443
ASN
#60068 Datacamp Limited

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerLet's Encrypt
Subjectafcdn.net
FingerprintC5:FB:4C:15:68:19:02:A7:CA:DC:53:AC:6D:AD:7E:D0:57:C2:D0:C9
ValidityMon, 18 Dec 2023 09:17:12 GMT - Sun, 17 Mar 2024 09:17:11 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp
Size
6.8 kB (6790 bytes)
Hash
5d9325b7bae76ad2cfd7f5d8b6db322c
26d2e9758abed93dcb4846fb53753ea7548231ec
d6054a66b68c81d911b44b00bdffb9ee91a97e769c2bb83b1cbe396301ac48c1

HTTP Headers

GET /library/802444/26d2e9758abed93dcb4846fb53753ea7548231ec.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:44 GMT
content-type: image/webp
content-length: 6790
last-modified: Fri, 15 Jul 2022 11:08:07 GMT
etag: "62d14a97-1a86"
expires: Sat, 15 Jul 2023 11:43:05 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: EQwBuUwJFAH3Rv3iAA
x-77-nzt-ray: af585630eef3607bb83b9665ee881a00
x-accel-expires: @1721004530
x-accel-date: 1689468530
x-cache-lb: HIT
x-age-lb: 14875974
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 14875974
accept-ranges: bytes
X-Firefox-Spdy: h2

vermangasporno.com/wp-content/themes/BlackNight24/css/extras.css

172.67.70.224

200 OK

248 kB

URL GET HTTP/2
vermangasporno.com/wp-content/themes/BlackNight24/css/extras.css
IP
172.67.70.224:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB9:B8:F0:F3:8C:32:3E:2D:86:56:B2:8C:B3:8F:FC:60:5E:AF:30:2D
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (9151), with no line terminators
Size
248 kB (248479 bytes)
Hash
2d42d97e84bfa1cf208227e3417a30db
96cd6099d0e2d1dc14f5138ad1583db82e5b9b56
dbae7f3e5e14eb18dd5b932f49688e1487aa37e0d95a9aa77650958452beed3e

HTTP Headers

GET /wp-content/themes/BlackNight24/css/extras.css HTTP/1.1
Host: vermangasporno.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vermangasporno.com/doujin
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:43 GMT
content-type: text/css
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=11803
etag: W/"2e1b-622f21fe-0;gz"
expires: Tue, 03 Dec 2024 19:33:34 GMT
last-modified: Mon, 14 Mar 2022 11:07:42 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 2626089
server: cloudflare
cf-ray: 8400ecd7fd3d5685-OSL
content-encoding: br
X-Firefox-Spdy: h2

syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA22PQW4DIQxFr9ILDPo2BkzWXSdSqx4AppOuMlMlUtVIPnzNRO2qfGEs85/4MFgm0AR5Ag6gg0SrFCqCcKAkdjy9mJB9LddLWz/a7XO7rluYt4upoyLGGoXEoYIiJly1lGwJaplLhsC0FuUcYd5Hg4tTdNK7AICswN5en/dNQzCv42Fjp73H96BEmbW3zDMtRKyVW6R+Xuq5K1J6H8b/guKhgJqTe/h34JoGEkmif8V8wfZxu93X2ezPJnk/0s7yKIN73JOHnVud4yKStBfPyBEJHT2Lxtor/wAoLJ9DZQEAAA==

95.211.229.246

200 OK

20 B

URL GET HTTP/1.1
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA22PQW4DIQxFr9ILDPo2BkzWXSdSqx4AppOuMlMlUtVIPnzNRO2qfGEs85/4MFgm0AR5Ag6gg0SrFCqCcKAkdjy9mJB9LddLWz/a7XO7rluYt4upoyLGGoXEoYIiJly1lGwJaplLhsC0FuUcYd5Hg4tTdNK7AICswN5en/dNQzCv42Fjp73H96BEmbW3zDMtRKyVW6R+Xuq5K1J6H8b/guKhgJqTe/h34JoGEkmif8V8wfZxu93X2ezPJnk/0s7yKIN73JOHnVud4yKStBfPyBEJHT2Lxtor/wAoLJ9DZQEAAA==
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerLet's Encrypt
Subjectrealsrv.com
Fingerprint44:2D:DC:FD:4A:2E:1C:BD:23:E3:23:21:E2:45:57:13:37:E2:3F:C8
ValidityMon, 18 Dec 2023 09:34:14 GMT - Sun, 17 Mar 2024 09:34:13 GMT

File type
gzip compressed data, max speed, from Unix
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /cimp.php?t=api&data=H4sIAAAAAAAAA22PQW4DIQxFr9ILDPo2BkzWXSdSqx4AppOuMlMlUtVIPnzNRO2qfGEs85/4MFgm0AR5Ag6gg0SrFCqCcKAkdjy9mJB9LddLWz/a7XO7rluYt4upoyLGGoXEoYIiJly1lGwJaplLhsC0FuUcYd5Hg4tTdNK7AICswN5en/dNQzCv42Fjp73H96BEmbW3zDMtRKyVW6R+Xuq5K1J6H8b/guKhgJqTe/h34JoGEkmif8V8wfZxu93X2ezPJnk/0s7yKIN73JOHnVud4yKStBfPyBEJHT2Lxtor/wAoLJ9DZQEAAA== HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vermangasporno.com
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265963bb7b6d0b6.558819981469180273%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 04 Jan 2024 05:01:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://vermangasporno.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Sat, 03 Jan 2026 05:01:44 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

pnuhondppw.com/chicken.gif?z=1893204&pb=c661cd09eafb6a3366981676213093f61704351703&psp=L-e85ZRNGW0uSfwOctHz_A82Lk8mDDT2T4HykkpNOEY7PQnqY_Wiccryo3RbMZLZ5TSiRYwhDjTn8EN3EpITxp357LcJF6vBL-kISSzW7aBxGeH7U-tE-NuuZTTCdJofsgAYy3trhIKHfGbq0FHty9e5-spYLc1mGZWKpeq7xPZp8WUM4OQ_i_kaYJVsk77PGkAXLGfVbY3HPSNFtzik3M5afcL4-OebUT320o-OdmtIKiDqHs9w2iyINP6CKLF6VkPBy2ek7Bd3bKZBR9U7kaI_A-AS9Cmb8PUNbncKV0TKkfCWwieDvJA--5NS6rFOFG8vEQdLKgD7pRxkRiuh1xzFzYdPSQtI4VlnoIJCS6g6O3_GG_8QVUs5-W2N20v-dYG-62ux5zOmrp2FqCIUD8AOh1Gp7MOIt6TxmyYD6CdHUD1lDDIKOYqUlzIbrBrOUe52Zynr-x0TgVvP7AfvkbxB_3Wy3NPjtjzU16BSkKjg2fQayh1EBojDnIkY_Yc1BixjwDlRxzWflq6n-X2HN8A8jZVoguzWqJr1_fHa5IQ-ckKVqPEnDRHHEtn3DXA4Kmm_Fn9bXP9f1KuxuYTVaC9q52-_RtFLbPrM_x6bKhFW_Daz9y4am8lTI7_vHz8TzwqWBW8OP-mCOCysln7OUzk1Mkws7rjax40EpcO4hhtBdLEFSS-JhIFWcoD6LNIQEnb0rtO197h5hiXJqhrPRADfaJIcT73zlE2Jn3tYf-fCR117ZdKPqUK8UJgCFl3zZjk6Ij_LsKMH9TwtItN-vl_KvjaiwuEIwork_En7HTbu2QKgLOUj_MC1JdXVAv3Bw7YEWQNBz0-qmnd69Zx3EOooCILS5NVb0nujjPBXuS4A3FiqntLGOSokNZFiUSSLkHW6uwn0J7XOp398_-PDgH5TSTgJ4wouSOJZQmyY372E6dGWpRc58yX0HJjTViLhzsohxc-v7TZy08bSNrVwBD6wqJRbre7oB6zHmmDwluAQ6QuidsZC7BAjGeqUt_jdobXNTZ7MH8FfL1_mPoK-kx_lcM-wvZ_kTSrP48V_ITSaSuFBJkIlBjWKHPI2C4S6uNBPwyVcFd7nZ7-mk4b8J1-7ZlI4MKOSS8wXFn5HAy2gre8=&im=1&freq=0&nojs=0&abvar=0&febuild=1.0.187&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7430045315616768&eclog=0&sp=1&im=1&pload=314

212.117.190.201

200 OK

43 B

URL GET HTTP/2
pnuhondppw.com/chicken.gif?z=1893204&pb=c661cd09eafb6a3366981676213093f61704351703&psp=L-e85ZRNGW0uSfwOctHz_A82Lk8mDDT2T4HykkpNOEY7PQnqY_Wiccryo3RbMZLZ5TSiRYwhDjTn8EN3EpITxp357LcJF6vBL-kISSzW7aBxGeH7U-tE-NuuZTTCdJofsgAYy3trhIKHfGbq0FHty9e5-spYLc1mGZWKpeq7xPZp8WUM4OQ_i_kaYJVsk77PGkAXLGfVbY3HPSNFtzik3M5afcL4-OebUT320o-OdmtIKiDqHs9w2iyINP6CKLF6VkPBy2ek7Bd3bKZBR9U7kaI_A-AS9Cmb8PUNbncKV0TKkfCWwieDvJA--5NS6rFOFG8vEQdLKgD7pRxkRiuh1xzFzYdPSQtI4VlnoIJCS6g6O3_GG_8QVUs5-W2N20v-dYG-62ux5zOmrp2FqCIUD8AOh1Gp7MOIt6TxmyYD6CdHUD1lDDIKOYqUlzIbrBrOUe52Zynr-x0TgVvP7AfvkbxB_3Wy3NPjtjzU16BSkKjg2fQayh1EBojDnIkY_Yc1BixjwDlRxzWflq6n-X2HN8A8jZVoguzWqJr1_fHa5IQ-ckKVqPEnDRHHEtn3DXA4Kmm_Fn9bXP9f1KuxuYTVaC9q52-_RtFLbPrM_x6bKhFW_Daz9y4am8lTI7_vHz8TzwqWBW8OP-mCOCysln7OUzk1Mkws7rjax40EpcO4hhtBdLEFSS-JhIFWcoD6LNIQEnb0rtO197h5hiXJqhrPRADfaJIcT73zlE2Jn3tYf-fCR117ZdKPqUK8UJgCFl3zZjk6Ij_LsKMH9TwtItN-vl_KvjaiwuEIwork_En7HTbu2QKgLOUj_MC1JdXVAv3Bw7YEWQNBz0-qmnd69Zx3EOooCILS5NVb0nujjPBXuS4A3FiqntLGOSokNZFiUSSLkHW6uwn0J7XOp398_-PDgH5TSTgJ4wouSOJZQmyY372E6dGWpRc58yX0HJjTViLhzsohxc-v7TZy08bSNrVwBD6wqJRbre7oB6zHmmDwluAQ6QuidsZC7BAjGeqUt_jdobXNTZ7MH8FfL1_mPoK-kx_lcM-wvZ_kTSrP48V_ITSaSuFBJkIlBjWKHPI2C4S6uNBPwyVcFd7nZ7-mk4b8J1-7ZlI4MKOSS8wXFn5HAy2gre8=&im=1&freq=0&nojs=0&abvar=0&febuild=1.0.187&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7430045315616768&eclog=0&sp=1&im=1&pload=314
IP
212.117.190.201:443
ASN
#5577 root SA

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint46:B8:C5:64:0C:04:8B:B5:0B:8B:00:09:F8:F4:2B:8D:2D:E9:B9:6C
ValiditySun, 29 Oct 2023 23:45:07 GMT - Fri, 26 Apr 2024 21:59:00 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

HTTP Headers

GET /chicken.gif?z=1893204&pb=c661cd09eafb6a3366981676213093f61704351703&psp=L-e85ZRNGW0uSfwOctHz_A82Lk8mDDT2T4HykkpNOEY7PQnqY_Wiccryo3RbMZLZ5TSiRYwhDjTn8EN3EpITxp357LcJF6vBL-kISSzW7aBxGeH7U-tE-NuuZTTCdJofsgAYy3trhIKHfGbq0FHty9e5-spYLc1mGZWKpeq7xPZp8WUM4OQ_i_kaYJVsk77PGkAXLGfVbY3HPSNFtzik3M5afcL4-OebUT320o-OdmtIKiDqHs9w2iyINP6CKLF6VkPBy2ek7Bd3bKZBR9U7kaI_A-AS9Cmb8PUNbncKV0TKkfCWwieDvJA--5NS6rFOFG8vEQdLKgD7pRxkRiuh1xzFzYdPSQtI4VlnoIJCS6g6O3_GG_8QVUs5-W2N20v-dYG-62ux5zOmrp2FqCIUD8AOh1Gp7MOIt6TxmyYD6CdHUD1lDDIKOYqUlzIbrBrOUe52Zynr-x0TgVvP7AfvkbxB_3Wy3NPjtjzU16BSkKjg2fQayh1EBojDnIkY_Yc1BixjwDlRxzWflq6n-X2HN8A8jZVoguzWqJr1_fHa5IQ-ckKVqPEnDRHHEtn3DXA4Kmm_Fn9bXP9f1KuxuYTVaC9q52-_RtFLbPrM_x6bKhFW_Daz9y4am8lTI7_vHz8TzwqWBW8OP-mCOCysln7OUzk1Mkws7rjax40EpcO4hhtBdLEFSS-JhIFWcoD6LNIQEnb0rtO197h5hiXJqhrPRADfaJIcT73zlE2Jn3tYf-fCR117ZdKPqUK8UJgCFl3zZjk6Ij_LsKMH9TwtItN-vl_KvjaiwuEIwork_En7HTbu2QKgLOUj_MC1JdXVAv3Bw7YEWQNBz0-qmnd69Zx3EOooCILS5NVb0nujjPBXuS4A3FiqntLGOSokNZFiUSSLkHW6uwn0J7XOp398_-PDgH5TSTgJ4wouSOJZQmyY372E6dGWpRc58yX0HJjTViLhzsohxc-v7TZy08bSNrVwBD6wqJRbre7oB6zHmmDwluAQ6QuidsZC7BAjGeqUt_jdobXNTZ7MH8FfL1_mPoK-kx_lcM-wvZ_kTSrP48V_ITSaSuFBJkIlBjWKHPI2C4S6uNBPwyVcFd7nZ7-mk4b8J1-7ZlI4MKOSS8wXFn5HAy2gre8=&im=1&freq=0&nojs=0&abvar=0&febuild=1.0.187&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7430045315616768&eclog=0&sp=1&im=1&pload=314 HTTP/1.1
Host: pnuhondppw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: UID=2401040001c386460d027240c18b1e7a45e8; CHCK=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 04 Jan 2024 05:01:44 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACnaqgAAAAAAAAAB; Path=/; Expires=Sat, 03 Feb 2024 05:01:44 GMT; Secure; SameSite=None
OACIBLOCK=ACnaqgAAAABlljtQ; Path=/; Expires=Sat, 03 Feb 2024 05:01:44 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

3.124.29.117

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
3.124.29.117:443
ASN
#16509 AMAZON-02

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
ca57b09c8758ae5c89a01ada08d53ffb
efdf15cd292c8e198a9ad4c99ffcc032c5b7d503
4ca5024ba858aa2dd5b94e4e7ffca4cf96037f495a1049f1ecdec2b6f8afc117

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vermangasporno.com
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:44 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://vermangasporno.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=41e210ac-2307-4a5d-8121-ae7c01766e4a:3:1; expires=Sun, 01 Jan 2034 05:01:44 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

go.xlivrdr.com/smartpop/662caa72b7c524d066b181904a6fe35b35c20b36796cca3110a610b44239cb2f?userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&sourceId=594678&memberId=dSCqmXMhDchodN41_NmyjZva_1Y2xeIGVKJSVkPycSG6Qas7JpU169xHJLhctt5Rq5R1fd82Qcb9NZD_zWF370yNg5a4rgtjebtohGefktlBFETt_gUIDRUi&p1=4392576&ax=0&tag=-girls%2Fmobile

104.18.51.106

302 Found

0 B

URL GET HTTP/2
go.xlivrdr.com/smartpop/662caa72b7c524d066b181904a6fe35b35c20b36796cca3110a610b44239cb2f?userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&sourceId=594678&memberId=dSCqmXMhDchodN41_NmyjZva_1Y2xeIGVKJSVkPycSG6Qas7JpU169xHJLhctt5Rq5R1fd82Qcb9NZD_zWF370yNg5a4rgtjebtohGefktlBFETt_gUIDRUi&p1=4392576&ax=0&tag=-girls%2Fmobile
IP
104.18.51.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerCloudflare, Inc.
Subjectxlivrdr.com
FingerprintDA:D9:AC:E4:B1:E8:44:C4:D9:A4:0E:1B:DF:33:4B:24:74:45:7D:0E
ValidityWed, 03 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /smartpop/662caa72b7c524d066b181904a6fe35b35c20b36796cca3110a610b44239cb2f?userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&sourceId=594678&memberId=dSCqmXMhDchodN41_NmyjZva_1Y2xeIGVKJSVkPycSG6Qas7JpU169xHJLhctt5Rq5R1fd82Qcb9NZD_zWF370yNg5a4rgtjebtohGefktlBFETt_gUIDRUi&p1=4392576&ax=0&tag=-girls%2Fmobile HTTP/1.1
Host: go.xlivrdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vermangasporno.com
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 04 Jan 2024 05:01:44 GMT
content-length: 0
location: https://go.mnaspm.com/api/models/vast?action=sbSignupWithModel&ax=0&campaignId=662caa72b7c524d066b181904a6fe35b35c20b36796cca3110a610b44239cb2f&campaignType=smartpop&creativeId=0fe634b4ed7128d94852002b593185fc904d0c54974e9bbbec389730ba324b3e&duration=00%3A00%3A30&iterationId=745523&masterSmartpopId=2683&memberId=dSCqmXMhDchodN41_NmyjZva_1Y2xeIGVKJSVkPycSG6Qas7JpU169xHJLhctt5Rq5R1fd82Qcb9NZD_zWF370yNg5a4rgtjebtohGefktlBFETt_gUIDRUi&mlView=1&p1=4392576&ruleId=29&skipOffset=00%3A00%3A05&smartpopId=3588&sourceId=594678&tag=-girls%2Fmobile&usePreroll=true&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=31904
access-control-allow-origin: https://vermangasporno.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: _var=8684233.31904_MDgyMjk2MDM=; Path=/; Expires=Sat, 03 Feb 2024 05:01:44 GMT; HttpOnly; SameSite=Strict
__cflb=0H28upDCGznfDm9XVDxnWfPhahVbGaK3mmh1RgyRpfn; SameSite=None; Secure; path=/; expires=Fri, 05-Jan-24 05:01:44 GMT; HttpOnly
server: cloudflare
cf-ray: 8400ece02a6056b5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.tsyndicate.com/sdk/v1/video.instant.message.v2.css

8.254.252.210

200 OK

5.5 kB

URL GET HTTP/2
cdn.tsyndicate.com/sdk/v1/video.instant.message.v2.css
IP
8.254.252.210:443
ASN
#3356 LEVEL3

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerSectigo Limited
Subjectcdn.tsyndicate.com
FingerprintB6:87:8F:D6:E3:48:CF:61:4E:55:B9:6B:66:FC:B2:13:7F:A0:0D:BA
ValidityWed, 14 Jun 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (5506), with no line terminators
Size
5.5 kB (5506 bytes)
Hash
e3e4488f398253942394c3f34413ce5f
16cc19782a98a9eed6cc43c99cb4edf2193569be
40fb178ba50be1a76cae6e653c125280258c7ad30b027d21e347f5a28649af51

HTTP Headers

GET /sdk/v1/video.instant.message.v2.css HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:44 GMT
content-type: text/css
content-length: 5506
server: nginx
last-modified: Thu, 07 Dec 2023 10:05:17 GMT
etag: "657198dd-1582"
x-robots-tag: noindex, nofollow
age: 2400545
accept-ranges: bytes
X-Firefox-Spdy: h2

dresserderange.com/b3/d6/5f/b3d65ff4b4c61e7f7c8efc174698cf5d.js

192.243.61.225

200 OK

16 kB

URL GET HTTP/1.1
dresserderange.com/b3/d6/5f/b3d65ff4b4c61e7f7c8efc174698cf5d.js
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerLet's Encrypt
Subjectdresserderange.com
FingerprintC2:CC:C9:10:4D:CE:CC:56:8B:71:20:68:D6:C5:0A:C7:CC:A4:44:3C
ValiditySat, 30 Dec 2023 10:39:49 GMT - Fri, 29 Mar 2024 10:39:48 GMT

File type
ASCII text, with very long lines (43095), with no line terminators
Size
16 kB (15498 bytes)
Hash
d57cd4f4d54eb9135e848fb671aceadd
9f96460ca4f33447451b71e2f8dbf7395497f80b
5a039473d448351adfe7c76e47ff24ef7e6cc39c8e5e056ea66c872542e8933d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /b3/d6/5f/b3d65ff4b4c61e7f7c8efc174698cf5d.js HTTP/1.1
Host: dresserderange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 04 Jan 2024 05:01:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ed12969a0c3a87af24f6798075870ec7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

syndication.exdynsrv.com/v1/api.php

95.211.229.246

200 OK

3.0 kB

URL POST HTTP/1.1
syndication.exdynsrv.com/v1/api.php
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://a.exdynsrv.com/iframe.php?idzone=4852106&size=300x250
Certificate
IssuerLet's Encrypt
Subjectexdynsrv.com
Fingerprint72:EB:D0:8A:10:00:B3:F5:02:67:AC:DC:81:BD:A9:4E:90:31:6A:DC
ValidityMon, 18 Dec 2023 09:26:01 GMT - Sun, 17 Mar 2024 09:26:00 GMT

File type
JSON data
Size
3.0 kB (2998 bytes)
Hash
dff0dfd045eba694abf7698a736d3eba
e8ce3293ef3d445d6e084555a28be2ae733769c5
f0b12aa8ce93864d34580cfc27928356294a192d8e0b8db123d0092dd8b05ac9

HTTP Headers

POST /v1/api.php HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 313
Origin: https://a.exdynsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.exdynsrv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 04 Jan 2024 05:01:44 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.exdynsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265963bb88a4fa3.605303922914745458%22%3B%7D; expires=Sat, 03-Jan-2026 05:01:44 GMT; Max-Age=63072000; path=/; domain=exdynsrv.com; secure; SameSite=None
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

cdn.zblkqa.com/video/9f2df86265c2e2c505ecb4b958e25f0f.mp4?cb=1704344478

8.254.252.211

206 Partial Content

48 kB

URL GET HTTP/2
cdn.zblkqa.com/video/9f2df86265c2e2c505ecb4b958e25f0f.mp4?cb=1704344478
IP
8.254.252.211:443
ASN
#3356 LEVEL3

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerSectigo Limited
Subject*.zblkqa.com
Fingerprint78:E7:B2:86:25:92:88:24:6D:8D:51:1E:AC:78:AC:9C:F3:91:E1:EA
ValidityTue, 17 Oct 2023 00:00:00 GMT - Sat, 16 Nov 2024 23:59:59 GMT

File type
data
Size
48 kB (48100 bytes)
Hash
ade70ae84a7bfbf993d0ca6b591154ef
3fe30c4df411257460dea7d6d59a3fc27bbb1b2f
cd30da80ca65e9b1de5279e7ac870299bcd498f7dc9f35f5e75dced7af4b475c

HTTP Headers

GET /video/9f2df86265c2e2c505ecb4b958e25f0f.mp4?cb=1704344478 HTTP/1.1
Host: cdn.zblkqa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=2293760-
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
date: Thu, 04 Jan 2024 05:01:44 GMT
content-type: binary/octet-stream
content-length: 48100
etag: "baa90f58a1a45f8611f3662af0d21cac"
expires: Thu, 04 Jan 2024 06:01:17 GMT
last-modified: Thu, 04 Jan 2024 05:01:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-id-2: 94a460e0dcf2f60a9faaed7ce204d47323cebdcc235ebc02887411104840154e
x-amz-request-id: 17A70C46123083E1
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=28800
cf-cache-status: HIT
server: cloudflare
cf-ray: 8400ec4a68f30b81-AMS
alt-svc: h3=":443"; ma=86400
age: 24
content-range: bytes 2293760-2341859/2341860
X-Firefox-Spdy: h2

s3t3d2y8.afcdn.net/library/802444/73ed5397cc07428b47fd7ea2957cd63e869b8c35.webp

185.76.9.26

200 OK

5.5 kB

URL GET HTTP/2
s3t3d2y8.afcdn.net/library/802444/73ed5397cc07428b47fd7ea2957cd63e869b8c35.webp
IP
185.76.9.26:443
ASN
#60068 Datacamp Limited

Requested by
https://a.exdynsrv.com/iframe.php?idzone=4852106&size=300x250
Certificate
IssuerLet's Encrypt
Subjectafcdn.net
FingerprintC5:FB:4C:15:68:19:02:A7:CA:DC:53:AC:6D:AD:7E:D0:57:C2:D0:C9
ValidityMon, 18 Dec 2023 09:17:12 GMT - Sun, 17 Mar 2024 09:17:11 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp
Size
5.5 kB (5478 bytes)
Hash
d267edc571bc5435a6132fbb387e0418
73ed5397cc07428b47fd7ea2957cd63e869b8c35
8fee448d80ac0e2ffba02d925313f4a420c67cb1591c8db638f54e739d8dc5ba

HTTP Headers

GET /library/802444/73ed5397cc07428b47fd7ea2957cd63e869b8c35.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.exdynsrv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:44 GMT
content-type: image/webp
content-length: 5478
last-modified: Mon, 20 Nov 2023 12:47:45 GMT
etag: "655b5571-1566"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Tue, 19 Nov 2024 13:34:56 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: EgwBuUwJFAH3X7EdAAwBuUwKAQH32SkdAA
x-77-nzt-ray: af585630eef3607bb83b966547f6f228
x-accel-expires: @1732023296
x-accel-date: 1702398553
x-77-cache: HIT
x-77-age: 3857208
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 1911257, 1945951
x-77-pop: stockholmSE
accept-ranges: bytes
X-Firefox-Spdy: h2

syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PW2rDMBC8Si9gsS89nO9+t9DSA1jyhhpqJ6QhpLCH78qBaNAyaGdmVwQkA+AA8gJwADyI2IhhhCAUMIq9vX+YoN30Mm3Lqt+6XafltP0sm4br6WzFA9yTsSR0ay4UyaREQkiGCJYoJxCw0nuJvQnGBg6K7E5nAQCQGS2DfX2+7hcdZF76Akbudw737itRsM05KXGmMgoVTnGknFnnNpVjF9oU9D7/bb+XW2indZ+3T2KJezI8MXQ5o7B/xPyA7c/L8TKtavbUPXa1vMdTT+jk0UezpIWrZs1tqklanSu3uaYqNGvN2v4BpOUUzWoBAAA=

95.211.229.246

200 OK

20 B

URL GET HTTP/1.1
syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PW2rDMBC8Si9gsS89nO9+t9DSA1jyhhpqJ6QhpLCH78qBaNAyaGdmVwQkA+AA8gJwADyI2IhhhCAUMIq9vX+YoN30Mm3Lqt+6XafltP0sm4br6WzFA9yTsSR0ay4UyaREQkiGCJYoJxCw0nuJvQnGBg6K7E5nAQCQGS2DfX2+7hcdZF76Akbudw737itRsM05KXGmMgoVTnGknFnnNpVjF9oU9D7/bb+XW2indZ+3T2KJezI8MXQ5o7B/xPyA7c/L8TKtavbUPXa1vMdTT+jk0UezpIWrZs1tqklanSu3uaYqNGvN2v4BpOUUzWoBAAA=
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://a.exdynsrv.com/iframe.php?idzone=4852106&size=300x250
Certificate
IssuerLet's Encrypt
Subjectexdynsrv.com
Fingerprint72:EB:D0:8A:10:00:B3:F5:02:67:AC:DC:81:BD:A9:4E:90:31:6A:DC
ValidityMon, 18 Dec 2023 09:26:01 GMT - Sun, 17 Mar 2024 09:26:00 GMT

File type
gzip compressed data, max speed, from Unix
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1PW2rDMBC8Si9gsS89nO9+t9DSA1jyhhpqJ6QhpLCH78qBaNAyaGdmVwQkA+AA8gJwADyI2IhhhCAUMIq9vX+YoN30Mm3Lqt+6XafltP0sm4br6WzFA9yTsSR0ay4UyaREQkiGCJYoJxCw0nuJvQnGBg6K7E5nAQCQGS2DfX2+7hcdZF76Akbudw737itRsM05KXGmMgoVTnGknFnnNpVjF9oU9D7/bb+XW2indZ+3T2KJezI8MXQ5o7B/xPyA7c/L8TKtavbUPXa1vMdTT+jk0UezpIWrZs1tqklanSu3uaYqNGvN2v4BpOUUzWoBAAA= HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.exdynsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.exdynsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265963bb88a4fa3.605303922914745458%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 04 Jan 2024 05:01:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.exdynsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22110.0199%22%7D; expires=Sat, 03 Jan 2026 05:01:44 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

vermangasporno.com/wp-content/uploads/favicon-1.png

172.67.70.224

200 OK

2.8 kB

URL GET HTTP/2
vermangasporno.com/wp-content/uploads/favicon-1.png
IP
172.67.70.224:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB9:B8:F0:F3:8C:32:3E:2D:86:56:B2:8C:B3:8F:FC:60:5E:AF:30:2D
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced
Size
2.8 kB (2784 bytes)
Hash
09779410e018602e7a0932aa63c815ca
1b222de62833ad6e63ff682cfa56c27d7cc8e1af
afec681e8a3092401cae25689d1eab0215c0e11d4005549baf230125a6b4d9c7

HTTP Headers

GET /wp-content/uploads/favicon-1.png HTTP/1.1
Host: vermangasporno.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vermangasporno.com/doujin
DNT: 1
Connection: keep-alive
Cookie: _ga_ZQ19DG6V6C=GS1.1.1704344499.1.0.1704344499.0.0.0; _ga=GA1.1.647554906.1704344500; bnState_1893204={"impressions":1,"delayStarted":0}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=41e210ac-2307-4a5d-8121-ae7c01766e4a%3A3%3A1; ppu_main_cd8e952e8a084be067421bba0e22d429=1; ppu_idelay_cd8e952e8a084be067421bba0e22d429=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:44 GMT
content-type: image/png
content-length: 2784
cache-control: public, max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origSize=2815, status=vary_header_present
etag: "aff-622f2404-0;;;"
expires: Thu, 19 Dec 2024 22:49:47 GMT
last-modified: Mon, 14 Mar 2022 11:16:20 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 1231917
accept-ranges: bytes
server: cloudflare
cf-ray: 8400ece2fd965685-OSL
X-Firefox-Spdy: h2

vermangasporno.com/wp-content/plugins/wpfront-scroll-top/images/icons/18.png

172.67.70.224

200 OK

919 B

URL GET HTTP/2
vermangasporno.com/wp-content/plugins/wpfront-scroll-top/images/icons/18.png
IP
172.67.70.224:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB9:B8:F0:F3:8C:32:3E:2D:86:56:B2:8C:B3:8F:FC:60:5E:AF:30:2D
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced
Size
919 B (919 bytes)
Hash
906740ce73d05153cfb5d3f884a4e260
fcc69af04f9ab6df35b529b2998c87dd4138236e
68f69133b20a810a34ecbfebf23ec86eb5593295bdb14f4cf9bca2aa7df8751d

HTTP Headers

GET /wp-content/plugins/wpfront-scroll-top/images/icons/18.png HTTP/1.1
Host: vermangasporno.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vermangasporno.com/doujin
DNT: 1
Connection: keep-alive
Cookie: _ga_ZQ19DG6V6C=GS1.1.1704344499.1.0.1704344499.0.0.0; _ga=GA1.1.647554906.1704344500; bnState_1893204={"impressions":1,"delayStarted":0}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=41e210ac-2307-4a5d-8121-ae7c01766e4a%3A3%3A1; ppu_main_cd8e952e8a084be067421bba0e22d429=1; ppu_idelay_cd8e952e8a084be067421bba0e22d429=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:45 GMT
content-type: image/png
content-length: 919
cache-control: public, max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "397-6524527d-0;;;"
expires: Thu, 12 Dec 2024 22:32:54 GMT
last-modified: Mon, 09 Oct 2023 19:20:29 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 1837731
accept-ranges: bytes
server: cloudflare
cf-ray: 8400ece4ae345685-OSL
X-Firefox-Spdy: h2

vermangasporno.com/wp-content/uploads/logovmp-1.png

172.67.70.224

200 OK

90 kB

URL GET HTTP/2
vermangasporno.com/wp-content/uploads/logovmp-1.png
IP
172.67.70.224:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB9:B8:F0:F3:8C:32:3E:2D:86:56:B2:8C:B3:8F:FC:60:5E:AF:30:2D
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
PNG image data, 620 x 142, 8-bit/color RGBA, non-interlaced
Size
90 kB (89706 bytes)
Hash
f7a03f61c01e6fcb80d44a1005aa8818
b9eee0380c1cc81feec54ee0231112dfa8742bad
1af1dc2ad2247558764dd868dcebab5f17741d4cc17c3ff2674ad54702dec8b2

HTTP Headers

GET /wp-content/uploads/logovmp-1.png HTTP/1.1
Host: vermangasporno.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vermangasporno.com/doujin
DNT: 1
Connection: keep-alive
Cookie: _ga_ZQ19DG6V6C=GS1.1.1704344499.1.0.1704344499.0.0.0; _ga=GA1.1.647554906.1704344500; bnState_1893204={"impressions":1,"delayStarted":0}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=41e210ac-2307-4a5d-8121-ae7c01766e4a%3A3%3A1; ppu_main_cd8e952e8a084be067421bba0e22d429=1; ppu_idelay_cd8e952e8a084be067421bba0e22d429=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:45 GMT
content-type: image/png
content-length: 89706
cache-control: public, max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origSize=93019, status=vary_header_present
etag: "16b5b-622f2773-0;;;"
expires: Thu, 19 Dec 2024 22:50:27 GMT
last-modified: Mon, 14 Mar 2022 11:30:59 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 1231877
accept-ranges: bytes
server: cloudflare
cf-ray: 8400ece4de495685-OSL
X-Firefox-Spdy: h2

lcdn.tsyndicate.com/sdk/v1/b.b.js

8.247.219.121

200 OK

2.6 kB

URL GET HTTP/2
lcdn.tsyndicate.com/sdk/v1/b.b.js
IP
8.247.219.121:443
ASN
#3356 LEVEL3

Requested by
https://tsyndicate.com/iframes2/620e3e3e56404bdd971e087fa902d30e.html?
Certificate
IssuerSectigo Limited
Subjectlcdn.tsyndicate.com
FingerprintAA:DB:E6:65:05:5A:83:46:D1:77:83:25:84:3D:B2:B5:F5:99:97:00
ValidityWed, 08 Mar 2023 00:00:00 GMT - Sun, 07 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2590)
Size
2.6 kB (2640 bytes)
Hash
b0a8eae036a72f605538b002e33f7023
5916ea9eeb0b676d6f44637601c40d0dc69542d1
7b9affd37cf01ac1a4c5f4a4ccb1936f0412ff771fb24e36a55682d2bf0ac554

HTTP Headers

GET /sdk/v1/b.b.js HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=6d15e0ec-23ad-4c1a-9ec1-8655c86a4829
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:45 GMT
content-type: application/javascript
content-length: 2640
server: nginx
last-modified: Tue, 25 Jul 2023 12:28:26 GMT
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
etag: W/"64bfbfea-1f37"
content-encoding: gzip
age: 13333093
accept-ranges: bytes
X-Firefox-Spdy: h2

lcdn.tsyndicate.com/sdk/v1/b.b.js

8.247.219.121

200 OK

2.6 kB

URL GET HTTP/2
lcdn.tsyndicate.com/sdk/v1/b.b.js
IP
8.247.219.121:443
ASN
#3356 LEVEL3

Requested by
https://tsyndicate.com/iframes2/620e3e3e56404bdd971e087fa902d30e.html?
Certificate
IssuerSectigo Limited
Subjectlcdn.tsyndicate.com
FingerprintAA:DB:E6:65:05:5A:83:46:D1:77:83:25:84:3D:B2:B5:F5:99:97:00
ValidityWed, 08 Mar 2023 00:00:00 GMT - Sun, 07 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2590)
Size
2.6 kB (2640 bytes)
Hash
b0a8eae036a72f605538b002e33f7023
5916ea9eeb0b676d6f44637601c40d0dc69542d1
7b9affd37cf01ac1a4c5f4a4ccb1936f0412ff771fb24e36a55682d2bf0ac554

HTTP Headers

GET /sdk/v1/b.b.js HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=6d15e0ec-23ad-4c1a-9ec1-8655c86a4829
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:45 GMT
content-type: application/javascript
content-length: 2640
server: nginx
last-modified: Tue, 25 Jul 2023 12:28:26 GMT
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
etag: W/"64bfbfea-1f37"
content-encoding: gzip
age: 13333093
accept-ranges: bytes
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=41e210ac-2307-4a5d-8121-ae7c01766e4a&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=cd8e952e8a084be067421bba0e22d429&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=5

173.233.137.44

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=41e210ac-2307-4a5d-8121-ae7c01766e4a&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=cd8e952e8a084be067421bba0e22d429&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=5
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint79:45:7F:58:D5:82:45:0A:7D:1E:FF:7A:98:05:26:E9:D6:FE:91:14
ValidityWed, 22 Nov 2023 07:56:28 GMT - Tue, 20 Feb 2024 07:56:27 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=41e210ac-2307-4a5d-8121-ae7c01766e4a&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=cd8e952e8a084be067421bba0e22d429&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=5 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 04 Jan 2024 05:01:45 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 25108912b0a42e9bcdfc44000b3816ee
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=41e210ac-2307-4a5d-8121-ae7c01766e4a&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=b3d65ff4b4c61e7f7c8efc174698cf5d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=5

173.233.137.44

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=41e210ac-2307-4a5d-8121-ae7c01766e4a&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=b3d65ff4b4c61e7f7c8efc174698cf5d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=5
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint79:45:7F:58:D5:82:45:0A:7D:1E:FF:7A:98:05:26:E9:D6:FE:91:14
ValidityWed, 22 Nov 2023 07:56:28 GMT - Tue, 20 Feb 2024 07:56:27 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=41e210ac-2307-4a5d-8121-ae7c01766e4a&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=b3d65ff4b4c61e7f7c8efc174698cf5d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=5 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 04 Jan 2024 05:01:45 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: af9c89c017321a010e517d2ad7b22b31
Strict-Transport-Security: max-age=0; includeSubdomains

pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WIkWEjxw0ZOWK0uGFDjJgWNMLQwNECx5gxImfggCEGBxkYBWXcFPFwDJs0FGPYqAixzpiMZWTIiEFSzI0WM2rgoIEyhscWOXDECNNCpY0bG82IMUMmBxmeGtOc1SGixgwbMFaiNWiHIowabnE8hFNHzMKlDWU8DAMHDkUabm08nANnoo4ZN27IlDqYjBmKD9u4wcjwBg4ZNPZq5nwjRsMZD-vEyIiGDh04c3S8eEFnjgs6csKYOVOGjosxb9q8MEjGBRw0cH7MmdMjBuK3aMkEz2gHYZswm8MwfiPHzZvf03uGcbxFaJe9co7qwFGmBQy9IsbAafMFTvqFNVzYaH_3oRw7hj0Gw0NlyNfGQuy555AIddQBFFs2kNFQGTiN0YIMMxiEEkxc5VCgSDjYgNcYIar0WQ5opRGgCCG5kAMMLtAggwsN0YCWHF-omFGLL8Y4Y41o1RFGRk28oUcabLARxgv5wQACClek4YZ0d8wBghNUgBADjDDsAEKUbthAg5d4iOnlfwzd5QIMKYBwRIFrvPGCDDBsWWedIBiRhhxlmPEGHi9s2SRaL2XkxBNocfdFoWwdihYb6olQhBPRlWHHF3yyQVENkeHw1kwDiiDHGW78JdUNDx10qRhyIAifql-08cZaMoRIFBlyvLEQaiK8oZAOoYlg35954Odfn6y5BptsL1Qnx3XZbdfdd8AJh9Yc_2WUKx3jcddCHW6kQQdUN7hABkwyJIptXTrIcENeNnAUA6_nZnTQF-fGkK5FB3YW1ww0INafCHS0ka6_NAAssFtRVYZpGYx9MR5FN_wbcA0DWyoxGwjVttAWAJ8HkRiOiXCQGWHUwcZEe0G6UKhjcAZDHwoEBA%3D%3D&s=8cd669855c5776781084c16d15711559a54a79987c1b461b84a93d67aea9adf31704344505&w=t&r=1&d=8&priv=true

144.76.168.81

200 OK

24 B

URL GET HTTP/2
pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WIkWEjxw0ZOWK0uGFDjJgWNMLQwNECx5gxImfggCEGBxkYBWXcFPFwDJs0FGPYqAixzpiMZWTIiEFSzI0WM2rgoIEyhscWOXDECNNCpY0bG82IMUMmBxmeGtOc1SGixgwbMFaiNWiHIowabnE8hFNHzMKlDWU8DAMHDkUabm08nANnoo4ZN27IlDqYjBmKD9u4wcjwBg4ZNPZq5nwjRsMZD-vEyIiGDh04c3S8eEFnjgs6csKYOVOGjosxb9q8MEjGBRw0cH7MmdMjBuK3aMkEz2gHYZswm8MwfiPHzZvf03uGcbxFaJe9co7qwFGmBQy9IsbAafMFTvqFNVzYaH_3oRw7hj0Gw0NlyNfGQuy555AIddQBFFs2kNFQGTiN0YIMMxiEEkxc5VCgSDjYgNcYIar0WQ5opRGgCCG5kAMMLtAggwsN0YCWHF-omFGLL8Y4Y41o1RFGRk28oUcabLARxgv5wQACClek4YZ0d8wBghNUgBADjDDsAEKUbthAg5d4iOnlfwzd5QIMKYBwRIFrvPGCDDBsWWedIBiRhhxlmPEGHi9s2SRaL2XkxBNocfdFoWwdihYb6olQhBPRlWHHF3yyQVENkeHw1kwDiiDHGW78JdUNDx10qRhyIAifql-08cZaMoRIFBlyvLEQaiK8oZAOoYlg35954Odfn6y5BptsL1Qnx3XZbdfdd8AJh9Yc_2WUKx3jcddCHW6kQQdUN7hABkwyJIptXTrIcENeNnAUA6_nZnTQF-fGkK5FB3YW1ww0INafCHS0ka6_NAAssFtRVYZpGYx9MR5FN_wbcA0DWyoxGwjVttAWAJ8HkRiOiXCQGWHUwcZEe0G6UKhjcAZDHwoEBA%3D%3D&s=8cd669855c5776781084c16d15711559a54a79987c1b461b84a93d67aea9adf31704344505&w=t&r=1&d=8&priv=true
IP
144.76.168.81:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://tsyndicate.com/iframes2/620e3e3e56404bdd971e087fa902d30e.html?
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
FingerprintAD:E6:BB:56:46:8C:1B:80:8A:92:2D:48:DE:3C:A2:99:26:30:33:80
ValidityTue, 12 Dec 2023 09:06:52 GMT - Mon, 11 Mar 2024 09:06:51 GMT

File type
ASCII text, with no line terminators
Size
24 B (24 bytes)
Hash
0959ba36d476b6dc1994ba3c678b07c4
d30b94da72daa02766965206a85b7e0356375f5e
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a

HTTP Headers

GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WIkWEjxw0ZOWK0uGFDjJgWNMLQwNECx5gxImfggCEGBxkYBWXcFPFwDJs0FGPYqAixzpiMZWTIiEFSzI0WM2rgoIEyhscWOXDECNNCpY0bG82IMUMmBxmeGtOc1SGixgwbMFaiNWiHIowabnE8hFNHzMKlDWU8DAMHDkUabm08nANnoo4ZN27IlDqYjBmKD9u4wcjwBg4ZNPZq5nwjRsMZD-vEyIiGDh04c3S8eEFnjgs6csKYOVOGjosxb9q8MEjGBRw0cH7MmdMjBuK3aMkEz2gHYZswm8MwfiPHzZvf03uGcbxFaJe9co7qwFGmBQy9IsbAafMFTvqFNVzYaH_3oRw7hj0Gw0NlyNfGQuy555AIddQBFFs2kNFQGTiN0YIMMxiEEkxc5VCgSDjYgNcYIar0WQ5opRGgCCG5kAMMLtAggwsN0YCWHF-omFGLL8Y4Y41o1RFGRk28oUcabLARxgv5wQACClek4YZ0d8wBghNUgBADjDDsAEKUbthAg5d4iOnlfwzd5QIMKYBwRIFrvPGCDDBsWWedIBiRhhxlmPEGHi9s2SRaL2XkxBNocfdFoWwdihYb6olQhBPRlWHHF3yyQVENkeHw1kwDiiDHGW78JdUNDx10qRhyIAifql-08cZaMoRIFBlyvLEQaiK8oZAOoYlg35954Odfn6y5BptsL1Qnx3XZbdfdd8AJh9Yc_2WUKx3jcddCHW6kQQdUN7hABkwyJIptXTrIcENeNnAUA6_nZnTQF-fGkK5FB3YW1ww0INafCHS0ka6_NAAssFtRVYZpGYx9MR5FN_wbcA0DWyoxGwjVttAWAJ8HkRiOiXCQGWHUwcZEe0G6UKhjcAZDHwoEBA%3D%3D&s=8cd669855c5776781084c16d15711559a54a79987c1b461b84a93d67aea9adf31704344505&w=t&r=1&d=8&priv=true HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=6d15e0ec-23ad-4c1a-9ec1-8655c86a4829
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 04 Jan 2024 05:01:46 GMT
content-type: text/plain; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2

pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XQkFGmRowbMMy0uDFGzJgWNA7OaCFGxpgaLMfMsHHDxhgbNMKEySHi4Rg2aSjGsFERYp0xGcvgiCGmTI6GLWbcyCEyJQ6ROMjgbFFjjNcaYWLgKCMDBtKHYtKQyVhjJgwaOHpCJGOHIowabXE8hFNHzEIZMRrKeBgGDhyKNNraeDgHzkQdUnHkwHFjBmEyZv7eeNjGDUaGN3DIoLG38-cbgds-rBMjIxo6dODM0fHiBZ05LujICWPmTBk6Lsa8afPCIBkXcNDA-TFnTo8YiWfKJTM8ox2EbcJ4DtP4jRw3b4JX9xnm8ZahXfbKQapjbAsYekWMgdPmC5z1C2u4sFHmvUMRcthxGGQwPFTGfG0s5N5dq9URlA4i3GDGRjiYFEYLB85wIQ1miIFDC5KVsdKBOeBkBhkymHHVWSKkMaAIT7mQAwwubORCQzTIJccXLmYU44w1ynBjDTmuFkZGTbyhRxpssBHGC_rBAAIKV6ThBnV3zAGCE1SAEAONMOwAQpVu4CQmHmaCECBDd7kAQwogHHHgGm-8UNaXMHwZAwhGpCFHGWa8gccLX0Ypl1cZOfGEXN59gSiEisrFBnsiFOHEdGXY8cWfbFBUww2hzYQDDAUCeIYbf9VA2UMHaSqGHArG1-oXbbyxlg4y4EAUq3K8sZBlIryhkA6kiXCfoHnk99CfmUH4Wmyz1XadHNlt19134QlHnFxzBJhRr3SU510LdbiRBh0txJCDC2SMEYMMjHZbF0M2yGADXoEtJkK7GR30RbvvykVHgqC9NQMNiTEowsDwFkzDwQm3NUOpBm1aRmNflEcRSA8jXIPCmWbMBkK3LbTFwelBJMZj-wIaRh1sTLTXpAuVOsZnMPShQEA%3D&s=37ff102de8f54b2b99804e417abd152da4c1890ec1bd52d04edad5e1796b89981704344505&w=t&r=1&d=5&priv=true

144.76.168.81

200 OK

24 B

URL GET HTTP/2
pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XQkFGmRowbMMy0uDFGzJgWNA7OaCFGxpgaLMfMsHHDxhgbNMKEySHi4Rg2aSjGsFERYp0xGcvgiCGmTI6GLWbcyCEyJQ6ROMjgbFFjjNcaYWLgKCMDBtKHYtKQyVhjJgwaOHpCJGOHIowabXE8hFNHzEIZMRrKeBgGDhyKNNraeDgHzkQdUnHkwHFjBmEyZv7eeNjGDUaGN3DIoLG38-cbgds-rBMjIxo6dODM0fHiBZ05LujICWPmTBk6Lsa8afPCIBkXcNDA-TFnTo8YiWfKJTM8ox2EbcJ4DtP4jRw3b4JX9xnm8ZahXfbKQapjbAsYekWMgdPmC5z1C2u4sFHmvUMRcthxGGQwPFTGfG0s5N5dq9URlA4i3GDGRjiYFEYLB85wIQ1miIFDC5KVsdKBOeBkBhkymHHVWSKkMaAIT7mQAwwubORCQzTIJccXLmYU44w1ynBjDTmuFkZGTbyhRxpssBHGC_rBAAIKV6ThBnV3zAGCE1SAEAONMOwAQpVu4CQmHmaCECBDd7kAQwogHHHgGm-8UNaXMHwZAwhGpCFHGWa8gccLX0Ypl1cZOfGEXN59gSiEisrFBnsiFOHEdGXY8cWfbFBUww2hzYQDDAUCeIYbf9VA2UMHaSqGHArG1-oXbbyxlg4y4EAUq3K8sZBlIryhkA6kiXCfoHnk99CfmUH4Wmyz1XadHNlt19134QlHnFxzBJhRr3SU510LdbiRBh0txJCDC2SMEYMMjHZbF0M2yGADXoEtJkK7GR30RbvvykVHgqC9NQMNiTEowsDwFkzDwQm3NUOpBm1aRmNflEcRSA8jXIPCmWbMBkK3LbTFwelBJMZj-wIaRh1sTLTXpAuVOsZnMPShQEA%3D&s=37ff102de8f54b2b99804e417abd152da4c1890ec1bd52d04edad5e1796b89981704344505&w=t&r=1&d=5&priv=true
IP
144.76.168.81:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://tsyndicate.com/iframes2/0724f82a85b44e8a920ba34f5731a62b.html?
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
FingerprintAD:E6:BB:56:46:8C:1B:80:8A:92:2D:48:DE:3C:A2:99:26:30:33:80
ValidityTue, 12 Dec 2023 09:06:52 GMT - Mon, 11 Mar 2024 09:06:51 GMT

File type
ASCII text, with no line terminators
Size
24 B (24 bytes)
Hash
0959ba36d476b6dc1994ba3c678b07c4
d30b94da72daa02766965206a85b7e0356375f5e
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a

HTTP Headers

GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XQkFGmRowbMMy0uDFGzJgWNA7OaCFGxpgaLMfMsHHDxhgbNMKEySHi4Rg2aSjGsFERYp0xGcvgiCGmTI6GLWbcyCEyJQ6ROMjgbFFjjNcaYWLgKCMDBtKHYtKQyVhjJgwaOHpCJGOHIowabXE8hFNHzEIZMRrKeBgGDhyKNNraeDgHzkQdUnHkwHFjBmEyZv7eeNjGDUaGN3DIoLG38-cbgds-rBMjIxo6dODM0fHiBZ05LujICWPmTBk6Lsa8afPCIBkXcNDA-TFnTo8YiWfKJTM8ox2EbcJ4DtP4jRw3b4JX9xnm8ZahXfbKQapjbAsYekWMgdPmC5z1C2u4sFHmvUMRcthxGGQwPFTGfG0s5N5dq9URlA4i3GDGRjiYFEYLB85wIQ1miIFDC5KVsdKBOeBkBhkymHHVWSKkMaAIT7mQAwwubORCQzTIJccXLmYU44w1ynBjDTmuFkZGTbyhRxpssBHGC_rBAAIKV6ThBnV3zAGCE1SAEAONMOwAQpVu4CQmHmaCECBDd7kAQwogHHHgGm-8UNaXMHwZAwhGpCFHGWa8gccLX0Ypl1cZOfGEXN59gSiEisrFBnsiFOHEdGXY8cWfbFBUww2hzYQDDAUCeIYbf9VA2UMHaSqGHArG1-oXbbyxlg4y4EAUq3K8sZBlIryhkA6kiXCfoHnk99CfmUH4Wmyz1XadHNlt19134QlHnFxzBJhRr3SU510LdbiRBh0txJCDC2SMEYMMjHZbF0M2yGADXoEtJkK7GR30RbvvykVHgqC9NQMNiTEowsDwFkzDwQm3NUOpBm1aRmNflEcRSA8jXIPCmWbMBkK3LbTFwelBJMZj-wIaRh1sTLTXpAuVOsZnMPShQEA%3D&s=37ff102de8f54b2b99804e417abd152da4c1890ec1bd52d04edad5e1796b89981704344505&w=t&r=1&d=5&priv=true HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=6d15e0ec-23ad-4c1a-9ec1-8655c86a4829
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 04 Jan 2024 05:01:46 GMT
content-type: text/plain; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2

s.magsrv.com/v1/api.php

95.211.229.248

200 OK

3.1 kB

URL POST HTTP/1.1
s.magsrv.com/v1/api.php
IP
95.211.229.248:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://a.magsrv.com/iframe.php?idzone=4890454&size=300x250&sub=14536
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint4E:97:9F:D0:ED:5A:03:38:1F:9B:74:4B:85:3B:32:B8:BD:23:94:9C
ValidityMon, 18 Dec 2023 09:28:29 GMT - Sun, 17 Mar 2024 09:28:28 GMT

File type
JSON data
Size
3.1 kB (3086 bytes)
Hash
d2b5cf7975068219e6c6a9edca2dae0e
1f3488eb9adeb6dd9be5f0f9c533983ab56412be
85de66ba2537bf8a4952ac0a5dd5eee643fae4700ebfc00ef170907c5f913677

HTTP Headers

POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 333
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 04 Jan 2024 05:01:46 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265963bba572167.776173624178936464%22%3B%7D; expires=Sat, 03-Jan-2026 05:01:46 GMT; Max-Age=63072000; path=/; domain=magsrv.com; secure; SameSite=None
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

s.magsrv.com/v1/api.php

95.211.229.248

200 OK

3.1 kB

URL POST HTTP/1.1
s.magsrv.com/v1/api.php
IP
95.211.229.248:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://a.magsrv.com/iframe.php?idzone=4890454&size=300x250&sub=14536
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint4E:97:9F:D0:ED:5A:03:38:1F:9B:74:4B:85:3B:32:B8:BD:23:94:9C
ValidityMon, 18 Dec 2023 09:28:29 GMT - Sun, 17 Mar 2024 09:28:28 GMT

File type
JSON data
Size
3.1 kB (3081 bytes)
Hash
68adae520918efeb056ea621f425cfe2
d2904f2b68cbc8900c994760b654f5f83a14264a
72258f9ab7f22701f254d259faf8c9852530e6f24ee5f60d3fc9fc4536ed198a

HTTP Headers

POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 333
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 04 Jan 2024 05:01:46 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265963bba5a1197.128507602507902877%22%3B%7D; expires=Sat, 03-Jan-2026 05:01:46 GMT; Max-Age=63072000; path=/; domain=magsrv.com; secure; SameSite=None
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

s3t3d2y8.afcdn.net/library/808084/501152c4bf674f93bac36fd5dad6c9254bdb59b8.webp

185.76.9.26

200 OK

10 kB

URL GET HTTP/2
s3t3d2y8.afcdn.net/library/808084/501152c4bf674f93bac36fd5dad6c9254bdb59b8.webp
IP
185.76.9.26:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=4890454&size=300x250&sub=14536
Certificate
IssuerLet's Encrypt
Subjectafcdn.net
FingerprintC5:FB:4C:15:68:19:02:A7:CA:DC:53:AC:6D:AD:7E:D0:57:C2:D0:C9
ValidityMon, 18 Dec 2023 09:17:12 GMT - Sun, 17 Mar 2024 09:17:11 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp
Size
10 kB (10036 bytes)
Hash
1394c06ee740c58acfe85db0db9c65b3
501152c4bf674f93bac36fd5dad6c9254bdb59b8
8850b87ed4fd07ef030d91a88b3d03db4946c87288070d92df707ca0409e4dfd

HTTP Headers

GET /library/808084/501152c4bf674f93bac36fd5dad6c9254bdb59b8.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:46 GMT
content-type: image/webp
content-length: 10036
last-modified: Sat, 30 Dec 2023 15:05:03 GMT
etag: "6590319f-2734"
accept-ch: 
expires: Mon, 30 Dec 2024 10:08:49 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: EwwBuUwJFAH38PwEAAwBuUwKCQH31QAAAAwBJRPCNAH3RAAAAA
x-77-nzt-ray: af585630eef3607bba3b966527be091a
x-accel-expires: @1735553329
x-accel-date: 1704017610
x-77-cache: HIT
x-77-age: 327177
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 213, 326896
x-77-pop: stockholmSE
accept-ranges: bytes
X-Firefox-Spdy: h2

s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PW07EMAy8ChdoNLGd137zDRKIAyRNi1aiu6suQiD58Dj92IwcP+IZOwSSCX6CPAEn+JNELd4VOCHng+jL65uK136+377qn7velsv+3aZWL5dld/N10wyDaGZBgpbMxFDJBWL0gKyRETKRFgQSC1WgrDBQYBH1EjhaZuyP9+fDvIHUrjFeCUcBv4OzttBbr8saK1qKOXDKaViTMsvSRqNWt9XP+/5zLGjKxQ8NickcHNh+OQbggWmw2AuTLWQHepTP6163RfXRZ6/DpWMKDYURqAZTl5FoyLXPSwGjr9EH6qmUwiuQVvIo7R+3SmEacgEAAA==

95.211.229.248

200 OK

20 B

URL GET HTTP/1.1
s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PW07EMAy8ChdoNLGd137zDRKIAyRNi1aiu6suQiD58Dj92IwcP+IZOwSSCX6CPAEn+JNELd4VOCHng+jL65uK136+377qn7velsv+3aZWL5dld/N10wyDaGZBgpbMxFDJBWL0gKyRETKRFgQSC1WgrDBQYBH1EjhaZuyP9+fDvIHUrjFeCUcBv4OzttBbr8saK1qKOXDKaViTMsvSRqNWt9XP+/5zLGjKxQ8NickcHNh+OQbggWmw2AuTLWQHepTP6163RfXRZ6/DpWMKDYURqAZTl5FoyLXPSwGjr9EH6qmUwiuQVvIo7R+3SmEacgEAAA==
IP
95.211.229.248:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://a.magsrv.com/iframe.php?idzone=4890454&size=300x250&sub=14536
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint4E:97:9F:D0:ED:5A:03:38:1F:9B:74:4B:85:3B:32:B8:BD:23:94:9C
ValidityMon, 18 Dec 2023 09:28:29 GMT - Sun, 17 Mar 2024 09:28:28 GMT

File type
gzip compressed data, max speed, from Unix
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1PW07EMAy8ChdoNLGd137zDRKIAyRNi1aiu6suQiD58Dj92IwcP+IZOwSSCX6CPAEn+JNELd4VOCHng+jL65uK136+377qn7velsv+3aZWL5dld/N10wyDaGZBgpbMxFDJBWL0gKyRETKRFgQSC1WgrDBQYBH1EjhaZuyP9+fDvIHUrjFeCUcBv4OzttBbr8saK1qKOXDKaViTMsvSRqNWt9XP+/5zLGjKxQ8NickcHNh+OQbggWmw2AuTLWQHepTP6163RfXRZ6/DpWMKDYURqAZTl5FoyLXPSwGjr9EH6qmUwiuQVvIo7R+3SmEacgEAAA== HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265963bba5a1197.128507602507902877%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 04 Jan 2024 05:01:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Sat, 03 Jan 2026 05:01:46 GMT; path=/; domain=.magsrv.com; Secure; SameSite=none
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

s3t3d2y8.afcdn.net/library/808084/501152c4bf674f93bac36fd5dad6c9254bdb59b8.webp

185.76.9.26

200 OK

10 kB

URL GET HTTP/2
s3t3d2y8.afcdn.net/library/808084/501152c4bf674f93bac36fd5dad6c9254bdb59b8.webp
IP
185.76.9.26:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=4890454&size=300x250&sub=14536
Certificate
IssuerLet's Encrypt
Subjectafcdn.net
FingerprintC5:FB:4C:15:68:19:02:A7:CA:DC:53:AC:6D:AD:7E:D0:57:C2:D0:C9
ValidityMon, 18 Dec 2023 09:17:12 GMT - Sun, 17 Mar 2024 09:17:11 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp
Size
10 kB (10036 bytes)
Hash
1394c06ee740c58acfe85db0db9c65b3
501152c4bf674f93bac36fd5dad6c9254bdb59b8
8850b87ed4fd07ef030d91a88b3d03db4946c87288070d92df707ca0409e4dfd

HTTP Headers

GET /library/808084/501152c4bf674f93bac36fd5dad6c9254bdb59b8.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:46 GMT
content-type: image/webp
content-length: 10036
last-modified: Sat, 30 Dec 2023 15:05:03 GMT
etag: "6590319f-2734"
accept-ch: 
expires: Mon, 30 Dec 2024 10:08:49 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: EwwBuUwJFAH38PwEAAwBuUwKCQH31QAAAAwBJRPCNAH3RAAAAA
x-77-nzt-ray: af585630eef3607bba3b966540c62d1c
x-accel-expires: @1735553329
x-accel-date: 1704017610
x-77-cache: HIT
x-77-age: 327177
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 213, 326896
x-77-pop: stockholmSE
accept-ranges: bytes
X-Firefox-Spdy: h2

s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1OW07EMAy8ChdoNLGd137zDRKIAyRtilaiu6suQiD58Dj92IwcP2dsAskEP0GegBP8SaIW7wqckPNB9OX1TcXrcr7fvuqfu976Zf9uU6uXS9/dfN00wyCaWZCgJTMxVHKBGD0ga2SETKQFgcRCFSgrDBRYRL0EjpYZ++P9+TBvILVvrFfCUcDv4KwtLG2pfY0VLcUcOOU0rEmZpbcxqNVt9fO+/xwHmnLxQ0NiMgcHToc+HpgGib0w2T32oEf5vO5166qPOesOl44lNBRGoBpMXEai2TPXldIclzVw7z2Cg+cllWLOr//eeLVKcQEAAA==

95.211.229.248

200 OK

20 B

URL GET HTTP/1.1
s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1OW07EMAy8ChdoNLGd137zDRKIAyRtilaiu6suQiD58Dj92IwcP2dsAskEP0GegBP8SaIW7wqckPNB9OX1TcXrcr7fvuqfu976Zf9uU6uXS9/dfN00wyCaWZCgJTMxVHKBGD0ga2SETKQFgcRCFSgrDBRYRL0EjpYZ++P9+TBvILVvrFfCUcDv4KwtLG2pfY0VLcUcOOU0rEmZpbcxqNVt9fO+/xwHmnLxQ0NiMgcHToc+HpgGib0w2T32oEf5vO5166qPOesOl44lNBRGoBpMXEai2TPXldIclzVw7z2Cg+cllWLOr//eeLVKcQEAAA==
IP
95.211.229.248:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://a.magsrv.com/iframe.php?idzone=4890454&size=300x250&sub=14536
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint4E:97:9F:D0:ED:5A:03:38:1F:9B:74:4B:85:3B:32:B8:BD:23:94:9C
ValidityMon, 18 Dec 2023 09:28:29 GMT - Sun, 17 Mar 2024 09:28:28 GMT

File type
gzip compressed data, max speed, from Unix
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1OW07EMAy8ChdoNLGd137zDRKIAyRtilaiu6suQiD58Dj92IwcP2dsAskEP0GegBP8SaIW7wqckPNB9OX1TcXrcr7fvuqfu976Zf9uU6uXS9/dfN00wyCaWZCgJTMxVHKBGD0ga2SETKQFgcRCFSgrDBRYRL0EjpYZ++P9+TBvILVvrFfCUcDv4KwtLG2pfY0VLcUcOOU0rEmZpbcxqNVt9fO+/xwHmnLxQ0NiMgcHToc+HpgGib0w2T32oEf5vO5166qPOesOl44lNBRGoBpMXEai2TPXldIclzVw7z2Cg+cllWLOr//eeLVKcQEAAA== HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265963bba5a1197.128507602507902877%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 04 Jan 2024 05:01:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.029701%22%7D; expires=Sat, 03 Jan 2026 05:01:46 GMT; path=/; domain=.magsrv.com; Secure; SameSite=none
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

vermangasporno.com/wp-content/themes/BlackNight24/js/ResizeSensor.js

172.67.70.224

200 OK

3.3 kB

URL GET HTTP/2
vermangasporno.com/wp-content/themes/BlackNight24/js/ResizeSensor.js
IP
172.67.70.224:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB9:B8:F0:F3:8C:32:3E:2D:86:56:B2:8C:B3:8F:FC:60:5E:AF:30:2D
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3293), with no line terminators
Size
3.3 kB (3268 bytes)
Hash
ad5416c22b483a981937b66c1a4f70d3
7e108c2c814e135ef21946942ba2eac582d9f744
afbe4a61407a738a881025aedbec50cdf34c6dedb5686744f4b627e04ef33433

HTTP Headers

GET /wp-content/themes/BlackNight24/js/ResizeSensor.js HTTP/1.1
Host: vermangasporno.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vermangasporno.com/doujin
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:43 GMT
content-type: application/x-javascript
cache-control: public, max-age=31536000
expires: Sat, 28 Dec 2024 07:36:35 GMT
last-modified: Mon, 14 Mar 2022 11:07:42 GMT
etag: W/"cc4-622f21fe-0;gz"
vary: Accept-Encoding,User-Agent
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 509108
server: cloudflare
cf-ray: 8400ecd84daa5685-OSL
content-encoding: br
X-Firefox-Spdy: h2

vermangasporno.com/wp-content/themes/BlackNight24/css/main.css

172.67.70.224

200 OK

27 kB

URL GET HTTP/2
vermangasporno.com/wp-content/themes/BlackNight24/css/main.css
IP
172.67.70.224:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB9:B8:F0:F3:8C:32:3E:2D:86:56:B2:8C:B3:8F:FC:60:5E:AF:30:2D
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (27239), with no line terminators
Size
27 kB (27239 bytes)
Hash
779865e22465dcba28f50d2261d031e0
b7359e8a5aa4844b26154b2bde1be94968665eb1
3ee7616a6b5d8def2021c7584d4416f7a9438bea806d8984922ab385b6c164e6

HTTP Headers

GET /wp-content/themes/BlackNight24/css/main.css HTTP/1.1
Host: vermangasporno.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vermangasporno.com/doujin
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:43 GMT
content-type: text/css
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=36294
etag: W/"8dc6-622f21fe-0;gz"
expires: Thu, 26 Dec 2024 13:51:00 GMT
last-modified: Mon, 14 Mar 2022 11:07:42 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 659443
server: cloudflare
cf-ray: 8400ecd7fd315685-OSL
content-encoding: br
X-Firefox-Spdy: h2

a.realsrv.com/ad-provider.js

185.76.9.18

200 OK

124 kB

URL GET HTTP/2
a.realsrv.com/ad-provider.js
IP
185.76.9.18:443
ASN
#60068 Datacamp Limited

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerLet's Encrypt
Subjectrealsrv.com
Fingerprint44:2D:DC:FD:4A:2E:1C:BD:23:E3:23:21:E2:45:57:13:37:E2:3F:C8
ValidityMon, 18 Dec 2023 09:34:14 GMT - Sun, 17 Mar 2024 09:34:13 GMT

File type
ASCII text, with very long lines (32223)
Size
124 kB (123690 bytes)
Hash
83caf9a95630ba181957a6dfd73f4c6f
9252d534220fbfdb57517c15a8adae1810579037
4d87ff3cd1e3a454f2755c9c1ac91e634245cbb7b75cbc41735a8f95ec7cb913

HTTP Headers

GET /ad-provider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:43 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"9252d534220fbfdb57517c15a8a"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Wed, 03 Jan 2024 13:52:09 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3OAIAAAwBuUwKCQH3CQAAAAwBJRPCNAH3BAAAAA
x-77-nzt-ray: c0a4cc28a2d0082ab73b9665fb5a5408
x-accel-expires: @1704354735
x-accel-date: 1704343935
x-77-cache: HIT
x-77-age: 581
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 9, 568
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

vermangasporno.com/wp-content/themes/BlackNight24/js/main.js

172.67.70.224

200 OK

341 B

URL GET HTTP/2
vermangasporno.com/wp-content/themes/BlackNight24/js/main.js
IP
172.67.70.224:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB9:B8:F0:F3:8C:32:3E:2D:86:56:B2:8C:B3:8F:FC:60:5E:AF:30:2D
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (341), with no line terminators
Size
341 B (341 bytes)
Hash
167e4f49d415c3788e83df27c21e12f9
15fd728540f6d72cbc4469265db084e77c090718
a7c860a1505343bc4dc80a473bfe23f625da447d71af4db67b529065295d5171

HTTP Headers

GET /wp-content/themes/BlackNight24/js/main.js HTTP/1.1
Host: vermangasporno.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vermangasporno.com/doujin
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:43 GMT
content-type: application/x-javascript
cache-control: public, max-age=31536000
expires: Mon, 23 Dec 2024 11:48:49 GMT
last-modified: Mon, 14 Mar 2022 11:07:42 GMT
etag: W/"155-622f21fe-0;gz"
vary: Accept-Encoding,User-Agent
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 925974
server: cloudflare
cf-ray: 8400ecd84dad5685-OSL
content-encoding: br
X-Firefox-Spdy: h2

go.mnaspm.com/api/models/vast?action=sbSignupWithModel&ax=0&campaignId=662caa72b7c524d066b181904a6fe35b35c20b36796cca3110a610b44239cb2f&campaignType=smartpop&creativeId=0fe634b4ed7128d94852002b593185fc904d0c54974e9bbbec389730ba324b3e&duration=00%3A00%3A30&iterationId=745523&masterSmartpopId=2683&memberId=dSCqmXMhDchodN41_NmyjZva_1Y2xeIGVKJSVkPycSG6Qas7JpU169xHJLhctt5Rq5R1fd82Qcb9NZD_zWF370yNg5a4rgtjebtohGefktlBFETt_gUIDRUi&mlView=1&p1=4392576&ruleId=29&skipOffset=00%3A00%3A05&smartpopId=3588&sourceId=594678&tag=-girls%2Fmobile&usePreroll=true&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=31904

104.18.59.150

200 OK

2.2 kB

URL GET HTTP/2
go.mnaspm.com/api/models/vast?action=sbSignupWithModel&ax=0&campaignId=662caa72b7c524d066b181904a6fe35b35c20b36796cca3110a610b44239cb2f&campaignType=smartpop&creativeId=0fe634b4ed7128d94852002b593185fc904d0c54974e9bbbec389730ba324b3e&duration=00%3A00%3A30&iterationId=745523&masterSmartpopId=2683&memberId=dSCqmXMhDchodN41_NmyjZva_1Y2xeIGVKJSVkPycSG6Qas7JpU169xHJLhctt5Rq5R1fd82Qcb9NZD_zWF370yNg5a4rgtjebtohGefktlBFETt_gUIDRUi&mlView=1&p1=4392576&ruleId=29&skipOffset=00%3A00%3A05&smartpopId=3588&sourceId=594678&tag=-girls%2Fmobile&usePreroll=true&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=31904
IP
104.18.59.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerGoogle Trust Services LLC
Subjectmnaspm.com
Fingerprint97:69:EC:BC:39:82:49:C0:1F:BA:73:9F:38:32:C7:4D:3B:49:3F:A2
ValidityMon, 18 Dec 2023 15:11:38 GMT - Sun, 17 Mar 2024 15:11:37 GMT

File type
XML document, ASCII text, with very long lines (2267), with no line terminators
Size
2.2 kB (2227 bytes)
Hash
975e4604e96d8fe4575beb1552da1946
bf558869432b8e0ee831e5822b0d8f9679e28e2e
02b889f79bfeee7d0bc32aa7079d2e4139f69651856315de129bed877596b8ac

HTTP Headers

GET /api/models/vast?action=sbSignupWithModel&ax=0&campaignId=662caa72b7c524d066b181904a6fe35b35c20b36796cca3110a610b44239cb2f&campaignType=smartpop&creativeId=0fe634b4ed7128d94852002b593185fc904d0c54974e9bbbec389730ba324b3e&duration=00%3A00%3A30&iterationId=745523&masterSmartpopId=2683&memberId=dSCqmXMhDchodN41_NmyjZva_1Y2xeIGVKJSVkPycSG6Qas7JpU169xHJLhctt5Rq5R1fd82Qcb9NZD_zWF370yNg5a4rgtjebtohGefktlBFETt_gUIDRUi&mlView=1&p1=4392576&ruleId=29&skipOffset=00%3A00%3A05&smartpopId=3588&sourceId=594678&tag=-girls%2Fmobile&usePreroll=true&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=31904 HTTP/1.1
Host: go.mnaspm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:44 GMT
content-type: text/xml; charset=utf-8
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDFRFiBZBvMSLtrs3cR5HVWEzYfyppkYaS4QHqtWg; SameSite=None; Secure; path=/; expires=Fri, 05-Jan-24 05:01:44 GMT; HttpOnly
server: cloudflare
cf-ray: 8400ece08d77b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

vermangasporno.com/wp-content/plugins/theia-sticky-sidebar/js/main.js?ver=1.8.0

172.67.70.224

200 OK

435 B

URL GET HTTP/2
vermangasporno.com/wp-content/plugins/theia-sticky-sidebar/js/main.js?ver=1.8.0
IP
172.67.70.224:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB9:B8:F0:F3:8C:32:3E:2D:86:56:B2:8C:B3:8F:FC:60:5E:AF:30:2D
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (445), with no line terminators
Size
435 B (435 bytes)
Hash
3cc5bc1ea08c38e3d5e81b849c0b57f7
fdde408f6aad1b50ea82e9d271b7cb07572587d8
7293034ecbf2d1102e96f219876c7844c29937a65c2a5382b51b250f4f594e4d

HTTP Headers

GET /wp-content/plugins/theia-sticky-sidebar/js/main.js?ver=1.8.0 HTTP/1.1
Host: vermangasporno.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vermangasporno.com/doujin
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:43 GMT
content-type: application/x-javascript
cache-control: public, max-age=31536000
expires: Thu, 26 Dec 2024 13:51:00 GMT
last-modified: Sun, 10 May 2020 00:34:57 GMT
etag: W/"1b3-5eb74c31-0;gz"
vary: Accept-Encoding,User-Agent
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 659443
server: cloudflare
cf-ray: 8400ecd83d9e5685-OSL
content-encoding: br
X-Firefox-Spdy: h2

vermangasporno.com/wp-content/themes/BlackNight24/js/theia-sticky-sidebar.js

172.67.70.224

200 OK

7.5 kB

URL GET HTTP/2
vermangasporno.com/wp-content/themes/BlackNight24/js/theia-sticky-sidebar.js
IP
172.67.70.224:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB9:B8:F0:F3:8C:32:3E:2D:86:56:B2:8C:B3:8F:FC:60:5E:AF:30:2D
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (7519), with no line terminators
Size
7.5 kB (7465 bytes)
Hash
9dcb710184322c863d86125f0da141eb
fbc63ddb57f2b6dfffe669e2d95cec6631ca8ab5
d8dda5ca2ed20669be5a555885946041fa2dbf50c9009473786a77d49d86a8f0

HTTP Headers

GET /wp-content/themes/BlackNight24/js/theia-sticky-sidebar.js HTTP/1.1
Host: vermangasporno.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vermangasporno.com/doujin
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:43 GMT
content-type: application/x-javascript
cache-control: public, max-age=31536000
expires: Wed, 25 Dec 2024 15:05:10 GMT
last-modified: Mon, 14 Mar 2022 11:07:42 GMT
etag: W/"1d29-622f21fe-0;gz"
vary: Accept-Encoding,User-Agent
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 741393
server: cloudflare
cf-ray: 8400ecd84dab5685-OSL
content-encoding: br
X-Firefox-Spdy: h2

ts.trafget.com/add.php?ss=14536

172.64.131.10

200 OK

178 B

URL GET HTTP/2
ts.trafget.com/add.php?ss=14536
IP
172.64.131.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tsyndicate.com/iframes2/0724f82a85b44e8a920ba34f5731a62b.html?
Certificate
IssuerGoogle Trust Services LLC
Subjecttrafget.com
FingerprintBB:CD:30:1B:41:B8:8B:67:4B:EC:A3:33:88:71:77:90:4E:03:E2:46
ValiditySat, 09 Dec 2023 20:46:13 GMT - Fri, 08 Mar 2024 20:46:12 GMT

File type
ASCII text, with no line terminators
Size
178 B (178 bytes)
Hash
b3095e7239198cc9db375a8125e6c5d6
f7354fc7558506fda16003dbaad70bf302b4a912
61cdfdefe86422703ca6bcf80fb3a9c08d5af79bdb80787953dc7b0379fbf9ec

HTTP Headers

GET /add.php?ss=14536 HTTP/1.1
Host: ts.trafget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tsyndicate.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:45 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33, PleskLin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sppbO%2FJSEUWRNhjgK55WZUsG7hwjgYJekXU9NO5b54AmNt5Sh4NKZHbqp6m30n6SF7zQGoN8kt%2F5mG2zfZkV%2FFbt%2FYGBbguz6R1GzWeSUXk%2BAwzWnJUr7FpM2QUHgxwjeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8400ece9d97d731b-LHR
content-encoding: gzip
X-Firefox-Spdy: h2

a.magsrv.com/build-iframe-js-url.js?idzone=4890454

185.76.9.22

200 OK

759 B

URL GET HTTP/2
a.magsrv.com/build-iframe-js-url.js?idzone=4890454
IP
185.76.9.22:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=4890454&size=300x250&sub=14536
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint4E:97:9F:D0:ED:5A:03:38:1F:9B:74:4B:85:3B:32:B8:BD:23:94:9C
ValidityMon, 18 Dec 2023 09:28:29 GMT - Sun, 17 Mar 2024 09:28:28 GMT

File type
ASCII text, with very long lines (784), with no line terminators
Size
759 B (759 bytes)
Hash
87bfb807a0bd39c9fbe47c32662d04e2
f0d31e8b6be940077f179794da733c14cb580dd2
e7aafd106d96e2654526eeabffe1f0b3309f0bf0dac7ea46da1acb32812590c9

HTTP Headers

GET /build-iframe-js-url.js?idzone=4890454 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=4890454&size=300x250&sub=14536
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:46 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"66356fe66385489c120aae1f777"
accept-ch: 
expires: Wed, 03 Jan 2024 11:09:16 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3NwIAAAwBuUwKEwH3CgAAAAwB1GY4AQH3LiYAAA
x-77-nzt-ray: af58563028eb3795ba3b96651e49870c
x-accel-expires: @1704354739
x-accel-date: 1704343939
x-77-cache: HIT
x-77-age: 10351
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 10, 567
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

vermangasporno.com/wp-content/themes/BlackNight24/js/extras.js

172.67.70.224

200 OK

387 B

URL GET HTTP/2
vermangasporno.com/wp-content/themes/BlackNight24/js/extras.js
IP
172.67.70.224:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB9:B8:F0:F3:8C:32:3E:2D:86:56:B2:8C:B3:8F:FC:60:5E:AF:30:2D
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (421), with no line terminators
Size
387 B (387 bytes)
Hash
abe6af9a9879981e8ff92654624c77db
f6638500daf7c6354c7e7e96869f9b91c05f5589
926b350fef24198303735616414af90d151755338ec0cf6de8e1f0ff03b13db4

HTTP Headers

GET /wp-content/themes/BlackNight24/js/extras.js HTTP/1.1
Host: vermangasporno.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vermangasporno.com/doujin
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:43 GMT
content-type: application/x-javascript
cache-control: public, max-age=31536000
expires: Wed, 25 Dec 2024 15:05:10 GMT
last-modified: Mon, 14 Mar 2022 11:07:42 GMT
etag: W/"183-622f21fe-0;gz"
vary: Accept-Encoding,User-Agent
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 741393
server: cloudflare
cf-ray: 8400ecd7fd395685-OSL
content-encoding: br
X-Firefox-Spdy: h2

vermangasporno.com/wp-content/themes/BlackNight24/css/public.css

172.67.70.224

200 OK

714 B

URL GET HTTP/2
vermangasporno.com/wp-content/themes/BlackNight24/css/public.css
IP
172.67.70.224:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB9:B8:F0:F3:8C:32:3E:2D:86:56:B2:8C:B3:8F:FC:60:5E:AF:30:2D
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (714), with no line terminators
Size
714 B (714 bytes)
Hash
409b94beb881cf261c48578492197bd3
ecaa9e6ae745da146a2a73dabfff53a13dfc780c
608149c78d8d0e35836a9b7f10a2540d3703aea7e76bb3f961652bdcc6801081

HTTP Headers

GET /wp-content/themes/BlackNight24/css/public.css HTTP/1.1
Host: vermangasporno.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vermangasporno.com/doujin
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:43 GMT
content-type: text/css
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=819
etag: W/"333-622f21fe-0;gz"
expires: Wed, 25 Dec 2024 15:05:10 GMT
last-modified: Mon, 14 Mar 2022 11:07:42 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 741393
server: cloudflare
cf-ray: 8400ecd7fd3b5685-OSL
content-encoding: br
X-Firefox-Spdy: h2

a.exdynsrv.com/iframe.php?idzone=4852106&size=300x250

185.76.9.21

200 OK

279 B

URL GET HTTP/2
a.exdynsrv.com/iframe.php?idzone=4852106&size=300x250
IP
185.76.9.21:443
ASN
#60068 Datacamp Limited

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerLet's Encrypt
Subject1852405956.rsc.cdn77.org
Fingerprint2B:C4:1F:8B:A7:F2:4E:62:90:DE:79:F4:47:38:69:00:1D:0D:0F:7C
ValidityMon, 01 Jan 2024 12:45:04 GMT - Sun, 31 Mar 2024 12:45:03 GMT

File type
HTML document, ASCII text, with no line terminators
Size
279 B (279 bytes)
Hash
b7bee33502b74d3371fc68edaed079f0
5d5d8a36ce28e14b382515ae47dc2d40f9066062
d39ce2501d2ca6bfa434255d6d445e78da1ef143b1e294b6d31d0a13716e83f2

HTTP Headers

GET /iframe.php?idzone=4852106&size=300x250 HTTP/1.1
Host: a.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Thu, 04 Jan 2024 07:52:29 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAGzMCsAAAwBuUwKCQH3KwIAAAwBJRPCNAGzMSoAAA
x-77-nzt-ray: af585630390aee7eb83b9665c991ae0f
x-accel-expires: @1704354749
x-accel-date: 1704333448
x-77-cache: HIT
x-77-age: 22412
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, EXPIRED
x-age-lb: 555, 11056
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

a.exdynsrv.com/iframe.js?idzone=4852106&size=300x250

185.76.9.21

200 OK

2.3 kB

URL GET HTTP/2
a.exdynsrv.com/iframe.js?idzone=4852106&size=300x250
IP
185.76.9.21:443
ASN
#60068 Datacamp Limited

Requested by
https://a.exdynsrv.com/iframe.php?idzone=4852106&size=300x250
Certificate
IssuerLet's Encrypt
Subject1852405956.rsc.cdn77.org
Fingerprint2B:C4:1F:8B:A7:F2:4E:62:90:DE:79:F4:47:38:69:00:1D:0D:0F:7C
ValidityMon, 01 Jan 2024 12:45:04 GMT - Sun, 31 Mar 2024 12:45:03 GMT

File type
ASCII text, with very long lines (2415), with no line terminators
Size
2.3 kB (2294 bytes)
Hash
48fdb9ea15e2862cc40610863cc3c86b
6db6eba744b73695e39c7cd22dbe2cb72928afd8
cd0f2579b1250df8ceefbc9c48871da649185477a4dda3b5a2d6f8bb2d067992

HTTP Headers

GET /iframe.js?idzone=4852106&size=300x250 HTTP/1.1
Host: a.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.exdynsrv.com/iframe.php?idzone=4852106&size=300x250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:44 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"731a84300c9aa2e71a45497bee8"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Wed, 03 Jan 2024 13:52:18 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAG2LisAAAwBuUwKCQH39xkAAAwBJRPCNAH3AgAAAA
x-77-nzt-ray: af585630390aee7eb83b9665f2127e18
x-accel-expires: @1704354754
x-accel-date: 1704333450
x-77-cache: HIT
x-77-age: 17703
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, REVALIDATED
x-age-lb: 6647, 11054
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

a.magsrv.com/iframe.js?idzone=4890454&size=300x250&sub=14536

185.76.9.22

200 OK

2.3 kB

URL GET HTTP/2
a.magsrv.com/iframe.js?idzone=4890454&size=300x250&sub=14536
IP
185.76.9.22:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=4890454&size=300x250&sub=14536
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint4E:97:9F:D0:ED:5A:03:38:1F:9B:74:4B:85:3B:32:B8:BD:23:94:9C
ValidityMon, 18 Dec 2023 09:28:29 GMT - Sun, 17 Mar 2024 09:28:28 GMT

File type
ASCII text, with very long lines (2418), with no line terminators
Size
2.3 kB (2297 bytes)
Hash
e72b318adaebc0d78bad40b4d7023e3c
3f4d3ec563d0ce1520d219226152b5fc84060089
3a609064f9ab05ce03dcdb6cebad89ce044433a921d2fbfdbfa6b5ba09cdb0ac

HTTP Headers

GET /iframe.js?idzone=4890454&size=300x250&sub=14536 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=4890454&size=300x250&sub=14536
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:46 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"af17702ede0fac34464b3ac9809"
accept-ch: 
expires: Wed, 03 Jan 2024 14:52:22 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwgBuUwJFAFBDAG5TAoMAfdtGwAADAHUZjgJAfcxGgAA
x-77-nzt-ray: af58563028eb3795ba3b9665f622440e
x-accel-expires: @1704348285
x-accel-date: 1704337485
x-77-cache: HIT
x-77-age: 13726
content-encoding: gzip
x-age-lb: 7021
server: CDN77-Turbo
x-cache-lb: HIT, MISS
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

vermangasporno.com/wp-content/plugins/theia-sticky-sidebar/js/ResizeSensor.js?ver=1.8.0

172.67.70.224

200 OK

6.0 kB

URL GET HTTP/2
vermangasporno.com/wp-content/plugins/theia-sticky-sidebar/js/ResizeSensor.js?ver=1.8.0
IP
172.67.70.224:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB9:B8:F0:F3:8C:32:3E:2D:86:56:B2:8C:B3:8F:FC:60:5E:AF:30:2D
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (6143), with no line terminators
Size
6.0 kB (5955 bytes)
Hash
390fa0b791165e366192fce2a09d0441
8dc6fed64025b728e5cf464e78096adb3663faf1
91343c8e54d090955bae4a6b3b2336bb001f5b845db58f6ae7ee3b587aabe45d

HTTP Headers

GET /wp-content/plugins/theia-sticky-sidebar/js/ResizeSensor.js?ver=1.8.0 HTTP/1.1
Host: vermangasporno.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vermangasporno.com/doujin
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:43 GMT
content-type: application/x-javascript
cache-control: public, max-age=31536000
expires: Thu, 19 Dec 2024 22:49:44 GMT
last-modified: Sun, 10 May 2020 00:34:57 GMT
etag: W/"1743-5eb74c31-0;gz"
vary: Accept-Encoding,User-Agent
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 1231919
server: cloudflare
cf-ray: 8400ecd80d595685-OSL
content-encoding: br
X-Firefox-Spdy: h2

vermangasporno.com/doujin

172.67.70.224

200 OK

44 kB

URL User Request GET HTTP/2
vermangasporno.com/doujin
IP
172.67.70.224:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB9:B8:F0:F3:8C:32:3E:2D:86:56:B2:8C:B3:8F:FC:60:5E:AF:30:2D
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type

Size
44 kB (44444 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /doujin HTTP/1.1
Host: vermangasporno.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:42 GMT
content-type: text/html; charset=UTF-8
link: <https://vermangasporno.com/wp-json/>; rel="https://api.w.org/", <https://vermangasporno.com/wp-json/wp/v2/categories/2311>; rel="alternate"; type="application/json"
x-litespeed-cache: hit
vary: Accept-Encoding,User-Agent
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8400ecd5bbf45685-OSL
content-encoding: br
X-Firefox-Spdy: h2

vermangasporno.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

172.67.70.224

200 OK

14 kB

URL GET HTTP/2
vermangasporno.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
172.67.70.224:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB9:B8:F0:F3:8C:32:3E:2D:86:56:B2:8C:B3:8F:FC:60:5E:AF:30:2D
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (13479)
Size
14 kB (13577 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: vermangasporno.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vermangasporno.com/doujin
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:43 GMT
content-type: application/x-javascript
cache-control: public, max-age=31536000
expires: Sat, 23 Nov 2024 12:04:44 GMT
last-modified: Sun, 20 Aug 2023 14:08:23 GMT
etag: W/"3509-64e21e57-0;gz"
vary: Accept-Encoding,User-Agent
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 3517019
server: cloudflare
cf-ray: 8400ecd80d4c5685-OSL
content-encoding: br
X-Firefox-Spdy: h2

friendshipmale.com/sfp.js

172.64.99.2

200 OK

86 kB

URL GET HTTP/2
friendshipmale.com/sfp.js
IP
172.64.99.2:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85468 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:44 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: e3bb99b2ba1e110eb5f68a361c8be258
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 04 Jan 2024 05:01:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vV5hknCy7%2FH%2Bd4%2BX79J%2BEEMFc%2BvJ3fn0O3ujI6cV9zrm7eyNo7OCoXsZW8mQtGGf3hwxa7Bm6F7vlDPllJ4C7HuSjBFiA%2BfUIfg20EwEuBJu%2BZg%2BUWRgQWv6H8YGVZ7elKgy%2BJs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8400ecdecfe977b1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

vermangasporno.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70

172.67.70.224

200 OK

237 B

URL GET HTTP/2
vermangasporno.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
IP
172.67.70.224:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB9:B8:F0:F3:8C:32:3E:2D:86:56:B2:8C:B3:8F:FC:60:5E:AF:30:2D
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
237 B (237 bytes)
Hash
5c349c7e163b8c5dd1bdb722602b899f
d497becd8fad03cfde90898149050a90985ef449
ac653be90fb56d873b635506f8b8415893d82e0d60c2eec2f911b2ba15bf374e

HTTP Headers

GET /wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70 HTTP/1.1
Host: vermangasporno.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vermangasporno.com/doujin
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:43 GMT
content-type: text/css
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=374
etag: W/"176-64567008-0;gz"
expires: Sun, 22 Dec 2024 18:07:36 GMT
last-modified: Sat, 06 May 2023 15:19:36 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 989647
server: cloudflare
cf-ray: 8400ecd80d445685-OSL
content-encoding: br
X-Firefox-Spdy: h2

syndication.realsrv.com/v1/api.php

95.211.229.246

200 OK

13 kB

URL POST HTTP/1.1
syndication.realsrv.com/v1/api.php
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerLet's Encrypt
Subjectrealsrv.com
Fingerprint44:2D:DC:FD:4A:2E:1C:BD:23:E3:23:21:E2:45:57:13:37:E2:3F:C8
ValidityMon, 18 Dec 2023 09:34:14 GMT - Sun, 17 Mar 2024 09:34:13 GMT

File type
JSON data
Size
13 kB (13422 bytes)
Hash
48f84967888bcf7dd158af6f68aa41cc
60f2a3b90bc65674b9cdaa8da71c5e6245a472a5
706ad95df5c33713bd337757b1b761877db5324cef20b4e4c679c00db0e689db

HTTP Headers

POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 322
Origin: https://vermangasporno.com
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 04 Jan 2024 05:01:43 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://vermangasporno.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265963bb7b6d0b6.558819981469180273%22%3B%7D; expires=Sat, 03-Jan-2026 05:01:43 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

friendshipmale.com/sfp.js

172.64.99.2

200 OK

86 kB

URL GET HTTP/3
friendshipmale.com/sfp.js
IP
172.64.99.2:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85468 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 04 Jan 2024 05:01:45 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 2455dca1463297941f33a8dcb3d94680
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 04 Jan 2024 05:01:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJToBaDgBWCX310bIwfljXQ1RDQSbn3b%2FW7os5kE03xTkJiOuoJW37j%2FFki%2B%2FBXRjCrqhVfbMc9iLuQxtL7YTitOTVvQwgk5GGelIsE%2BQrVYATCivaixuEj3eSs77aOA4WXWigk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8400ece24ec123ee-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

a.magsrv.com/iframe.js?idzone=4890454&size=300x250&sub=14536

185.76.9.22

200 OK

2.3 kB

URL GET HTTP/2
a.magsrv.com/iframe.js?idzone=4890454&size=300x250&sub=14536
IP
185.76.9.22:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=4890454&size=300x250&sub=14536
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint4E:97:9F:D0:ED:5A:03:38:1F:9B:74:4B:85:3B:32:B8:BD:23:94:9C
ValidityMon, 18 Dec 2023 09:28:29 GMT - Sun, 17 Mar 2024 09:28:28 GMT

File type
ASCII text, with very long lines (2418), with no line terminators
Size
2.3 kB (2297 bytes)
Hash
e72b318adaebc0d78bad40b4d7023e3c
3f4d3ec563d0ce1520d219226152b5fc84060089
3a609064f9ab05ce03dcdb6cebad89ce044433a921d2fbfdbfa6b5ba09cdb0ac

HTTP Headers

GET /iframe.js?idzone=4890454&size=300x250&sub=14536 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=4890454&size=300x250&sub=14536
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:46 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"af17702ede0fac34464b3ac9809"
accept-ch: 
expires: Wed, 03 Jan 2024 14:52:22 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwgBuUwJFAFBDAG5TAoMAfdtGwAADAHUZjgJAfcxGgAA
x-77-nzt-ray: af58563028eb3795ba3b9665f4aec30e
x-accel-expires: @1704348285
x-accel-date: 1704337485
x-77-cache: HIT
x-77-age: 13726
content-encoding: gzip
x-age-lb: 7021
server: CDN77-Turbo
x-cache-lb: HIT, MISS
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

vidogrey.fun/banner300G7UqNJRquAYHwhBh4eL6.js

37.140.192.137

200 OK

4.1 kB

URL GET HTTP/2
vidogrey.fun/banner300G7UqNJRquAYHwhBh4eL6.js
IP
37.140.192.137:443
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerGlobalSign nv-sa
Subjectwww.vidogrey.fun
FingerprintC9:C9:67:73:D7:6B:03:6E:2E:31:1F:E7:5D:C9:D1:29:C9:72:69:DB
ValiditySat, 01 Jul 2023 10:06:55 GMT - Thu, 01 Aug 2024 10:06:54 GMT

File type
ASCII text, with very long lines (4063), with no line terminators
Size
4.1 kB (4063 bytes)
Hash
0d94b9d0f40a26c7d11a4ba2756b34ca
2ea0dbc9adb327ebb5810574a59bd4fe3b51f28a
8003cbf629ea9d1c69565cb98e129a71a176c61254205119c4900ee811e14952

HTTP Headers

GET /banner300G7UqNJRquAYHwhBh4eL6.js HTTP/1.1
Host: vidogrey.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 04 Jan 2024 05:01:43 GMT
content-type: application/javascript
last-modified: Sun, 19 Feb 2023 07:34:09 GMT
vary: Accept-Encoding
etag: W/"63f1d0f1-fdf"
expires: Thu, 11 Jan 2024 05:01:43 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

vermangasporno.com/doujin/

172.67.70.224

301 Moved Permanently

44 kB

URL User Request GET HTTP/2
vermangasporno.com/doujin/
IP
172.67.70.224:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB9:B8:F0:F3:8C:32:3E:2D:86:56:B2:8C:B3:8F:FC:60:5E:AF:30:2D
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type

Size
44 kB (44444 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /doujin/ HTTP/1.1
Host: vermangasporno.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Thu, 04 Jan 2024 05:01:42 GMT
content-type: text/html; charset=UTF-8
location: https://vermangasporno.com/doujin
expires: Thu, 28 Dec 2023 06:23:00 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
x-litespeed-cache: hit
vary: Accept-Encoding,User-Agent
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8400ecd37b2c5685-OSL
X-Firefox-Spdy: h2

vermangasporno.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

172.67.70.224

200 OK

88 kB

URL GET HTTP/2
vermangasporno.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
172.67.70.224:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB9:B8:F0:F3:8C:32:3E:2D:86:56:B2:8C:B3:8F:FC:60:5E:AF:30:2D
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65447)
Size
88 kB (87553 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: vermangasporno.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vermangasporno.com/doujin
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:43 GMT
content-type: application/x-javascript
cache-control: public, max-age=31536000
expires: Wed, 04 Dec 2024 11:48:43 GMT
last-modified: Tue, 05 Dec 2023 10:33:05 GMT
etag: W/"15601-656efc61-0;gz"
vary: Accept-Encoding,User-Agent
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 2567579
server: cloudflare
cf-ray: 8400ecd80d475685-OSL
content-encoding: br
X-Firefox-Spdy: h2

tsyndicate.com/iframes2/0724f82a85b44e8a920ba34f5731a62b.html?

136.243.81.150

200 OK

5.5 kB

URL GET HTTP/2
tsyndicate.com/iframes2/0724f82a85b44e8a920ba34f5731a62b.html?
IP
136.243.81.150:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
FingerprintAD:E6:BB:56:46:8C:1B:80:8A:92:2D:48:DE:3C:A2:99:26:30:33:80
ValidityTue, 12 Dec 2023 09:06:52 GMT - Mon, 11 Mar 2024 09:06:51 GMT

File type
HTML document, ASCII text, with very long lines (5560), with no line terminators
Size
5.5 kB (5498 bytes)
Hash
cd56b501171b6a8dd9b2ce9e4b3523e3
5367567c3968b5b1ef055f91ebaaa140667ac05a
ae39e58ad8575051a066ead9d7bb9e5d95ee5b2450eee908dd4b29f5087510e3

HTTP Headers

GET /iframes2/0724f82a85b44e8a920ba34f5731a62b.html? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 04 Jan 2024 05:01:45 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
x-request-id: eb073190f82afa82
set-cookie: ts_uid=7f428bca-ec3a-4fb8-89e3-ec964fd2f8fc; expires=Thu, 04 Jul 2024 05:01:45 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2

a.magsrv.com/iframe.php?idzone=4890454&size=300x250&sub=14536

185.76.9.22

200 OK

275 B

URL GET HTTP/2
a.magsrv.com/iframe.php?idzone=4890454&size=300x250&sub=14536
IP
185.76.9.22:443
ASN
#60068 Datacamp Limited

Requested by
https://ts.trafget.com/add.php?ss=14536
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint4E:97:9F:D0:ED:5A:03:38:1F:9B:74:4B:85:3B:32:B8:BD:23:94:9C
ValidityMon, 18 Dec 2023 09:28:29 GMT - Sun, 17 Mar 2024 09:28:28 GMT

File type
HTML document, ASCII text, with no line terminators
Size
275 B (275 bytes)
Hash
8075eab8259b609b4427ec6fe0f1012b
8d2c1925ac119626695acb992b82d216800dd1c1
bebb0e665f132883b4201d16befa2cda707d859401dbe50ef4fa4a0e604f391d

HTTP Headers

GET /iframe.php?idzone=4890454&size=300x250&sub=14536 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ts.trafget.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Thu, 04 Jan 2024 05:53:28 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwgBuUwJFAFBDAG5TAoMAfcSHgAADAHUZjgJAbM6KgAA
x-77-nzt-ray: af58563028eb3795ba3b9665f546cc05
x-accel-expires: @1704347608
x-accel-date: 1704336808
x-77-cache: HIT
x-77-age: 18508
content-encoding: gzip
x-age-lb: 7698
server: CDN77-Turbo
x-cache-lb: HIT, MISS
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

vermangasporno.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

172.67.70.224

200 OK

110 kB

URL GET HTTP/2
vermangasporno.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
IP
172.67.70.224:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB9:B8:F0:F3:8C:32:3E:2D:86:56:B2:8C:B3:8F:FC:60:5E:AF:30:2D
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type

Size
110 kB (110035 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.4.2 HTTP/1.1
Host: vermangasporno.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vermangasporno.com/doujin
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:43 GMT
content-type: text/css
cache-control: public, max-age=31536000
expires: Fri, 06 Dec 2024 05:28:23 GMT
last-modified: Tue, 05 Dec 2023 10:33:05 GMT
etag: W/"1add3-656efc61-0;gz"
vary: Accept-Encoding,User-Agent
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 2417600
server: cloudflare
cf-ray: 8400ecd80d415685-OSL
content-encoding: br
X-Firefox-Spdy: h2

vermangasporno.com/wp-content/themes/BlackNight24/img/arrow-gray.png

172.67.70.224

200 OK

273 B

URL GET HTTP/2
vermangasporno.com/wp-content/themes/BlackNight24/img/arrow-gray.png
IP
172.67.70.224:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB9:B8:F0:F3:8C:32:3E:2D:86:56:B2:8C:B3:8F:FC:60:5E:AF:30:2D
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
273 B (273 bytes)
Hash
01d0b438001bfb0f922cbf30efd51dd2
ef664b023ea919b4f52187e52860a6fd83cc0d76
0c36d3b4d7717f0f246f052dc36094d8c981203603740e129018171bb5bbb145

HTTP Headers

GET /wp-content/themes/BlackNight24/img/arrow-gray.png HTTP/1.1
Host: vermangasporno.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vermangasporno.com/wp-content/themes/BlackNight24/css/main.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:43 GMT
content-type: image/png
content-length: 273
cache-control: public, max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "111-622f21fe-0;;;"
expires: Mon, 23 Dec 2024 11:48:50 GMT
last-modified: Mon, 14 Mar 2022 11:07:42 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 925973
accept-ranges: bytes
server: cloudflare
cf-ray: 8400ecdba8285685-OSL
X-Firefox-Spdy: h2

pnuhondppw.com/get/1893204?zoneid=1893204&jp=_cl5myyuj29u4a33hlkqkyq&nojs=0&abvar=0&febuild=1.0.187&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7430045315616768&eclog=0&sp=1&im=1&freq=0

212.117.190.201

200 OK

5.6 kB

URL GET HTTP/2
pnuhondppw.com/get/1893204?zoneid=1893204&jp=_cl5myyuj29u4a33hlkqkyq&nojs=0&abvar=0&febuild=1.0.187&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7430045315616768&eclog=0&sp=1&im=1&freq=0
IP
212.117.190.201:443
ASN
#5577 root SA

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint46:B8:C5:64:0C:04:8B:B5:0B:8B:00:09:F8:F4:2B:8D:2D:E9:B9:6C
ValiditySun, 29 Oct 2023 23:45:07 GMT - Fri, 26 Apr 2024 21:59:00 GMT

File type
ASCII text, with very long lines (5689), with no line terminators
Size
5.6 kB (5613 bytes)
Hash
e522f990c3e8e7f0c4911c02b7b6ab32
2419e3234e2f54cdf577f61349b642168e26449f
9386e37ca107a13f16a397fec09affcfa78ecf396974f3eb0ff8155b1ac11568

HTTP Headers

GET /get/1893204?zoneid=1893204&jp=_cl5myyuj29u4a33hlkqkyq&nojs=0&abvar=0&febuild=1.0.187&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7430045315616768&eclog=0&sp=1&im=1&freq=0 HTTP/1.1
Host: pnuhondppw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 04 Jan 2024 05:01:43 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2401040001c386460d027240c18b1e7a45e8; Path=/; Expires=Thu, 06 Feb 2025 05:01:43 GMT; Secure; SameSite=None
CHCK=1; Path=/; Expires=Thu, 06 Feb 2025 05:01:43 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

a.exdynsrv.com/ad-provider.js

185.76.9.21

200 OK

124 kB

URL GET HTTP/2
a.exdynsrv.com/ad-provider.js
IP
185.76.9.21:443
ASN
#60068 Datacamp Limited

Requested by
https://a.exdynsrv.com/iframe.php?idzone=4852106&size=300x250
Certificate
IssuerLet's Encrypt
Subject1852405956.rsc.cdn77.org
Fingerprint2B:C4:1F:8B:A7:F2:4E:62:90:DE:79:F4:47:38:69:00:1D:0D:0F:7C
ValidityMon, 01 Jan 2024 12:45:04 GMT - Sun, 31 Mar 2024 12:45:03 GMT

File type
ASCII text, with very long lines (32223)
Size
124 kB (123615 bytes)
Hash
9f759d11d360ee80927129caaeb27471
3fc4d71c322dc74dc50c3d716e1a2902dfaa3dfd
11dab0d9ba61b307a0deee15e4debab7e3f14ea0947663ec61640b84f7a265d1

HTTP Headers

GET /ad-provider.js HTTP/1.1
Host: a.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.exdynsrv.com/iframe.php?idzone=4852106&size=300x250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:44 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"3fc4d71c322dc74dc50c3d716e1"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Wed, 03 Jan 2024 13:52:17 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3MAIAAAwBuUwKCQGzBwQAAAwBJRPCLgH3/wMAAA
x-77-nzt-ray: af585630390aee7eb83b96656fcad715
x-accel-expires: @1704354743
x-accel-date: 1704343944
x-77-cache: HIT
x-77-age: 2614
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: EXPIRED, HIT
x-age-lb: 1031, 560
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

a.magsrv.com/build-iframe-js-url.js?idzone=4890454

185.76.9.22

200 OK

759 B

URL GET HTTP/2
a.magsrv.com/build-iframe-js-url.js?idzone=4890454
IP
185.76.9.22:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=4890454&size=300x250&sub=14536
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint4E:97:9F:D0:ED:5A:03:38:1F:9B:74:4B:85:3B:32:B8:BD:23:94:9C
ValidityMon, 18 Dec 2023 09:28:29 GMT - Sun, 17 Mar 2024 09:28:28 GMT

File type
ASCII text, with very long lines (784), with no line terminators
Size
759 B (759 bytes)
Hash
87bfb807a0bd39c9fbe47c32662d04e2
f0d31e8b6be940077f179794da733c14cb580dd2
e7aafd106d96e2654526eeabffe1f0b3309f0bf0dac7ea46da1acb32812590c9

HTTP Headers

GET /build-iframe-js-url.js?idzone=4890454 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=4890454&size=300x250&sub=14536
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:46 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"66356fe66385489c120aae1f777"
accept-ch: 
expires: Wed, 03 Jan 2024 11:09:16 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3NwIAAAwBuUwKEwH3CgAAAAwB1GY4AQH3LiYAAA
x-77-nzt-ray: af58563028eb3795ba3b9665d274f70c
x-accel-expires: @1704354739
x-accel-date: 1704343939
x-77-cache: HIT
x-77-age: 10351
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 10, 567
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

vermangasporno.com/wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.min.js?ver=2.2.10081

172.67.70.224

200 OK

1.5 kB

URL GET HTTP/2
vermangasporno.com/wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.min.js?ver=2.2.10081
IP
172.67.70.224:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB9:B8:F0:F3:8C:32:3E:2D:86:56:B2:8C:B3:8F:FC:60:5E:AF:30:2D
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (1527), with no line terminators
Size
1.5 kB (1489 bytes)
Hash
07b026b3e934200440d29d051062108b
711608c53c28f06c89c455e23d95e0d1b5b280ca
b97cffc009bdeaf1395be2ddb9e497bf5492e16cd6413e8fae4820e68e0ffc9f

HTTP Headers

GET /wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.min.js?ver=2.2.10081 HTTP/1.1
Host: vermangasporno.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vermangasporno.com/doujin
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:43 GMT
content-type: application/x-javascript
cache-control: public, max-age=31536000
expires: Mon, 23 Dec 2024 11:48:49 GMT
last-modified: Mon, 09 Oct 2023 19:20:29 GMT
etag: W/"5d1-6524527d-0;gz"
vary: Accept-Encoding,User-Agent
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 925974
server: cloudflare
cf-ray: 8400ecd84da85685-OSL
content-encoding: br
X-Firefox-Spdy: h2

a.exdynsrv.com/build-iframe-js-url.js?idzone=4852106

185.76.9.21

200 OK

761 B

URL GET HTTP/2
a.exdynsrv.com/build-iframe-js-url.js?idzone=4852106
IP
185.76.9.21:443
ASN
#60068 Datacamp Limited

Requested by
https://a.exdynsrv.com/iframe.php?idzone=4852106&size=300x250
Certificate
IssuerLet's Encrypt
Subject1852405956.rsc.cdn77.org
Fingerprint2B:C4:1F:8B:A7:F2:4E:62:90:DE:79:F4:47:38:69:00:1D:0D:0F:7C
ValidityMon, 01 Jan 2024 12:45:04 GMT - Sun, 31 Mar 2024 12:45:03 GMT

File type
ASCII text, with very long lines (786), with no line terminators
Size
761 B (761 bytes)
Hash
48d46d11eff5fb5e533bbfd09b0e087a
e3ffa9d2117eb017dc6788d421552888f7338365
e5eea9e27cfd755f007eb646e662ff6a92416548104040bb052f63376352674b

HTTP Headers

GET /build-iframe-js-url.js?idzone=4852106 HTTP/1.1
Host: a.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.exdynsrv.com/iframe.php?idzone=4852106&size=300x250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:44 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"ee5c7d5c6f74c562de6e6583c38"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Wed, 03 Jan 2024 13:52:22 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAG2LysAAAwBuUwKEwH3kgEAAAwB1GY4nAH3YhgAAA
x-77-nzt-ray: af585630390aee7eb83b96650bc9ce15
x-accel-expires: @1704354750
x-accel-date: 1704333449
x-77-cache: HIT
x-77-age: 17699
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, REVALIDATED
x-age-lb: 402, 11055
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

ts.trafget.com/add.php?ss=14536

172.64.131.10

200 OK

178 B

URL GET HTTP/2
ts.trafget.com/add.php?ss=14536
IP
172.64.131.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tsyndicate.com/iframes2/620e3e3e56404bdd971e087fa902d30e.html?
Certificate
IssuerGoogle Trust Services LLC
Subjecttrafget.com
FingerprintBB:CD:30:1B:41:B8:8B:67:4B:EC:A3:33:88:71:77:90:4E:03:E2:46
ValiditySat, 09 Dec 2023 20:46:13 GMT - Fri, 08 Mar 2024 20:46:12 GMT

File type
ASCII text, with no line terminators
Size
178 B (178 bytes)
Hash
b3095e7239198cc9db375a8125e6c5d6
f7354fc7558506fda16003dbaad70bf302b4a912
61cdfdefe86422703ca6bcf80fb3a9c08d5af79bdb80787953dc7b0379fbf9ec

HTTP Headers

GET /add.php?ss=14536 HTTP/1.1
Host: ts.trafget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tsyndicate.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:45 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33, PleskLin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQy5%2FQtXyggH9uUel3r1n85pjWOJXQOoyWiOa%2BPD5nW814ujN9NrqFeR9YdxxJdgdoa5CeAz4F1QIzQa6%2FJof2V5Ym73ck6bBEjwTUOFcPpe%2F7EXbzoR48vO4e1YJ5bA5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8400ece9c96e731b-LHR
content-encoding: gzip
X-Firefox-Spdy: h2

a.magsrv.com/iframe.php?idzone=4890454&size=300x250&sub=14536

185.76.9.22

200 OK

275 B

URL GET HTTP/2
a.magsrv.com/iframe.php?idzone=4890454&size=300x250&sub=14536
IP
185.76.9.22:443
ASN
#60068 Datacamp Limited

Requested by
https://ts.trafget.com/add.php?ss=14536
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint4E:97:9F:D0:ED:5A:03:38:1F:9B:74:4B:85:3B:32:B8:BD:23:94:9C
ValidityMon, 18 Dec 2023 09:28:29 GMT - Sun, 17 Mar 2024 09:28:28 GMT

File type
HTML document, ASCII text, with no line terminators
Size
275 B (275 bytes)
Hash
8075eab8259b609b4427ec6fe0f1012b
8d2c1925ac119626695acb992b82d216800dd1c1
bebb0e665f132883b4201d16befa2cda707d859401dbe50ef4fa4a0e604f391d

HTTP Headers

GET /iframe.php?idzone=4890454&size=300x250&sub=14536 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ts.trafget.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Thu, 04 Jan 2024 05:53:28 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwgBuUwJFAFBDAG5TAoMAfcSHgAADAHUZjgJAbM6KgAA
x-77-nzt-ray: af58563028eb3795ba3b96655568e605
x-accel-expires: @1704347608
x-accel-date: 1704336808
x-77-cache: HIT
x-77-age: 18508
content-encoding: gzip
x-age-lb: 7698
server: CDN77-Turbo
x-cache-lb: HIT, MISS
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

vermangasporno.com/wp-content/themes/BlackNight24/js/jquery-migrate.min.js

172.67.70.224

200 OK

10 kB

URL GET HTTP/2
vermangasporno.com/wp-content/themes/BlackNight24/js/jquery-migrate.min.js
IP
172.67.70.224:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB9:B8:F0:F3:8C:32:3E:2D:86:56:B2:8C:B3:8F:FC:60:5E:AF:30:2D
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (9959)
Size
10 kB (10056 bytes)
Hash
7121994eec5320fbe6586463bf9651c2
90532aff6d4121954254cdf04994d834f7ec169b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

HTTP Headers

GET /wp-content/themes/BlackNight24/js/jquery-migrate.min.js HTTP/1.1
Host: vermangasporno.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vermangasporno.com/doujin
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:43 GMT
content-type: application/x-javascript
cache-control: public, max-age=31536000
expires: Sun, 22 Dec 2024 18:07:36 GMT
last-modified: Mon, 14 Mar 2022 11:07:42 GMT
etag: W/"2748-622f21fe-0;gz"
vary: Accept-Encoding,User-Agent
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 989647
server: cloudflare
cf-ray: 8400ecd7fd365685-OSL
content-encoding: br
X-Firefox-Spdy: h2

vermangasporno.com/wp-content/plugins/theia-sticky-sidebar/js/theia-sticky-sidebar.js?ver=1.8.0

172.67.70.224

200 OK

16 kB

URL GET HTTP/2
vermangasporno.com/wp-content/plugins/theia-sticky-sidebar/js/theia-sticky-sidebar.js?ver=1.8.0
IP
172.67.70.224:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB9:B8:F0:F3:8C:32:3E:2D:86:56:B2:8C:B3:8F:FC:60:5E:AF:30:2D
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
16 kB (16379 bytes)
Hash
90c7bf931df73f0b4f002584a83d6149
394b949517eda81865a2eff4346d4fddd80c71b4
8d01529d6b0a55fc8c5eedbb03768f3a1c21a157dd555172af0b1851687d5c46

HTTP Headers

GET /wp-content/plugins/theia-sticky-sidebar/js/theia-sticky-sidebar.js?ver=1.8.0 HTTP/1.1
Host: vermangasporno.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vermangasporno.com/doujin
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:43 GMT
content-type: application/x-javascript
cache-control: public, max-age=31536000
expires: Mon, 23 Dec 2024 11:48:49 GMT
last-modified: Sun, 10 May 2020 00:34:57 GMT
etag: W/"3ffb-5eb74c31-0;gz"
vary: Accept-Encoding,User-Agent
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 925974
server: cloudflare
cf-ray: 8400ecd80d5b5685-OSL
content-encoding: br
X-Firefox-Spdy: h2

a.realsrv.com/ad-provider.js

185.76.9.18

200 OK

124 kB

URL GET HTTP/2
a.realsrv.com/ad-provider.js
IP
185.76.9.18:443
ASN
#60068 Datacamp Limited

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerLet's Encrypt
Subjectrealsrv.com
Fingerprint44:2D:DC:FD:4A:2E:1C:BD:23:E3:23:21:E2:45:57:13:37:E2:3F:C8
ValidityMon, 18 Dec 2023 09:34:14 GMT - Sun, 17 Mar 2024 09:34:13 GMT

File type
ASCII text, with very long lines (32223)
Size
124 kB (123690 bytes)
Hash
83caf9a95630ba181957a6dfd73f4c6f
9252d534220fbfdb57517c15a8adae1810579037
4d87ff3cd1e3a454f2755c9c1ac91e634245cbb7b75cbc41735a8f95ec7cb913

HTTP Headers

GET /ad-provider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:43 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"9252d534220fbfdb57517c15a8a"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Wed, 03 Jan 2024 13:52:09 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3OAIAAAwBuUwKCQH3CQAAAAwBJRPCNAH3BAAAAA
x-77-nzt-ray: c0a4cc28a2d0082ab73b96653b854c25
x-accel-expires: @1704354735
x-accel-date: 1704343935
x-77-cache: HIT
x-77-age: 581
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 9, 568
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

cdn.bncloudfl.com/bn/2bf/a0c/bdf/2bfa0cbdf0d62d0386a1e6ce3cd0427270ede60b.gif

104.21.35.62

200 OK

246 kB

URL GET HTTP/2
cdn.bncloudfl.com/bn/2bf/a0c/bdf/2bfa0cbdf0d62d0386a1e6ce3cd0427270ede60b.gif
IP
104.21.35.62:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA0:6F:CE:1E:5C:62:F4:89:8E:4E:0C:40:FE:AE:79:4C:83:7B:90:C8
ValidityFri, 31 Mar 2023 00:00:00 GMT - Sat, 30 Mar 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
246 kB (246228 bytes)
Hash
f842498810c29e003221007fe5a4ee67
134cbb8143bc3bee31d807e00669ba6eee251865
6720c5184dbb9ca559c724413e1cae7d513b7e2b592ac46e4a997e0d3035d5cb

HTTP Headers

GET /bn/2bf/a0c/bdf/2bfa0cbdf0d62d0386a1e6ce3cd0427270ede60b.gif HTTP/1.1
Host: cdn.bncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:44 GMT
content-type: image/webp
content-length: 246228
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=432000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=495375
content-disposition: inline; filename="2bfa0cbdf0d62d0386a1e6ce3cd0427270ede60b.webp"
etag: 0d59abe4d08b2f299a23441c62b453cc
expires: Thu, 04 Jan 2024 07:25:51 GMT
last-modified: Wed, 16 Nov 2022 14:52:00 GMT
vary: Accept
x-openstack-request-id: txe3df8a2b571149319d44a-006374fb1e
x-proxy-cache: HIT
x-timestamp: 1668610319.08198
x-trans-id: txe3df8a2b571149319d44a-006374fb1e
cf-cache-status: HIT
age: 164153
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 8400ecddf80a56c5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

a.magsrv.com/ad-provider.js

185.76.9.22

200 OK

124 kB

URL GET HTTP/2
a.magsrv.com/ad-provider.js
IP
185.76.9.22:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=4890454&size=300x250&sub=14536
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint4E:97:9F:D0:ED:5A:03:38:1F:9B:74:4B:85:3B:32:B8:BD:23:94:9C
ValidityMon, 18 Dec 2023 09:28:29 GMT - Sun, 17 Mar 2024 09:28:28 GMT

File type
ASCII text, with very long lines (32223)
Size
124 kB (123637 bytes)
Hash
93e083f5f8870fa08d8f4cf9d8a0a075
6d322331e398ea28bf10a78ddfb1cd19de4d6108
89b11d677d647277e26e1aee57592a2c77b52dfc60ce5a67a67f041c4d8cbb81

HTTP Headers

GET /ad-provider.js HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=4890454&size=300x250&sub=14536
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:46 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6d322331e398ea28bf10a78ddfb"
accept-ch: 
expires: Wed, 03 Jan 2024 13:46:58 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3OQIAAAwBuUwKAQH3CwAAAAwBJRPCKAH3NAEAAA
x-77-nzt-ray: af58563028eb3795ba3b96652d178e0c
x-accel-expires: @1704354737
x-accel-date: 1704343937
x-77-cache: HIT
x-77-age: 888
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 11, 569
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

tsyndicate.com/do2/f00f516aea434e83a30127988af645e2/vast?t=im-slider&param3=video.instant.message.js&keywords=Doujin%20-%20%E1%90%88%20Ver%20Mangas%20Porno%3A%20Mangas%20y%20doujin%20hentai%20en%20Espa%C3%B1ol%2Cdoujin&w=1280&h=1024&tz=0

136.243.81.150

200 OK

5.8 kB

URL GET HTTP/2
tsyndicate.com/do2/f00f516aea434e83a30127988af645e2/vast?t=im-slider&param3=video.instant.message.js&keywords=Doujin%20-%20%E1%90%88%20Ver%20Mangas%20Porno%3A%20Mangas%20y%20doujin%20hentai%20en%20Espa%C3%B1ol%2Cdoujin&w=1280&h=1024&tz=0
IP
136.243.81.150:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
FingerprintAD:E6:BB:56:46:8C:1B:80:8A:92:2D:48:DE:3C:A2:99:26:30:33:80
ValidityTue, 12 Dec 2023 09:06:52 GMT - Mon, 11 Mar 2024 09:06:51 GMT

File type
XML document, ASCII text, with very long lines (5841), with no line terminators
Size
5.8 kB (5826 bytes)
Hash
78a9cb5bfa915e9582640502c137c8ce
b7870cb18bc74bc8916d4a46f03b1f8ec59f72a9
e6a3286f6fbb4dc504ba3071149bc482cd5217b737b25f5b8ae92b30c6118dbf

HTTP Headers

GET /do2/f00f516aea434e83a30127988af645e2/vast?t=im-slider&param3=video.instant.message.js&keywords=Doujin%20-%20%E1%90%88%20Ver%20Mangas%20Porno%3A%20Mangas%20y%20doujin%20hentai%20en%20Espa%C3%B1ol%2Cdoujin&w=1280&h=1024&tz=0 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vermangasporno.com
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 04 Jan 2024 05:01:44 GMT
content-type: application/xml; charset=utf-8
access-control-allow-origin: https://vermangasporno.com
access-control-allow-methods: POST, GET, HEAD
access-control-allow-headers: Accept, X-Requested-With, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Legacy
access-control-allow-credentials: true
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
x-vast: 3.0
x-request-id: e468c341f48bb3c1
set-cookie: ts_uid=47a0ca5e-782c-4fdc-ad87-4f0b1e6274c1; expires=Thu, 04 Jul 2024 05:01:44 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCx5YZNXDAwIGDRhcWIsYU3BLjoYgyE2PcgEGDxgwYOTh26aMg; expires=Fri, 05 Jan 2024 05:01:44 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2

tsyndicate.com/iframes2/620e3e3e56404bdd971e087fa902d30e.html?

136.243.81.150

200 OK

5.5 kB

URL GET HTTP/2
tsyndicate.com/iframes2/620e3e3e56404bdd971e087fa902d30e.html?
IP
136.243.81.150:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://vermangasporno.com/doujin
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
FingerprintAD:E6:BB:56:46:8C:1B:80:8A:92:2D:48:DE:3C:A2:99:26:30:33:80
ValidityTue, 12 Dec 2023 09:06:52 GMT - Mon, 11 Mar 2024 09:06:51 GMT

File type
HTML document, ASCII text, with very long lines (5540), with no line terminators
Size
5.5 kB (5478 bytes)
Hash
9a1db031c348f98717d80a5f299ea3bb
4df80604bbad7f2852d39aa5eb272a115f86cd6e
031e3c249de3d1d55a3cddcc8993973cd4b58d2782abfbb0f3da8269ef7f55de

HTTP Headers

GET /iframes2/620e3e3e56404bdd971e087fa902d30e.html? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vermangasporno.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 04 Jan 2024 05:01:45 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
x-request-id: 7794d995d1222806
set-cookie: ts_uid=6d15e0ec-23ad-4c1a-9ec1-8655c86a4829; expires=Thu, 04 Jul 2024 05:01:45 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2

a.magsrv.com/ad-provider.js

185.76.9.22

200 OK

124 kB

URL GET HTTP/2
a.magsrv.com/ad-provider.js
IP
185.76.9.22:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=4890454&size=300x250&sub=14536
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint4E:97:9F:D0:ED:5A:03:38:1F:9B:74:4B:85:3B:32:B8:BD:23:94:9C
ValidityMon, 18 Dec 2023 09:28:29 GMT - Sun, 17 Mar 2024 09:28:28 GMT

File type
ASCII text, with very long lines (32223)
Size
124 kB (123637 bytes)
Hash
93e083f5f8870fa08d8f4cf9d8a0a075
6d322331e398ea28bf10a78ddfb1cd19de4d6108
89b11d677d647277e26e1aee57592a2c77b52dfc60ce5a67a67f041c4d8cbb81

HTTP Headers

GET /ad-provider.js HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=4890454&size=300x250&sub=14536
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 04 Jan 2024 05:01:46 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6d322331e398ea28bf10a78ddfb"
accept-ch: 
expires: Wed, 03 Jan 2024 13:46:58 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3OQIAAAwBuUwKAQH3CwAAAAwBJRPCKAH3NAEAAA
x-77-nzt-ray: af58563028eb3795ba3b96651975010d
x-accel-expires: @1704354737
x-accel-date: 1704343937
x-77-cache: HIT
x-77-age: 888
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 11, 569
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (37)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by