Report - hianimez.to

Report Overview

Visited public
2025-04-18 17:08:15
Tags
URL
hianimez.to
Finishing URL
hianimez.to/
IP / ASN
172.67.38.141
#13335 CLOUDFLARENET
Title
Watch Anime Online, Free Anime Streaming Online on HiAnime.to Anime Website

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-04-16	2.7 kB	108 kB	142.250.178.99
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-04-05	2025-04-16	462 B	160 kB	104.18.10.207
experttrafficcounter.com	unknown	2025-01-23	2025-01-24	2025-04-17	936 B	716 B	35.156.209.115
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27	2025-04-12	424 B	377 B	185.196.197.72
hianimez.to	unknown	unknown	2025-04-10	2025-04-10	3.7 kB	285 kB	104.22.60.126
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-04-16	902 B	22 kB	142.250.178.74
lucidlylibellous.com	unknown	2025-03-26	2025-04-07	2025-04-07	2.3 kB	156 kB	172.240.108.68
cdn.show-creative1.com	unknown	2024-08-20	2024-08-27	2025-04-13	515 B	2.2 kB	104.21.15.229
ajax.googleapis.com	12905	2005-01-25	2012-05-22	2025-04-16	440 B	88 kB	142.250.74.42
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2025-04-16	443 B	52 kB	104.18.10.207
recordedthereby.com	unknown	2024-05-08	2024-05-08	2025-04-12	820 B	172 kB	185.196.197.72
shotgunchancecruel.com	unknown	2024-08-20	2025-01-25	2025-04-11	6.3 kB	4.0 kB	172.240.108.76
use.fontawesome.com	942	2012-10-18	2017-01-30	2025-04-16	978 B	118 kB	104.21.27.152
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2025-04-16	889 B	97 kB	104.18.94.41
cdn.noitatnemucod.net	unknown	2024-02-26	2024-03-01	2025-04-08	2.8 kB	77 kB	188.114.97.1
cdn.creative-stat1.com	unknown	2024-08-20	2024-08-27	2025-04-13	2.5 kB	164 kB	188.114.97.1
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-04-16	1.0 kB	644 kB	142.250.178.40
straightforwardaudition.com	unknown	2024-08-19	2025-04-11	2025-04-18	504 B	504 B	192.243.59.20
unseenreport.com	unknown	2022-03-30	2022-03-30	2025-04-12	1.5 kB	992 B	192.243.61.225

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-04-18	medium	unseenreport.com	Sinkholed
2025-04-18	medium	shotgunchancecruel.com	Sinkholed
2025-04-18	medium	lucidlylibellous.com	Sinkholed
2025-04-18	medium	unseenreport.com	Sinkholed
2025-04-18	medium	lucidlylibellous.com	Sinkholed
2025-04-18	medium	shotgunchancecruel.com	Sinkholed
2025-04-18	medium	shotgunchancecruel.com	Sinkholed
2025-04-18	medium	lucidlylibellous.com	Sinkholed
2025-04-18	medium	recordedthereby.com	Sinkholed
2025-04-18	medium	shotgunchancecruel.com	Sinkholed
2025-04-18	medium	lucidlylibellous.com	Sinkholed
2025-04-18	medium	shotgunchancecruel.com	Sinkholed
2025-04-18	medium	straightforwardaudition.com	Sinkholed
2025-04-18	medium	recordedthereby.com	Sinkholed
2025-04-18	medium	capaciousdrewreligion.com	Sinkholed
2025-04-18	medium	lucidlylibellous.com	Sinkholed
2025-04-18	medium	shotgunchancecruel.com	Sinkholed
2025-04-18	medium	shotgunchancecruel.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (14)

	URL	From	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js	ScriptElement	87 kB	2023-03-07	2025-05-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-19 03:18 Times Seen57912 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	about:blank	ScriptElement	693 B	2025-04-18	2025-04-30
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-18 17:08 Last Seen2025-04-30 19:36 Times Seen4 Hash 2b83449ea74d891ab5ea174571b4ee99 54516529ba66a13bb4cd7b2502912a16bd2e3af7 320a998ce39673f1742bf4f1ffc8cf41eb9db38735764728599b5c8542f3f1cb Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2025-01-25	2025-05-19
Pretty URL recordedthereby.com/sfp.js IP 185.196.197.72 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-25 09:25 Last Seen2025-05-19 02:58 Times Seen539 Hash 108625937affa4b38bb17cea65510d72 2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0 Loading...

	challenges.cloudflare.com/turnstile/v0/api.js?render=explicit	ScriptElement	48 kB	2025-04-15	2025-04-29
Pretty URL challenges.cloudflare.com/turnstile/v0/api.js?render=explicit IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-15 18:27 Last Seen2025-04-29 19:54 Times Seen4232 Hash 3ed4ab6463fdabe2783a7a7828e94177 c80f67f86421dd2c071d5abc70337877db648266 91ce8bcef253fa49b7bbec10fa3c456261336414caa9da52e94988b6a44d1780 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js	ScriptElement	51 kB	2023-03-07	2025-05-19
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-19 00:53 Times Seen99405 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-19
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-19 03:08 Times Seen343051 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	lucidlylibellous.com/54/b5/36/54b536712684480f5bddc4d3fd1ac8a1.js	ScriptElement	42 kB	2025-04-18	2025-04-18
Pretty URL lucidlylibellous.com/54/b5/36/54b536712684480f5bddc4d3fd1ac8a1.js IP 172.240.108.68 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-18 17:08 Last Seen2025-04-18 17:08 Times Seen1 Hash 6f3d041863149f3f64b5d5c8f06fe7e3 b1550903426dc964c9f2622bd2d0e941904470a0 a2d9b4c8838a22dd4f456daf932c3aaa72c6c9ed95ddd77f0db5ec61f1aaae69 Loading...

	hianimez.to/	ScriptElement	173 B	2025-02-22	2025-05-11
Pretty URL hianimez.to/ IP 104.22.60.126 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-22 18:51 Last Seen2025-05-11 10:56 Times Seen23 Hash 6219fa645887d409054252fc882bf785 64cb0a2c100a9c6199dd186763da0730ae0fcd0c b1bd626e1cf765a96050fe25f7edfa69c2ad25c04132f0e40a15534600d6298e Loading...

	www.googletagmanager.com/gtag/js?id=G-R34F2GCSBW	ScriptElement	1.0 kB	2025-02-02	2025-05-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-R34F2GCSBW IP 142.250.178.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-02 11:54 Last Seen2025-05-10 10:38 Times Seen10 Hash 910a010bb1ad663475f1250f0225c956 b345fab9feb046ad76b42f17b2577dab18029c4b d1d06b67f41e1bd6efc32fb11f410af316044feefeb6c68164d69aba2b0cb271 Loading...

	www.googletagmanager.com/gtag/js?id=UA-304498478-1&l=dataLayer&cx=c&gtm=45je54g3v9179008765za200&tag_exp=102015666~102803279~102813109~102887800~102926062~103027016~103051953~103055465~103077950~103106314~103106316	ScriptElement	252 kB	2025-04-18	2025-04-18
Pretty URL www.googletagmanager.com/gtag/js?id=UA-304498478-1&l=dataLayer&cx=c&gtm=45je54g3v9179008765za200&tag_exp=102015666~102803279~102813109~102887800~102926062~103027016~103051953~103055465~103077950~103106314~103106316 IP 142.250.178.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-18 17:08 Last Seen2025-04-18 17:08 Times Seen1 Hash 34bc54dcea87ea7fb2a96478c63ea08f 37074eba250c3d87b7b28bc66ed30779669daa68 60459083c4d5e1ef277dd50e85549e6c97f089180faea2c2660f346d9d2abec8 Loading...

	hianimez.to/sandbox%20eval%20code		147 B	2023-04-11	2025-05-19
Pretty URL hianimez.to/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-19 03:08 Times Seen343875 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	hianimez.to/	ScriptElement	463 B	2025-02-20	2025-04-30
Pretty URL hianimez.to/ IP 104.22.60.126 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-20 03:28 Last Seen2025-04-30 19:36 Times Seen9 Hash bbf0e97f77f7dd3baaf9e9f78e12adc7 cd42ab9f1687e7cc57da46e4bfc7ec2fb223c6ab b87c0111f1ce927cbc013706071b24be691e95900e36f00d3fdea50ce5c468ac Loading...

	lucidlylibellous.com/67/84/54/67845425021f776b630c899590731bf0.js	ScriptElement	97 kB	2025-04-18	2025-04-18
Pretty URL lucidlylibellous.com/67/84/54/67845425021f776b630c899590731bf0.js IP 172.240.108.68 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-18 17:08 Last Seen2025-04-18 17:08 Times Seen1 Hash 114f341be85c73c12a35e58b3f7a4d1f ab2bddacc3bd51ab38e7048d55de871014109432 f2eccf6ff69f958e83f0f9a5fca8810f1dc608be4441a917ba9a783c75d5a223 Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2025-01-25	2025-05-19
Pretty URL recordedthereby.com/sfp.js IP 185.196.197.72 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-25 09:25 Last Seen2025-05-19 02:58 Times Seen539 Hash 108625937affa4b38bb17cea65510d72 2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0 Loading...

HTTP Transactions (55)

URL IP Response Size

challenges.cloudflare.com/turnstile/v0/api.js?render=explicit

104.18.94.41

302 Found

48 kB

URL GET
challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28
ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT

File type

Size
48 kB (48123 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js?render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 18 Apr 2025 17:07:54 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/g/44e6f86df4dc/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 9325c2db7cb67127-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=641ff0d1-b701-4796-9cca-e8e87ebf62dd&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=54b536712684480f5bddc4d3fd1ac8a1&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17

192.243.61.225

200 OK

0 B

URL GET
unseenreport.com/pxf.gif?uuid=641ff0d1-b701-4796-9cca-e8e87ebf62dd&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=54b536712684480f5bddc4d3fd1ac8a1&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://hianimez.to/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintE0:4C:2E:29:FF:E3:0A:E7:2C:96:4B:AD:13:1B:9D:AB:A0:91:35:A7
ValidityTue, 18 Mar 2025 22:26:47 GMT - Mon, 16 Jun 2025 22:26:46 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=641ff0d1-b701-4796-9cca-e8e87ebf62dd&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=54b536712684480f5bddc4d3fd1ac8a1&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 18 Apr 2025 17:07:59 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: d2e38714e3b97af20b8330589fb381ba
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

shotgunchancecruel.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2Foct2024%2F3%2Fjs%2Fscript.js&l=445&fd=347

172.240.108.76

200 OK

0 B

URL GET
shotgunchancecruel.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2Foct2024%2F3%2Fjs%2Fscript.js&l=445&fd=347
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://hianimez.to/
Certificate
IssuerLet's Encrypt
Subjectshotgunchancecruel.com
Fingerprint0C:D3:F1:8B:BC:8A:18:C0:64:49:9C:C1:D7:F5:0C:C7:24:2B:06:04
ValidityWed, 19 Feb 2025 02:30:57 GMT - Tue, 20 May 2025 02:30:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2Foct2024%2F3%2Fjs%2Fscript.js&l=445&fd=347 HTTP/1.1
Host: shotgunchancecruel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 18 Apr 2025 17:08:07 GMT
Content-Length: 0
Connection: keep-alive
Host: shotgunchancecruel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.noitatnemucod.net/avatar/100x100/demon_splayer/File18.jpg

188.114.97.1

200 OK

8.4 kB

URL GET
cdn.noitatnemucod.net/avatar/100x100/demon_splayer/File18.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subjectnoitatnemucod.net
Fingerprint35:41:A3:E5:FE:54:64:D1:E2:26:43:FF:9F:D3:43:74:D5:D7:F3:07
ValidityMon, 14 Apr 2025 08:44:51 GMT - Sun, 13 Jul 2025 09:42:17 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", progressive, precision 8, 99x100, components 3
Size
8.4 kB (8436 bytes)
Hash
a1c38197823c9e6fb71b1f1f607d1bfe
d532040a7b1af432bd2e78775583d615713b1dde
5fd27fd4119331de426515d197cb672d34f84c9317747571d209ecbef45d9524

HTTP Headers

GET /avatar/100x100/demon_splayer/File18.jpg HTTP/1.1
Host: cdn.noitatnemucod.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Apr 2025 17:07:54 GMT
content-type: image/jpeg
content-length: 8436
server: cloudflare
accept-ranges: bytes
last-modified: Thu, 13 Oct 2022 02:09:50 GMT
vary: Accept-Encoding
etag: W/"6347736e-579a4"
x-cache: HIT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1189
cf-ray: 9325c2dbfbe9b512-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.178.74

200 OK

17 kB

URL GET
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.178.74:443
ASN
#15169 GOOGLE

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint06:13:4C:49:F4:23:BB:58:C3:31:41:0E:F9:E0:C5:EF:74:A9:0C:67
ValidityMon, 31 Mar 2025 08:55:35 GMT - Mon, 23 Jun 2025 08:55:34 GMT

File type
ASCII text, with very long lines (1572)
Size
17 kB (16755 bytes)
Hash
079d175a37af415fe31b05b4ee3f0c6d
e14b499ae075d1437a3d19c061ce5c47e70ebaf9
9407ac88551e3046045786d43d427ded47b0133ac0acb85f8604743885d06d4b

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 18 Apr 2025 17:08:06 GMT
date: Fri, 18 Apr 2025 17:08:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/oct2024/3/css/style.css

188.114.97.1

200 OK

10 kB

URL GET
cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/oct2024/3/css/style.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
Fingerprint0B:D7:09:43:6C:42:76:92:3B:8C:0E:15:43:A3:A3:AC:94:B2:C2:CB
ValiditySun, 13 Apr 2025 21:34:38 GMT - Sat, 12 Jul 2025 22:33:20 GMT

File type
ASCII text
Size
10 kB (10008 bytes)
Hash
8e2b823b6de6509e79ba3d1e1ef6ef55
b937a4666fe32721cac699123ea78872acc839a0
6a0a6ae471e19a24f9f9a463718deb8570927f2c4ff9f0e292b2e44186d54a6a

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/oct2024/3/css/style.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hianimez.to
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Apr 2025 17:08:06 GMT
content-type: text/css
server: cloudflare
last-modified: Tue, 08 Oct 2024 11:36:49 GMT
etag: W/"67051951-2718"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: HIT
age: 124897
cf-ray: 9325c3243d315691-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/oct2024/3/img/close.svg

188.114.97.1

200 OK

1.0 kB

URL GET
cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/oct2024/3/img/close.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
Fingerprint0B:D7:09:43:6C:42:76:92:3B:8C:0E:15:43:A3:A3:AC:94:B2:C2:CB
ValiditySun, 13 Apr 2025 21:34:38 GMT - Sat, 12 Jul 2025 22:33:20 GMT

File type
SVG Scalable Vector Graphics image
Size
1.0 kB (1045 bytes)
Hash
26dd89033221449321cb8c527a691faf
983f7411316deafd84c8cd91fae81b54b583771a
f753b8837c88daa22f91f3fa6d73148ec95ae850b821e0d21c86dcbe30be6733

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/oct2024/3/img/close.svg HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Apr 2025 17:08:06 GMT
content-type: image/svg+xml
server: cloudflare
last-modified: Mon, 29 Jan 2024 13:35:31 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 557300
etag: W/"65b7a9a3-415"
content-encoding: br
cf-ray: 9325c325d8ffb51d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

hianimez.to/images/logo.png?v=0.1

104.22.60.126

200 OK

12 kB

URL GET
hianimez.to/images/logo.png?v=0.1
IP
104.22.60.126:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subjecthianimez.to
FingerprintF8:51:79:F5:8B:FA:D3:E9:96:88:63:17:72:3A:52:B3:DE:08:21:56
ValidityTue, 08 Apr 2025 02:44:33 GMT - Mon, 07 Jul 2025 03:40:36 GMT

File type
PNG image data, 823 x 200, 8-bit/color RGBA, non-interlaced
Size
12 kB (11692 bytes)
Hash
492a93ad00dcf6963fcbb9fb68f30e41
cda7d03d383c904b0c042e49b7ec87815c1623f2
3993c075ef585ca3b0d101603170a1e8b8e816598a6ba5e167560c11dfbfd4bd

HTTP Headers

GET /images/logo.png?v=0.1 HTTP/1.1
Host: hianimez.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Apr 2025 17:07:54 GMT
content-type: image/png
content-length: 11692
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0, 1; mode=block
cache-control: public, max-age=31536000
last-modified: Mon, 26 Feb 2024 18:22:38 GMT
etag: W/"2dac-18de6a79489"
cf-cache-status: HIT
age: 733230
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 9325c2da8b0c0b31-OSL
X-Firefox-Spdy: h2

lucidlylibellous.com/67/84/54/67845425021f776b630c899590731bf0.js

172.240.108.68

403 Forbidden

0 B

URL GET
lucidlylibellous.com/67/84/54/67845425021f776b630c899590731bf0.js
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://hianimez.to/
Certificate
IssuerLet's Encrypt
Subjectlucidlylibellous.com
FingerprintC7:EA:67:E4:BE:CA:48:33:0E:C1:95:53:C4:EF:27:65:B8:50:C7:B8
ValidityWed, 26 Mar 2025 07:13:18 GMT - Tue, 24 Jun 2025 07:13:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /67/84/54/67845425021f776b630c899590731bf0.js HTTP/1.1
Host: lucidlylibellous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Fri, 18 Apr 2025 17:07:55 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 2
Host: lucidlylibellous.com

unseenreport.com/pxf.gif?uuid=641ff0d1-b701-4796-9cca-e8e87ebf62dd&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=67845425021f776b630c899590731bf0&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17

192.243.61.225

200 OK

0 B

URL GET
unseenreport.com/pxf.gif?uuid=641ff0d1-b701-4796-9cca-e8e87ebf62dd&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=67845425021f776b630c899590731bf0&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://hianimez.to/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintE0:4C:2E:29:FF:E3:0A:E7:2C:96:4B:AD:13:1B:9D:AB:A0:91:35:A7
ValidityTue, 18 Mar 2025 22:26:47 GMT - Mon, 16 Jun 2025 22:26:46 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=641ff0d1-b701-4796-9cca-e8e87ebf62dd&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=67845425021f776b630c899590731bf0&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 18 Apr 2025 17:07:59 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: b2513cfa4ec767567a8d0c8446432431
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.178.99

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:05:36:C2:8E:4C:CD:95:1E:1C:75:06:44:A3:57:E5:C0:17:02:80
ValidityMon, 31 Mar 2025 08:55:35 GMT - Mon, 23 Jun 2025 08:55:34 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hianimez.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Apr 2025 18:15:43 GMT
expires: Fri, 17 Apr 2026 18:15:43 GMT
cache-control: public, max-age=31536000
age: 82343
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

lucidlylibellous.com/54/b5/36/54b536712684480f5bddc4d3fd1ac8a1.js

172.240.108.68

403 Forbidden

0 B

URL GET
lucidlylibellous.com/54/b5/36/54b536712684480f5bddc4d3fd1ac8a1.js
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://hianimez.to/
Certificate
IssuerLet's Encrypt
Subjectlucidlylibellous.com
FingerprintC7:EA:67:E4:BE:CA:48:33:0E:C1:95:53:C4:EF:27:65:B8:50:C7:B8
ValidityWed, 26 Mar 2025 07:13:18 GMT - Tue, 24 Jun 2025 07:13:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /54/b5/36/54b536712684480f5bddc4d3fd1ac8a1.js HTTP/1.1
Host: lucidlylibellous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Fri, 18 Apr 2025 17:07:55 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 1
Host: lucidlylibellous.com

hianimez.to/images/icons-512.png

104.22.60.126

200 OK

120 kB

URL GET
hianimez.to/images/icons-512.png
IP
104.22.60.126:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subjecthianimez.to
FingerprintF8:51:79:F5:8B:FA:D3:E9:96:88:63:17:72:3A:52:B3:DE:08:21:56
ValidityTue, 08 Apr 2025 02:44:33 GMT - Mon, 07 Jul 2025 03:40:36 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
120 kB (120169 bytes)
Hash
1c9db96287f5f34a216e5456cb67d0c0
25653c740f5edef076f8cae2cd718b7c16fb14d2
9045948928a3f44012fe6e4a4c38388185e7ffd945309c356ae3fda8ee62c8f9

HTTP Headers

GET /images/icons-512.png HTTP/1.1
Host: hianimez.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Cookie: _ga_R34F2GCSBW=GS1.1.1744996076.1.0.1744996076.0.0.0; _ga=GA1.1.112925923.1744996076; dom3ic8zudi28v8lr6fgphwffqoz0j6c=641ff0d1-b701-4796-9cca-e8e87ebf62dd%3A2%3A1; pp_main_67845425021f776b630c899590731bf0=1; pp_idelay_67845425021f776b630c899590731bf0=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Apr 2025 17:07:58 GMT
content-type: image/png
content-length: 120169
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0, 1; mode=block
cache-control: public, max-age=31536000
last-modified: Sun, 25 Feb 2024 16:11:44 GMT
etag: W/"1d569-18de1095f7b"
cf-cache-status: HIT
age: 557277
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 9325c2f1dbe70b31-OSL
X-Firefox-Spdy: h2

cdn.show-creative1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/oct2024/3/index.html

104.21.15.229

200 OK

1.7 kB

URL GET
cdn.show-creative1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/oct2024/3/index.html
IP
104.21.15.229:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subjectshow-creative1.com
FingerprintD3:C1:A6:45:82:43:2C:7C:0D:7C:D7:C3:C6:14:69:76:D9:C9:2B:FE
ValiditySun, 13 Apr 2025 18:33:42 GMT - Sat, 12 Jul 2025 19:32:30 GMT

File type
HTML document, ASCII text
Size
1.7 kB (1726 bytes)
Hash
a98c5425fda3d36c0762837be45e126a
d7b582c95077df07de47fe688837ac27f4b3409e
4d56c384a81b0fcd99f0e540c60cb6ad7564b119662f10deda5128e12a368bf7

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/oct2024/3/index.html HTTP/1.1
Host: cdn.show-creative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hianimez.to
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Apr 2025 17:08:06 GMT
content-type: text/html
server: cloudflare
last-modified: Tue, 08 Oct 2024 11:43:45 GMT
vary: accept-encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9325c31f4d3a712a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

shotgunchancecruel.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-creative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2Foct2024%2F3%2Findex.html&l=1726&fd=571

172.240.108.76

200 OK

0 B

URL GET
shotgunchancecruel.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-creative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2Foct2024%2F3%2Findex.html&l=1726&fd=571
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://hianimez.to/
Certificate
IssuerLet's Encrypt
Subjectshotgunchancecruel.com
Fingerprint0C:D3:F1:8B:BC:8A:18:C0:64:49:9C:C1:D7:F5:0C:C7:24:2B:06:04
ValidityWed, 19 Feb 2025 02:30:57 GMT - Tue, 20 May 2025 02:30:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-creative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2Foct2024%2F3%2Findex.html&l=1726&fd=571 HTTP/1.1
Host: shotgunchancecruel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 18 Apr 2025 17:08:06 GMT
Content-Length: 0
Connection: keep-alive
Host: shotgunchancecruel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

172.240.108.76

200 OK

0 B

URL GET
shotgunchancecruel.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2Foct2024%2F3%2Fcss%2Fanimate.css&l=79245&fd=300
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://hianimez.to/
Certificate
IssuerLet's Encrypt
Subjectshotgunchancecruel.com
Fingerprint0C:D3:F1:8B:BC:8A:18:C0:64:49:9C:C1:D7:F5:0C:C7:24:2B:06:04
ValidityWed, 19 Feb 2025 02:30:57 GMT - Tue, 20 May 2025 02:30:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2Foct2024%2F3%2Fcss%2Fanimate.css&l=79245&fd=300 HTTP/1.1
Host: shotgunchancecruel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 18 Apr 2025 17:08:06 GMT
Content-Length: 0
Connection: keep-alive
Host: shotgunchancecruel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css

104.18.10.207

200 OK

160 kB

URL GET
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
Fingerprint90:B1:98:4A:7E:D6:37:CF:9B:DC:7D:67:82:58:17:6C:F7:F6:11:DE
ValiditySun, 16 Mar 2025 01:14:49 GMT - Sat, 14 Jun 2025 02:14:23 GMT

File type
ASCII text, with very long lines (65324)
Size
160 kB (159515 bytes)
Hash
7cc40c199d128af6b01e74a28c5900b0
d305110fb79113a961394b433d851a3410342b8c
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

HTTP Headers

GET /bootstrap/4.4.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Apr 2025 17:07:55 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"7cc40c199d128af6b01e74a28c5900b0"
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 03/18/2024 12:50:34
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 874
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: bae7f19455fe160afc3fea6ed1fffa09
cdn-cache: HIT
cf-cache-status: HIT
age: 230382
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 9325c2df3b5d56c4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

142.250.74.42

200 OK

87 kB

URL GET
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint06:13:4C:49:F4:23:BB:58:C3:31:41:0E:F9:E0:C5:EF:74:A9:0C:67
ValidityMon, 31 Mar 2025 08:55:35 GMT - Mon, 23 Jun 2025 08:55:34 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
87 kB (86927 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Apr 2025 09:53:34 GMT
expires: Sat, 18 Apr 2026 09:53:34 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 26061
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

104.18.10.207

200 OK

51 kB

URL GET
maxcdn.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
Fingerprint90:B1:98:4A:7E:D6:37:CF:9B:DC:7D:67:82:58:17:6C:F7:F6:11:DE
ValiditySun, 16 Mar 2025 01:14:49 GMT - Sat, 14 Jun 2025 02:14:23 GMT

File type
JavaScript source, ASCII text, with very long lines (50758)
Size
51 kB (51039 bytes)
Hash
67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

HTTP Headers

GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Apr 2025 17:07:55 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: "67176c242e1bdc20603c878dee836df3"
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/04/2024 02:53:43
cdn-edgestorageid: 1029
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: 785086e9c71f6bb4d2f7dace7bf7b0cf
cdn-cache: HIT
cf-cache-status: HIT
age: 577020
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 9325c2df3ff37128-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/turnstile/v0/g/44e6f86df4dc/api.js

104.18.94.41

200 OK

48 kB

URL GET
challenges.cloudflare.com/turnstile/v0/g/44e6f86df4dc/api.js
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28
ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT

File type
JavaScript source, ASCII text, with very long lines (48122)
Size
48 kB (48123 bytes)
Hash
3ed4ab6463fdabe2783a7a7828e94177
c80f67f86421dd2c071d5abc70337877db648266
91ce8bcef253fa49b7bbec10fa3c456261336414caa9da52e94988b6a44d1780

HTTP Headers

GET /turnstile/v0/g/44e6f86df4dc/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hianimez.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 18 Apr 2025 17:07:55 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 15 Apr 2025 10:23:44 GMT
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
priority: u=2,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 9325c2e0fdd456af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/oct2024/3/css/animate.css

188.114.97.1

200 OK

79 kB

URL GET
cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/oct2024/3/css/animate.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
Fingerprint0B:D7:09:43:6C:42:76:92:3B:8C:0E:15:43:A3:A3:AC:94:B2:C2:CB
ValiditySun, 13 Apr 2025 21:34:38 GMT - Sat, 12 Jul 2025 22:33:20 GMT

File type
ASCII text
Size
79 kB (79245 bytes)
Hash
80047eaa13ebd50c50e8a9753621e430
9c503e07d130572a0eaf51f7c02cbd4cf6213fe3
3f831a59615f8d5d40b4340b2836f91438c876f8dbce75f78e38360d6fe0f429

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/oct2024/3/css/animate.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hianimez.to
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Apr 2025 17:08:06 GMT
content-type: text/css
server: cloudflare
last-modified: Mon, 29 Jan 2024 13:35:31 GMT
etag: W/"65b7a9a3-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: HIT
age: 124897
cf-ray: 9325c3243d3d5691-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-R34F2GCSBW

142.250.178.40

200 OK

390 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-R34F2GCSBW
IP
142.250.178.40:443
ASN
#15169 GOOGLE

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintB7:82:F3:C7:93:B0:60:B0:83:49:F8:74:0D:49:78:23:65:0B:37:01
ValidityMon, 31 Mar 2025 08:54:29 GMT - Mon, 23 Jun 2025 08:54:28 GMT

File type
JavaScript source, ASCII text, with very long lines (6129)
Size
390 kB (389502 bytes)
Hash
c5fe7c69b8424aba3d3139eea75254ed
d5a8923fbade2f65fe142cc2fcf56aa53e2c3000
533c195924d40f0db3e18608e1b7b3efb5200cebeb690e8ed6e13159b6f29669

HTTP Headers

GET /gtag/js?id=G-R34F2GCSBW HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 18 Apr 2025 17:07:55 GMT
expires: Fri, 18 Apr 2025 17:07:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1055:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1055:0
report-to: {"group":"ascgcycc:1055:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1055:0"}],}
server: Google Tag Manager
content-length: 128264
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

hianimez.to/css/home.css?v=0.9

104.22.60.126

200 OK

15 kB

URL GET
hianimez.to/css/home.css?v=0.9
IP
104.22.60.126:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subjecthianimez.to
FingerprintF8:51:79:F5:8B:FA:D3:E9:96:88:63:17:72:3A:52:B3:DE:08:21:56
ValidityTue, 08 Apr 2025 02:44:33 GMT - Mon, 07 Jul 2025 03:40:36 GMT

File type
ASCII text
Size
15 kB (15321 bytes)
Hash
39cd3e3ddcfb88f677b57dc882f2d94b
bcc16221b87fa920a6c43eb57371029660c8b9c4
c2f2a7cb2b4ea3a244a975900e75fc64588897dfb76d87e406e406a312c8dd5d

HTTP Headers

GET /css/home.css?v=0.9 HTTP/1.1
Host: hianimez.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Apr 2025 17:07:54 GMT
content-type: text/css; charset=UTF-8
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0, 1; mode=block
cache-control: public, max-age=31536000
last-modified: Wed, 19 Feb 2025 07:56:53 GMT
etag: W/"3bd9-1951d35b369"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 154818
server: cloudflare
cf-ray: 9325c2da6ae90b31-OSL
X-Firefox-Spdy: h2

cdn.noitatnemucod.net/avatar/100x100/one_piece/user-08.jpeg

188.114.97.1

200 OK

13 kB

URL GET
cdn.noitatnemucod.net/avatar/100x100/one_piece/user-08.jpeg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subjectnoitatnemucod.net
Fingerprint35:41:A3:E5:FE:54:64:D1:E2:26:43:FF:9F:D3:43:74:D5:D7:F3:07
ValidityMon, 14 Apr 2025 08:44:51 GMT - Sun, 13 Jul 2025 09:42:17 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", progressive, precision 8, 100x100, components 3
Size
13 kB (13383 bytes)
Hash
9518e7b109bfa037c236e1356b5950e9
4665377b18c4f61dcb9bc9cbf2b1dffb892a688a
008367c0305322f934186cf6eddced714a5d9089a60d9e0e4ad5e986ebe7d0a7

HTTP Headers

GET /avatar/100x100/one_piece/user-08.jpeg HTTP/1.1
Host: cdn.noitatnemucod.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Apr 2025 17:07:54 GMT
content-type: image/jpeg
content-length: 13383
server: cloudflare
accept-ranges: bytes
last-modified: Thu, 17 Jun 2021 07:51:01 GMT
vary: Accept-Encoding
etag: W/"60cafee5-111be"
x-cache: HIT
cache-control: max-age=14400
cf-cache-status: HIT
age: 924
cf-ray: 9325c2dbfbe2b512-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

lucidlylibellous.com/67/84/54/67845425021f776b630c899590731bf0.js

172.240.108.68

200 OK

97 kB

URL GET
lucidlylibellous.com/67/84/54/67845425021f776b630c899590731bf0.js
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://hianimez.to/
Certificate
IssuerLet's Encrypt
Subjectlucidlylibellous.com
FingerprintC7:EA:67:E4:BE:CA:48:33:0E:C1:95:53:C4:EF:27:65:B8:50:C7:B8
ValidityWed, 26 Mar 2025 07:13:18 GMT - Tue, 24 Jun 2025 07:13:17 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
97 kB (96701 bytes)
Hash
114f341be85c73c12a35e58b3f7a4d1f
ab2bddacc3bd51ab38e7048d55de871014109432
f2eccf6ff69f958e83f0f9a5fca8810f1dc608be4441a917ba9a783c75d5a223

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /67/84/54/67845425021f776b630c899590731bf0.js HTTP/1.1
Host: lucidlylibellous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 18 Apr 2025 17:07:57 GMT
Content-Type: application/javascript
Content-Length: 29962
Connection: keep-alive
content-encoding: gzip
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 7
Host: lucidlylibellous.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: f26c78bbbd63e96362c03f99cdc6d028
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

recordedthereby.com/sfp.js

185.196.197.72

200 OK

85 kB

URL GET
recordedthereby.com/sfp.js
IP
185.196.197.72:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://hianimez.to/
Certificate
IssuerLet's Encrypt
Subjectrecordedthereby.com
Fingerprint19:45:8B:8A:1B:43:8F:CB:7D:D5:AA:7C:FF:FA:04:93:35:CA:9D:47
ValidityThu, 06 Mar 2025 21:25:47 GMT - Wed, 04 Jun 2025 21:25:46 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
85 kB (85380 bytes)
Hash
108625937affa4b38bb17cea65510d72
2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee
c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 18 Apr 2025 17:07:58 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28255
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 7175fa2b9df0dcad55198583d55d595a
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

experttrafficcounter.com/stats

35.156.209.115

200 OK

40 B

URL GET
experttrafficcounter.com/stats
IP
35.156.209.115:443
ASN
#16509 AMAZON-02

Requested by
https://hianimez.to/
Certificate
IssuerAmazon
Subjectexperttrafficcounter.com
FingerprintEE:A0:89:D0:CF:A2:E2:EC:50:6D:6C:20:D2:5A:BB:B9:8C:6E:3F:CC
ValidityThu, 23 Jan 2025 00:00:00 GMT - Sat, 21 Feb 2026 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
a78bca103641f6da860a234fda7c8e45
37518514687845417cdd752074fc4f0ab2d5ae4d
80dd6d69defb8298fc4866931004b695780982b92fbe6748fa50a1c6ad8c61f1

HTTP Headers

GET /stats HTTP/1.1
Host: experttrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hianimez.to
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Cookie: uid_id2=641ff0d1-b701-4796-9cca-e8e87ebf62dd:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Apr 2025 17:07:58 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://hianimez.to
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

shotgunchancecruel.com/ren.gif?sid=H4sIAAAAAAAC_1RSUWscVRS-sy2-9EEs0hcRFiyi4G5mZmdnd9sHMdaW0JiEphJERO7MvbO55s7c8d6Znc0-BQMlj4tP4tPk26TBWER_gKAb3ypCVxAiNA_6E8Q-y24XVs_DOec73wx857vnwWF-QTzk9HzjfTUQUtKlZt2uvrElEqYKU127X3Xsun2zuiUS37tZ7U-T7t1wGl7dfrN6h4c7asm1Hdt2bKd6W2geqf7SjIVIH3Wceseue27daXro6_9jk1sw1ALrXZCrEGzy4l_RRxDhGEn83S1udjKVvvVenEuaKY0eO_kg2UlUkSBetJG2ECUn86-hzISQLytQycl8A6je0XQDBGJCKteeIkhO5jIR9I6fKw0keIKAXUHRG4PLMQQdI1T7EOwJAUKGtXUk8cM1pQu6-5ylU3ZCLj_7G6KYkMtPX0YSf7ssRb-6qWSeCZUY9KMSoj-G6I6R5mfIBhWI4gxh9jkE-5UsPVtFEh-tG6kg2Pl133OiyGZOLWjZTs1rdfxaJwxpjbd5u8WDyHcZm1kkojEkH4KaCnJjIRcW8shCnlqI2XnVs9te6NCGH3VY2LI96nmMB3an7do27YQt5OFU_xBZOkQohwj1HlK9hx0xhM5_hNkuYZgFkxH0WImCExSGoKAEhSAoMoKiVx4zaVxTPmTS5IEzr-68NsqRyrqH9FhlXZ4QUD2EZuWRSD8z-wizS6NBZO6O1DTRIDtd3qz5ba_mfeKMaMDKw_SCvDQ12Tq4_jt2-Hm16QXNht9yXL_teW07agaMhR5rRMyhYZs6MKKEMBVQY2EgJuTOlZ-Qigl5_eM_ENAzGDlGKK6B5q-CFiXodolBcrotaCJiXs8UmCqRZpeR7VqH8oK8MnvkD_-0wMPHZB4IdYlUl_hU_EzQlQeje6ogR_dUYcj362kmYjGg0wPYzGjGXzi9y3cLpdnKLTP8-p1wSkzbR_e5yVZpwkTSNeSbZcEY17eVDjn5YcVs8WAjN9vLuU7ydHXj3dsrcaq5MUIlY1Dx5DUXoZiQq1_x2Wm7v9yA0GPovEScL5QKdYYw3YNJFzOjCLRc4CC1UOTlSLvBYigFgeQLTIMS5j84WPQjTad_U1EemgN0dQU020cSl-jpEj1ZgsohTH5plKX68du_NWaBQFZGgdSVo0Bq-cXM5Gm6BCPOq003aPjtts8jn0UN1nAbrNO0ecejHd_reE1kZrJdefDPvwEAAP__lb69mcEEAAA=

172.240.108.76

200 OK

0 B

URL GET
shotgunchancecruel.com/ren.gif?sid=H4sIAAAAAAAC_1RSUWscVRS-sy2-9EEs0hcRFiyi4G5mZmdnd9sHMdaW0JiEphJERO7MvbO55s7c8d6Znc0-BQMlj4tP4tPk26TBWER_gKAb3ypCVxAiNA_6E8Q-y24XVs_DOec73wx857vnwWF-QTzk9HzjfTUQUtKlZt2uvrElEqYKU127X3Xsun2zuiUS37tZ7U-T7t1wGl7dfrN6h4c7asm1Hdt2bKd6W2geqf7SjIVIH3Wceseue27daXro6_9jk1sw1ALrXZCrEGzy4l_RRxDhGEn83S1udjKVvvVenEuaKY0eO_kg2UlUkSBetJG2ECUn86-hzISQLytQycl8A6je0XQDBGJCKteeIkhO5jIR9I6fKw0keIKAXUHRG4PLMQQdI1T7EOwJAUKGtXUk8cM1pQu6-5ylU3ZCLj_7G6KYkMtPX0YSf7ssRb-6qWSeCZUY9KMSoj-G6I6R5mfIBhWI4gxh9jkE-5UsPVtFEh-tG6kg2Pl133OiyGZOLWjZTs1rdfxaJwxpjbd5u8WDyHcZm1kkojEkH4KaCnJjIRcW8shCnlqI2XnVs9te6NCGH3VY2LI96nmMB3an7do27YQt5OFU_xBZOkQohwj1HlK9hx0xhM5_hNkuYZgFkxH0WImCExSGoKAEhSAoMoKiVx4zaVxTPmTS5IEzr-68NsqRyrqH9FhlXZ4QUD2EZuWRSD8z-wizS6NBZO6O1DTRIDtd3qz5ba_mfeKMaMDKw_SCvDQ12Tq4_jt2-Hm16QXNht9yXL_teW07agaMhR5rRMyhYZs6MKKEMBVQY2EgJuTOlZ-Qigl5_eM_ENAzGDlGKK6B5q-CFiXodolBcrotaCJiXs8UmCqRZpeR7VqH8oK8MnvkD_-0wMPHZB4IdYlUl_hU_EzQlQeje6ogR_dUYcj362kmYjGg0wPYzGjGXzi9y3cLpdnKLTP8-p1wSkzbR_e5yVZpwkTSNeSbZcEY17eVDjn5YcVs8WAjN9vLuU7ydHXj3dsrcaq5MUIlY1Dx5DUXoZiQq1_x2Wm7v9yA0GPovEScL5QKdYYw3YNJFzOjCLRc4CC1UOTlSLvBYigFgeQLTIMS5j84WPQjTad_U1EemgN0dQU020cSl-jpEj1ZgsohTH5plKX68du_NWaBQFZGgdSVo0Bq-cXM5Gm6BCPOq003aPjtts8jn0UN1nAbrNO0ecejHd_reE1kZrJdefDPvwEAAP__lb69mcEEAAA=
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://hianimez.to/
Certificate
IssuerLet's Encrypt
Subjectshotgunchancecruel.com
Fingerprint0C:D3:F1:8B:BC:8A:18:C0:64:49:9C:C1:D7:F5:0C:C7:24:2B:06:04
ValidityWed, 19 Feb 2025 02:30:57 GMT - Tue, 20 May 2025 02:30:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC_1RSUWscVRS-sy2-9EEs0hcRFiyi4G5mZmdnd9sHMdaW0JiEphJERO7MvbO55s7c8d6Znc0-BQMlj4tP4tPk26TBWER_gKAb3ypCVxAiNA_6E8Q-y24XVs_DOec73wx857vnwWF-QTzk9HzjfTUQUtKlZt2uvrElEqYKU127X3Xsun2zuiUS37tZ7U-T7t1wGl7dfrN6h4c7asm1Hdt2bKd6W2geqf7SjIVIH3Wceseue27daXro6_9jk1sw1ALrXZCrEGzy4l_RRxDhGEn83S1udjKVvvVenEuaKY0eO_kg2UlUkSBetJG2ECUn86-hzISQLytQycl8A6je0XQDBGJCKteeIkhO5jIR9I6fKw0keIKAXUHRG4PLMQQdI1T7EOwJAUKGtXUk8cM1pQu6-5ylU3ZCLj_7G6KYkMtPX0YSf7ssRb-6qWSeCZUY9KMSoj-G6I6R5mfIBhWI4gxh9jkE-5UsPVtFEh-tG6kg2Pl133OiyGZOLWjZTs1rdfxaJwxpjbd5u8WDyHcZm1kkojEkH4KaCnJjIRcW8shCnlqI2XnVs9te6NCGH3VY2LI96nmMB3an7do27YQt5OFU_xBZOkQohwj1HlK9hx0xhM5_hNkuYZgFkxH0WImCExSGoKAEhSAoMoKiVx4zaVxTPmTS5IEzr-68NsqRyrqH9FhlXZ4QUD2EZuWRSD8z-wizS6NBZO6O1DTRIDtd3qz5ba_mfeKMaMDKw_SCvDQ12Tq4_jt2-Hm16QXNht9yXL_teW07agaMhR5rRMyhYZs6MKKEMBVQY2EgJuTOlZ-Qigl5_eM_ENAzGDlGKK6B5q-CFiXodolBcrotaCJiXs8UmCqRZpeR7VqH8oK8MnvkD_-0wMPHZB4IdYlUl_hU_EzQlQeje6ogR_dUYcj362kmYjGg0wPYzGjGXzi9y3cLpdnKLTP8-p1wSkzbR_e5yVZpwkTSNeSbZcEY17eVDjn5YcVs8WAjN9vLuU7ydHXj3dsrcaq5MUIlY1Dx5DUXoZiQq1_x2Wm7v9yA0GPovEScL5QKdYYw3YNJFzOjCLRc4CC1UOTlSLvBYigFgeQLTIMS5j84WPQjTad_U1EemgN0dQU020cSl-jpEj1ZgsohTH5plKX68du_NWaBQFZGgdSVo0Bq-cXM5Gm6BCPOq003aPjtts8jn0UN1nAbrNO0ecejHd_reE1kZrJdefDPvwEAAP__lb69mcEEAAA= HTTP/1.1
Host: shotgunchancecruel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 18 Apr 2025 17:08:05 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 1
Host: shotgunchancecruel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 8fe2575217b8fbadf0a5fad94c5c85fb
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600&display=swap

142.250.178.74

200 OK

3.4 kB

URL GET
fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600&display=swap
IP
142.250.178.74:443
ASN
#15169 GOOGLE

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint06:13:4C:49:F4:23:BB:58:C3:31:41:0E:F9:E0:C5:EF:74:A9:0C:67
ValidityMon, 31 Mar 2025 08:55:35 GMT - Mon, 23 Jun 2025 08:55:34 GMT

File type
ASCII text
Size
3.4 kB (3376 bytes)
Hash
9e34784d8886209c2e5e1c6d3ccce42a
6bfdcaa46df1040def7376d4647f2ca209387c82
cbe4dbbe6f10552fb3ba740dccf6949edffd490acbc2096867ab0b3e8248767d

HTTP Headers

GET /css2?family=Poppins:wght@300;400;500;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 18 Apr 2025 17:07:55 GMT
date: Fri, 18 Apr 2025 17:07:55 GMT
cache-control: private, max-age=86400
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.noitatnemucod.net/avatar/100x100/spy_family/01.png

188.114.97.1

200 OK

15 kB

URL GET
cdn.noitatnemucod.net/avatar/100x100/spy_family/01.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subjectnoitatnemucod.net
Fingerprint35:41:A3:E5:FE:54:64:D1:E2:26:43:FF:9F:D3:43:74:D5:D7:F3:07
ValidityMon, 14 Apr 2025 08:44:51 GMT - Sun, 13 Jul 2025 09:42:17 GMT

File type
PNG image data, 99 x 100, 8-bit/color RGBA, interlaced
Size
15 kB (14770 bytes)
Hash
1ceddf58f0bc79ef303d95062e613d52
e67f798d2c07e6206902f94fcc84211fb3781e45
272ad9ac1a0131a0cdc36a856f8cf5ea67689fecf0cfee3f0b97a5e79b26edb5

HTTP Headers

GET /avatar/100x100/spy_family/01.png HTTP/1.1
Host: cdn.noitatnemucod.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Apr 2025 17:07:54 GMT
content-type: image/png
content-length: 14770
server: cloudflare
accept-ranges: bytes
last-modified: Wed, 03 Aug 2022 23:57:26 GMT
vary: Accept-Encoding
etag: W/"62eb0b66-334c1"
x-cache: HIT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1271
cf-ray: 9325c2dc0c09b512-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.noitatnemucod.net/avatar/100x100/dragon_ball/av-db-03.jpeg

188.114.97.1

200 OK

13 kB

URL GET
cdn.noitatnemucod.net/avatar/100x100/dragon_ball/av-db-03.jpeg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subjectnoitatnemucod.net
Fingerprint35:41:A3:E5:FE:54:64:D1:E2:26:43:FF:9F:D3:43:74:D5:D7:F3:07
ValidityMon, 14 Apr 2025 08:44:51 GMT - Sun, 13 Jul 2025 09:42:17 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", progressive, precision 8, 100x100, components 3
Size
13 kB (12941 bytes)
Hash
79c171db1f6d55d99d43dd4cc122aaf7
b9ca7533f4e76e10275af038cd42e9a9c1c6b296
6e77156311bcc3eb86cafc9c9fb672761e6fc160eb60a4d604d9df31f4352700

HTTP Headers

GET /avatar/100x100/dragon_ball/av-db-03.jpeg HTTP/1.1
Host: cdn.noitatnemucod.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Apr 2025 17:07:54 GMT
content-type: image/jpeg
content-length: 12941
server: cloudflare
accept-ranges: bytes
last-modified: Thu, 17 Jun 2021 07:51:56 GMT
vary: Accept-Encoding
etag: W/"60caff1c-d15a"
x-cache: HIT
cache-control: max-age=14400
cf-cache-status: HIT
age: 53
cf-ray: 9325c2dbfbe6b512-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2

104.21.27.152

200 OK

67 kB

URL GET
use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2
IP
104.21.27.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subjectuse.fontawesome.com
Fingerprint35:EC:02:D7:73:13:A8:D4:94:28:42:85:E4:B3:7F:06:4F:C4:1B:CE
ValidityThu, 06 Mar 2025 00:21:22 GMT - Wed, 04 Jun 2025 01:21:21 GMT

File type
Web Open Font Format (Version 2), TrueType, length 67400, version 1.0
Size
67 kB (67400 bytes)
Hash
14a08198ec7d1eb96d515362293fed36
965d78c34637d1bdab6277805faecb6caa959669
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d

HTTP Headers

GET /releases/v5.3.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hianimez.to
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Apr 2025 17:07:56 GMT
content-type: font/woff2
content-length: 67400
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "14a08198ec7d1eb96d515362293fed36"
last-modified: Fri, 22 Sep 2023 01:45:31 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 730248
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jhn8VwjtjM6eADnXXDD1p289pwthDSR44XFgXiqBoxjttNjjYV0%2FSOE2JUGON0zxHOmXKPgijUfQqEAQfmBNfaL6nlRt1boGnogJ4Sta6td2llw5KER3Og2drdFPSjnyAUYGNqrg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9325c2e6eef356c4-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=598&min_rtt=475&rtt_var=228&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3199&recv_bytes=1151&delivery_rate=4529718&cwnd=253&unsent_bytes=0&cid=ebc025916ba8ce19&ts=64&x=0"
X-Firefox-Spdy: h2

experttrafficcounter.com/stats

35.156.209.115

200 OK

40 B

URL GET
experttrafficcounter.com/stats
IP
35.156.209.115:443
ASN
#16509 AMAZON-02

Requested by
https://hianimez.to/
Certificate
IssuerAmazon
Subjectexperttrafficcounter.com
FingerprintEE:A0:89:D0:CF:A2:E2:EC:50:6D:6C:20:D2:5A:BB:B9:8C:6E:3F:CC
ValidityThu, 23 Jan 2025 00:00:00 GMT - Sat, 21 Feb 2026 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
a78bca103641f6da860a234fda7c8e45
37518514687845417cdd752074fc4f0ab2d5ae4d
80dd6d69defb8298fc4866931004b695780982b92fbe6748fa50a1c6ad8c61f1

HTTP Headers

GET /stats HTTP/1.1
Host: experttrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hianimez.to
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Apr 2025 17:07:57 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://hianimez.to
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=641ff0d1-b701-4796-9cca-e8e87ebf62dd:2:1; expires=Mon, 16 Apr 2035 17:07:57 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.178.99

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:05:36:C2:8E:4C:CD:95:1E:1C:75:06:44:A3:57:E5:C0:17:02:80
ValidityMon, 31 Mar 2025 08:55:35 GMT - Mon, 23 Jun 2025 08:55:34 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hianimez.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Apr 2025 18:15:43 GMT
expires: Fri, 17 Apr 2026 18:15:43 GMT
cache-control: public, max-age=31536000
age: 82343
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

hianimez.to/

104.22.60.126

200 OK

29 kB

URL User Request GET
hianimez.to/
IP
104.22.60.126:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjecthianimez.to
FingerprintF8:51:79:F5:8B:FA:D3:E9:96:88:63:17:72:3A:52:B3:DE:08:21:56
ValidityTue, 08 Apr 2025 02:44:33 GMT - Mon, 07 Jul 2025 03:40:36 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (539), with CRLF, LF line terminators
Size
29 kB (29411 bytes)
Hash
136245c27a725a3bed54ccc4c0bf40fa
a6c558aefd31797bdb5550e3a7c7af5f3f9d978d
143429bc10189df43e895cb9be0ffb162e96edc70cb1328cc6231fc3444b3f07

HTTP Headers

GET / HTTP/1.1
Host: hianimez.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

cdn.noitatnemucod.net/avatar/100x100/tha/02.jpg

188.114.97.1

200 OK

11 kB

URL GET
cdn.noitatnemucod.net/avatar/100x100/tha/02.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subjectnoitatnemucod.net
Fingerprint35:41:A3:E5:FE:54:64:D1:E2:26:43:FF:9F:D3:43:74:D5:D7:F3:07
ValidityMon, 14 Apr 2025 08:44:51 GMT - Sun, 13 Jul 2025 09:42:17 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", progressive, precision 8, 100x100, components 3
Size
11 kB (11171 bytes)
Hash
df7c6e4b62f7cb63adf98cecb96c1534
0b47051349e12a1da8a2d4e8ccde732408e103de
8011979d361206e9b6780a292817cd63713dea756535743ea6228fcef05f9ea4

HTTP Headers

GET /avatar/100x100/tha/02.jpg HTTP/1.1
Host: cdn.noitatnemucod.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Apr 2025 17:07:54 GMT
content-type: image/jpeg
content-length: 11171
server: cloudflare
accept-ranges: bytes
last-modified: Sun, 26 Dec 2021 19:06:04 GMT
vary: Accept-Encoding
etag: W/"61c8bd1c-70e00"
x-cache: HIT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5187
cf-ray: 9325c2dc0c08b512-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.noitatnemucod.net/avatar/100x100/chainsaw/04.png

188.114.97.1

200 OK

14 kB

URL GET
cdn.noitatnemucod.net/avatar/100x100/chainsaw/04.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subjectnoitatnemucod.net
Fingerprint35:41:A3:E5:FE:54:64:D1:E2:26:43:FF:9F:D3:43:74:D5:D7:F3:07
ValidityMon, 14 Apr 2025 08:44:51 GMT - Sun, 13 Jul 2025 09:42:17 GMT

File type
PNG image data, 99 x 100, 8-bit/color RGBA, interlaced
Size
14 kB (14033 bytes)
Hash
9f64111ea7655f4626d1deb6fd889e81
85446a4a4d289b2b1d624f3e461ffec323f0dd9f
68cb234d6b021d6304d9fb484a81acc49806246bd909d1c31bdcd7911574f1c5

HTTP Headers

GET /avatar/100x100/chainsaw/04.png HTTP/1.1
Host: cdn.noitatnemucod.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Apr 2025 17:07:54 GMT
content-type: image/png
content-length: 14033
server: cloudflare
accept-ranges: bytes
last-modified: Sat, 27 Aug 2022 06:04:56 GMT
vary: Accept-Encoding
etag: W/"6309b408-2c760"
x-cache: HIT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3183
cf-ray: 9325c2dbfbecb512-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-304498478-1&l=dataLayer&cx=c&gtm=45je54g3v9179008765za200&tag_exp=102015666~102803279~102813109~102887800~102926062~103027016~103051953~103055465~103077950~103106314~103106316

142.250.178.40

200 OK

252 kB

URL GET
www.googletagmanager.com/gtag/js?id=UA-304498478-1&l=dataLayer&cx=c&gtm=45je54g3v9179008765za200&tag_exp=102015666~102803279~102813109~102887800~102926062~103027016~103051953~103055465~103077950~103106314~103106316
IP
142.250.178.40:443
ASN
#15169 GOOGLE

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintB7:82:F3:C7:93:B0:60:B0:83:49:F8:74:0D:49:78:23:65:0B:37:01
ValidityMon, 31 Mar 2025 08:54:29 GMT - Mon, 23 Jun 2025 08:54:28 GMT

File type
JavaScript source, ASCII text, with very long lines (2361)
Size
252 kB (252070 bytes)
Hash
34bc54dcea87ea7fb2a96478c63ea08f
37074eba250c3d87b7b28bc66ed30779669daa68
60459083c4d5e1ef277dd50e85549e6c97f089180faea2c2660f346d9d2abec8

HTTP Headers

GET /gtag/js?id=UA-304498478-1&l=dataLayer&cx=c&gtm=45je54g3v9179008765za200&tag_exp=102015666~102803279~102813109~102887800~102926062~103027016~103051953~103055465~103077950~103106314~103106316 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 18 Apr 2025 17:07:56 GMT
expires: Fri, 18 Apr 2025 17:07:56 GMT
cache-control: private, max-age=900
last-modified: Fri, 18 Apr 2025 15:52:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1055:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1055:0
report-to: {"group":"ascgcycc:1055:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1055:0"}],}
server: Google Tag Manager
content-length: 88730
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

lucidlylibellous.com/54/b5/36/54b536712684480f5bddc4d3fd1ac8a1.js

172.240.108.68

200 OK

42 kB

URL GET
lucidlylibellous.com/54/b5/36/54b536712684480f5bddc4d3fd1ac8a1.js
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://hianimez.to/
Certificate
IssuerLet's Encrypt
Subjectlucidlylibellous.com
FingerprintC7:EA:67:E4:BE:CA:48:33:0E:C1:95:53:C4:EF:27:65:B8:50:C7:B8
ValidityWed, 26 Mar 2025 07:13:18 GMT - Tue, 24 Jun 2025 07:13:17 GMT

File type
JavaScript source, ASCII text, with very long lines (42442), with no line terminators
Size
42 kB (42442 bytes)
Hash
6f3d041863149f3f64b5d5c8f06fe7e3
b1550903426dc964c9f2622bd2d0e941904470a0
a2d9b4c8838a22dd4f456daf932c3aaa72c6c9ed95ddd77f0db5ec61f1aaae69

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /54/b5/36/54b536712684480f5bddc4d3fd1ac8a1.js HTTP/1.1
Host: lucidlylibellous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 18 Apr 2025 17:07:57 GMT
Content-Type: application/javascript
Content-Length: 15410
Connection: keep-alive
content-encoding: gzip
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
set-cookie: 4b4e7ab587d59b22ad7bcd2439afc363_BS-684-4=1; expires=Fri, 18 Apr 2025 17:07:57 GMT; secure; SameSite=None
x-envoy-upstream-service-time: 2
Host: lucidlylibellous.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 9e91fd13fa492234b578df26243656e0
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

172.240.108.76

200 OK

0 B

URL GET
shotgunchancecruel.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2Foct2024%2F3%2Fcss%2Fstyle.css&l=10008&fd=304
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://hianimez.to/
Certificate
IssuerLet's Encrypt
Subjectshotgunchancecruel.com
Fingerprint0C:D3:F1:8B:BC:8A:18:C0:64:49:9C:C1:D7:F5:0C:C7:24:2B:06:04
ValidityWed, 19 Feb 2025 02:30:57 GMT - Tue, 20 May 2025 02:30:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2Foct2024%2F3%2Fcss%2Fstyle.css&l=10008&fd=304 HTTP/1.1
Host: shotgunchancecruel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 18 Apr 2025 17:08:06 GMT
Content-Length: 0
Connection: keep-alive
Host: shotgunchancecruel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

straightforwardaudition.com/pixel/purst?dl=0&th=0&sc=0&rs=2439&rd=2439&fd=1567&bv=25.3.2388&tmpl=70

192.243.59.20

200 OK

0 B

URL GET
straightforwardaudition.com/pixel/purst?dl=0&th=0&sc=0&rs=2439&rd=2439&fd=1567&bv=25.3.2388&tmpl=70
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://hianimez.to/
Certificate
IssuerLet's Encrypt
Subjectstraightforwardaudition.com
Fingerprint03:17:64:F3:5F:29:6C:69:80:21:02:84:80:4E:0C:06:35:8D:EE:42
ValidityWed, 19 Feb 2025 02:53:12 GMT - Tue, 20 May 2025 02:53:11 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2439&rd=2439&fd=1567&bv=25.3.2388&tmpl=70 HTTP/1.1
Host: straightforwardaudition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 18 Apr 2025 17:07:58 GMT
Content-Length: 0
Connection: keep-alive
Host: straightforwardaudition.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

recordedthereby.com/sfp.js

185.196.197.72

200 OK

85 kB

URL GET
recordedthereby.com/sfp.js
IP
185.196.197.72:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://hianimez.to/
Certificate
IssuerLet's Encrypt
Subjectrecordedthereby.com
Fingerprint19:45:8B:8A:1B:43:8F:CB:7D:D5:AA:7C:FF:FA:04:93:35:CA:9D:47
ValidityThu, 06 Mar 2025 21:25:47 GMT - Wed, 04 Jun 2025 21:25:46 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
85 kB (85380 bytes)
Hash
108625937affa4b38bb17cea65510d72
2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee
c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 18 Apr 2025 17:07:57 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28255
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: fef208564026ee3bd71831771e99b1ab
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

capaciousdrewreligion.com/advertisers.js

185.196.197.72

200 OK

0 B

URL GET
capaciousdrewreligion.com/advertisers.js
IP
185.196.197.72:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://hianimez.to/
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
FingerprintF2:06:B4:93:08:6A:C2:08:91:7D:7A:22:BE:44:FF:74:BE:CC:0C:2E
ValidityMon, 03 Mar 2025 21:07:24 GMT - Sun, 01 Jun 2025 21:07:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 18 Apr 2025 17:07:58 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 2b377d1b361b4a4ad1820de8a2d9b85f
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

lucidlylibellous.com/sbar.json?key=54b536712684480f5bddc4d3fd1ac8a1&abt=BS-684-4_1&uuid=641ff0d1-b701-4796-9cca-e8e87ebf62dd%3A2%3A1

172.240.108.68

200 OK

12 kB

URL GET
lucidlylibellous.com/sbar.json?key=54b536712684480f5bddc4d3fd1ac8a1&abt=BS-684-4_1&uuid=641ff0d1-b701-4796-9cca-e8e87ebf62dd%3A2%3A1
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://hianimez.to/
Certificate
IssuerLet's Encrypt
Subjectlucidlylibellous.com
FingerprintC7:EA:67:E4:BE:CA:48:33:0E:C1:95:53:C4:EF:27:65:B8:50:C7:B8
ValidityWed, 26 Mar 2025 07:13:18 GMT - Tue, 24 Jun 2025 07:13:17 GMT

File type
JSON text data
Size
12 kB (11780 bytes)
Hash
9e5912e97674d7ac963349009bb3436b
d0b55cbb88f80d77c0e65e9d01ef92d6ea46ed6e
2d6272f00c92dbc962da1468d1353cec3eef0cb32ae4c2d1c7742b1170fa8497

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=54b536712684480f5bddc4d3fd1ac8a1&abt=BS-684-4_1&uuid=641ff0d1-b701-4796-9cca-e8e87ebf62dd%3A2%3A1 HTTP/1.1
Host: lucidlylibellous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hianimez.to
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 18 Apr 2025 17:08:05 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
custom-referer: https://hianimez.to
access-control-allow-origin: https://hianimez.to
access-control-allow-credentials: true
set-cookie: uid_id2=641ff0d1-b701-4796-9cca-e8e87ebf62dd:2:1; expires=Fri, 25 Apr 2025 17:08:05 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Sat, 19 Apr 2025 17:08:05 GMT; path=/; secure; SameSite=None
uncs=1; expires=Sat, 19 Apr 2025 17:08:05 GMT; path=/; secure; SameSite=None
pdhtkv29=true; expires=Sat, 19 Apr 2025 17:08:05 GMT; path=/; secure; SameSite=None
uncs29=1; expires=Sat, 19 Apr 2025 17:08:05 GMT; path=/; secure; SameSite=None
u_pl25699542=1; expires=Sat, 19 Apr 2025 17:08:05 GMT; path=/; secure; SameSite=None
slec54b536712684480f5bddc4d3fd1ac8a1=[5890561,5890563]; expires=Fri, 18 Apr 2025 17:08:10 GMT; path=/; secure; SameSite=None
x-envoy-upstream-service-time: 232
Host: lucidlylibellous.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 06e41fd226d87183dc3a784d0b6f654d
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

shotgunchancecruel.com/pixel/sbs?c=1

172.240.108.76

200 OK

0 B

URL GET
shotgunchancecruel.com/pixel/sbs?c=1
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://hianimez.to/
Certificate
IssuerLet's Encrypt
Subjectshotgunchancecruel.com
Fingerprint0C:D3:F1:8B:BC:8A:18:C0:64:49:9C:C1:D7:F5:0C:C7:24:2B:06:04
ValidityWed, 19 Feb 2025 02:30:57 GMT - Tue, 20 May 2025 02:30:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: shotgunchancecruel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 18 Apr 2025 17:08:06 GMT
Content-Length: 0
Connection: keep-alive
Host: shotgunchancecruel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

hianimez.to/images/anw-min.webp?v=0.1

104.22.60.126

200 OK

98 kB

URL GET
hianimez.to/images/anw-min.webp?v=0.1
IP
104.22.60.126:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subjecthianimez.to
FingerprintF8:51:79:F5:8B:FA:D3:E9:96:88:63:17:72:3A:52:B3:DE:08:21:56
ValidityTue, 08 Apr 2025 02:44:33 GMT - Mon, 07 Jul 2025 03:40:36 GMT

File type
RIFF (little-endian) data, Web/P image
Size
98 kB (98206 bytes)
Hash
6afcd5cc3add55c89bb977151f37a237
4116f225c22ab717d6d81f6e6a7dca9abe57587f
03a02f89b6edc8c00a5d6891c07c46cf415df43b020d16502e759ae0d27e1f8b

HTTP Headers

GET /images/anw-min.webp?v=0.1 HTTP/1.1
Host: hianimez.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Apr 2025 17:07:54 GMT
content-type: image/webp
content-length: 98206
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0, 1; mode=block
cache-control: public, max-age=31536000
last-modified: Wed, 28 Feb 2024 00:38:35 GMT
etag: W/"17f9e-18ded262247"
cf-cache-status: HIT
age: 555614
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 9325c2da7afa0b31-OSL
X-Firefox-Spdy: h2

hianimez.to/images/level-a-3.png

104.22.60.126

200 OK

5.5 kB

URL GET
hianimez.to/images/level-a-3.png
IP
104.22.60.126:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subjecthianimez.to
FingerprintF8:51:79:F5:8B:FA:D3:E9:96:88:63:17:72:3A:52:B3:DE:08:21:56
ValidityTue, 08 Apr 2025 02:44:33 GMT - Mon, 07 Jul 2025 03:40:36 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Size
5.5 kB (5466 bytes)
Hash
42671822220eb9797d9444deb7f03914
ffc1edf29f6ca353c79756417661a6c0bff05813
abe7005fcd42982de5fbee3e89882b0e8aeb76311169117fc8540bf2a3191926

HTTP Headers

GET /images/level-a-3.png HTTP/1.1
Host: hianimez.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/css/home.css?v=0.9
Cookie: _ga_R34F2GCSBW=GS1.1.1744996076.1.0.1744996076.0.0.0; _ga=GA1.1.112925923.1744996076
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Apr 2025 17:07:56 GMT
content-type: image/png
content-length: 5466
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0, 1; mode=block
cache-control: public, max-age=31536000
last-modified: Sun, 25 Feb 2024 16:09:15 GMT
etag: W/"155a-18de1071a7b"
cf-cache-status: HIT
age: 849706
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 9325c2e67ad00b31-OSL
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

142.250.178.99

200 OK

8.0 kB

URL GET
fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:05:36:C2:8E:4C:CD:95:1E:1C:75:06:44:A3:57:E5:C0:17:02:80
ValidityMon, 31 Mar 2025 08:55:35 GMT - Mon, 23 Jun 2025 08:55:34 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0
Size
8.0 kB (8000 bytes)
Hash
72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

HTTP Headers

GET /s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hianimez.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Apr 2025 17:59:32 GMT
expires: Fri, 17 Apr 2026 17:59:32 GMT
cache-control: public, max-age=31536000
age: 83305
last-modified: Wed, 04 Dec 2024 06:53:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

hianimez.to/favicon-16x16.png

104.22.60.126

200 OK

1.1 kB

URL GET
hianimez.to/favicon-16x16.png
IP
104.22.60.126:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subjecthianimez.to
FingerprintF8:51:79:F5:8B:FA:D3:E9:96:88:63:17:72:3A:52:B3:DE:08:21:56
ValidityTue, 08 Apr 2025 02:44:33 GMT - Mon, 07 Jul 2025 03:40:36 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
1.1 kB (1087 bytes)
Hash
6e9c90e892d6a14567c3d8ddb38b1b26
ac809df2d7f201e9b0623783e99ba131444444ac
18b382173b2fca572515289f4582ae5e9a68cc327500a2d58fc3e2accda0f26d

HTTP Headers

GET /favicon-16x16.png HTTP/1.1
Host: hianimez.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Cookie: _ga_R34F2GCSBW=GS1.1.1744996076.1.0.1744996076.0.0.0; _ga=GA1.1.112925923.1744996076; dom3ic8zudi28v8lr6fgphwffqoz0j6c=641ff0d1-b701-4796-9cca-e8e87ebf62dd%3A2%3A1; pp_main_67845425021f776b630c899590731bf0=1; pp_idelay_67845425021f776b630c899590731bf0=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Apr 2025 17:07:58 GMT
content-type: image/png
content-length: 1087
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0, 1; mode=block
cache-control: public, max-age=31536000
last-modified: Sun, 25 Feb 2024 16:09:15 GMT
etag: W/"43f-18de1071a70"
cf-cache-status: HIT
age: 572500
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 9325c2f1dbea0b31-OSL
X-Firefox-Spdy: h2

cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/oct2024/3/img/icon.jpg

188.114.97.1

200 OK

71 kB

URL GET
cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/oct2024/3/img/icon.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
Fingerprint0B:D7:09:43:6C:42:76:92:3B:8C:0E:15:43:A3:A3:AC:94:B2:C2:CB
ValiditySun, 13 Apr 2025 21:34:38 GMT - Sat, 12 Jul 2025 22:33:20 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.5 (Windows), datetime=2024:10:08 12:50:38], progressive, precision 8, 300x250, components 3
Size
71 kB (71004 bytes)
Hash
7c4ef61da9a1b31964e978f85f0822c5
74b0f0eeafb15241274671b1199c8eb4e21ab181
99225a61cd24642b3467e77a6e23eda7cdd6273f898451e71e4bb9a9eebd262f

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/oct2024/3/img/icon.jpg HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Apr 2025 17:08:06 GMT
content-type: image/jpeg
content-length: 71004
server: cloudflare
accept-ranges: bytes
last-modified: Tue, 08 Oct 2024 11:09:58 GMT
etag: "67051306-1155c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 555652
cf-ray: 9325c3259899b51d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.3.1/css/all.css

104.21.27.152

200 OK

49 kB

URL GET
use.fontawesome.com/releases/v5.3.1/css/all.css
IP
104.21.27.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subjectuse.fontawesome.com
Fingerprint35:EC:02:D7:73:13:A8:D4:94:28:42:85:E4:B3:7F:06:4F:C4:1B:CE
ValidityThu, 06 Mar 2025 00:21:22 GMT - Wed, 04 Jun 2025 01:21:21 GMT

File type
ASCII text, with very long lines (48464)
Size
49 kB (48649 bytes)
Hash
10519cfd3206802f58315b877a9beab5
03232d7095b4a14b88810a0ffe76ae50726c23c6
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

HTTP Headers

GET /releases/v5.3.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Apr 2025 17:07:54 GMT
content-type: text/css
cache-control: max-age=31556926
etag: W/"10519cfd3206802f58315b877a9beab5"
last-modified: Fri, 22 Sep 2023 01:45:29 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 154828
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2FKBw1cqXR1C2ZXKbA2m9qEWbMosQn%2FpcTYRsuKyGLmclxX6Z4ZaThamTkLNB2C4OCZbCAyD5oKPD74%2FrG5EZkddCMlLukQ%2BREpahn9lnMYZY5L7tPs0sEqt%2F3%2FULtodfojE8qoO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9325c2db78d5b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=505&min_rtt=482&rtt_var=114&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3274&recv_bytes=1189&delivery_rate=7541666&cwnd=253&unsent_bytes=0&cid=f077b239843dff00&ts=126&x=0"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

142.250.178.99

200 OK

7.7 kB

URL GET
fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:05:36:C2:8E:4C:CD:95:1E:1C:75:06:44:A3:57:E5:C0:17:02:80
ValidityMon, 31 Mar 2025 08:55:35 GMT - Mon, 23 Jun 2025 08:55:34 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hianimez.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Apr 2025 18:00:13 GMT
expires: Fri, 17 Apr 2026 18:00:13 GMT
cache-control: public, max-age=31536000
age: 83263
last-modified: Wed, 04 Dec 2024 06:54:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2

142.250.178.99

200 OK

7.9 kB

URL GET
fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:05:36:C2:8E:4C:CD:95:1E:1C:75:06:44:A3:57:E5:C0:17:02:80
ValidityMon, 31 Mar 2025 08:55:35 GMT - Mon, 23 Jun 2025 08:55:34 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hianimez.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Apr 2025 18:16:02 GMT
expires: Fri, 17 Apr 2026 18:16:02 GMT
cache-control: public, max-age=31536000
age: 82314
last-modified: Wed, 04 Dec 2024 06:53:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/oct2024/3/js/script.js

188.114.97.1

200 OK

445 B

URL GET
cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/oct2024/3/js/script.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hianimez.to/
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
Fingerprint0B:D7:09:43:6C:42:76:92:3B:8C:0E:15:43:A3:A3:AC:94:B2:C2:CB
ValiditySun, 13 Apr 2025 21:34:38 GMT - Sat, 12 Jul 2025 22:33:20 GMT

File type
ASCII text
Size
445 B (445 bytes)
Hash
aaea974c4b82bbc952ae3de1d6302425
8fe1d7928b3b0d234e22d1f7a83c2fa611ceab77
0652d9a42ce8605bbf9e3e88d0f533cefc3e74f90448f9e00d960bd26a52cdce

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/oct2024/3/js/script.js HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hianimez.to
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Apr 2025 17:08:06 GMT
content-type: application/javascript
server: cloudflare
last-modified: Tue, 08 Oct 2024 11:10:46 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 124897
etag: W/"67051336-1bd"
content-encoding: br
cf-ray: 9325c3251e985691-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

shotgunchancecruel.com/impr.gif?sid=H4sIAAAAAAAC_1RSz2skRRSunl287EFcZC8iDLiIgjPpnun5tXsQ47pL2JiEzUoQEamuqp6Uqe5qq7qnJ3MKBpYcB0_iqfNNssG4iP4Bgk68rQg7ghBhc9A_QdyzzOzA6Du89773dcP3vnoPDrML4iOj5xvv64FUii41qm75jS0Zc53b8tr9sudW3ZvlLRk3_Zvl_jSZ3g2v7lfdN8t3BNvRSzXXc13P9cq3pRGh7i_NWMjkUcerdtyqX6t6DR99839sMweWOuC9C3IVkk9e_Cv8CJKNEUff3RJ2J9XJW-9FmaKpNujxkw_inVjnMaJFGxoHYXwy_xraTgj5sgQdn8w3gO4dTTdAICekdO0pgvhkLhNB7_i50kBBxAj4FeS9MYQaQ9IxmN6H5E8IwDjW1hFHD9e0yenuc5ZO2Qm5_OxvyHxCLj99GXH07bKS_fKmVlkqdWzRDwvI_hiyO0aSnSEdlCDzM7D0c0j-K1l6too4Olq3SkPy8-tN3wtDl3uVoOV6Fb_VaVY6jNGKaIt2SwRhs8b5zCIZjqHEENSWkFkHmXSQhQ6yxEHEz8u-2_aZR-vNsMNZy_Wp73MRuJ12zXVph7WQsan-IdJkCKaGYGYPidnDjhzCZD_Cbhew3IFNCXq8QC4IckuQU4JcEuQpQd4rjrmyNVs85MpmgTevtXmtFyOddg_psU67IiagZgjDiyOZfGb3wdJLo0Fo7470NNEgPV3erDTbfsX_xBvRgBeHyQV5aWqyc3D9d-yI83LDDxr1ZsurNdu-33bDRsA583k95B5lberBygLSlkCtg4GckDtXfkIiJ-T1j_9AQM9g1RhMXgPNXgXNC9DtAoP4dFvSWEaimmpwXSBJLyPddQ7VBXll9sgf_ulAsMdkHmCmQGIKfCp_Juiqg9E9nZOjezq35Pv1JJWRHNDpAWymNBUvnN4Vu7k2fOWWHX79DpsS0_bRfWHTVRpzGXct-WZZci7MbW2YID-s2C0RbGR2ezkzcZasbrx7eyVKjLBW6ngMKp-8VgOTE3L1KzE77dovNyDNGCYrEGULpVKfgSV7sMliZjWBUQscJA7yrBiZWrAYKkmgxALToID9Dw4W_cjQ6d9UFof2AF1TAk33EUcFeqZATxWgagibXRqliXn89m_1WSBQpVGgTOkoUEZ9MTN5mi7ByvNyWBc15rrtVtOrt0Ph1X3Owkbb7_Amdet1gdROtksP_vk3AAD__2nWLUfBBAAA

172.240.108.76

200 OK

0 B

URL GET
shotgunchancecruel.com/impr.gif?sid=H4sIAAAAAAAC_1RSz2skRRSunl287EFcZC8iDLiIgjPpnun5tXsQ47pL2JiEzUoQEamuqp6Uqe5qq7qnJ3MKBpYcB0_iqfNNssG4iP4Bgk68rQg7ghBhc9A_QdyzzOzA6Du89773dcP3vnoPDrML4iOj5xvv64FUii41qm75jS0Zc53b8tr9sudW3ZvlLRk3_Zvl_jSZ3g2v7lfdN8t3BNvRSzXXc13P9cq3pRGh7i_NWMjkUcerdtyqX6t6DR99839sMweWOuC9C3IVkk9e_Cv8CJKNEUff3RJ2J9XJW-9FmaKpNujxkw_inVjnMaJFGxoHYXwy_xraTgj5sgQdn8w3gO4dTTdAICekdO0pgvhkLhNB7_i50kBBxAj4FeS9MYQaQ9IxmN6H5E8IwDjW1hFHD9e0yenuc5ZO2Qm5_OxvyHxCLj99GXH07bKS_fKmVlkqdWzRDwvI_hiyO0aSnSEdlCDzM7D0c0j-K1l6too4Olq3SkPy8-tN3wtDl3uVoOV6Fb_VaVY6jNGKaIt2SwRhs8b5zCIZjqHEENSWkFkHmXSQhQ6yxEHEz8u-2_aZR-vNsMNZy_Wp73MRuJ12zXVph7WQsan-IdJkCKaGYGYPidnDjhzCZD_Cbhew3IFNCXq8QC4IckuQU4JcEuQpQd4rjrmyNVs85MpmgTevtXmtFyOddg_psU67IiagZgjDiyOZfGb3wdJLo0Fo7470NNEgPV3erDTbfsX_xBvRgBeHyQV5aWqyc3D9d-yI83LDDxr1ZsurNdu-33bDRsA583k95B5lberBygLSlkCtg4GckDtXfkIiJ-T1j_9AQM9g1RhMXgPNXgXNC9DtAoP4dFvSWEaimmpwXSBJLyPddQ7VBXll9sgf_ulAsMdkHmCmQGIKfCp_Juiqg9E9nZOjezq35Pv1JJWRHNDpAWymNBUvnN4Vu7k2fOWWHX79DpsS0_bRfWHTVRpzGXct-WZZci7MbW2YID-s2C0RbGR2ezkzcZasbrx7eyVKjLBW6ngMKp-8VgOTE3L1KzE77dovNyDNGCYrEGULpVKfgSV7sMliZjWBUQscJA7yrBiZWrAYKkmgxALToID9Dw4W_cjQ6d9UFof2AF1TAk33EUcFeqZATxWgagibXRqliXn89m_1WSBQpVGgTOkoUEZ9MTN5mi7ByvNyWBc15rrtVtOrt0Ph1X3Owkbb7_Amdet1gdROtksP_vk3AAD__2nWLUfBBAAA
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://hianimez.to/
Certificate
IssuerLet's Encrypt
Subjectshotgunchancecruel.com
Fingerprint0C:D3:F1:8B:BC:8A:18:C0:64:49:9C:C1:D7:F5:0C:C7:24:2B:06:04
ValidityWed, 19 Feb 2025 02:30:57 GMT - Tue, 20 May 2025 02:30:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC_1RSz2skRRSunl287EFcZC8iDLiIgjPpnun5tXsQ47pL2JiEzUoQEamuqp6Uqe5qq7qnJ3MKBpYcB0_iqfNNssG4iP4Bgk68rQg7ghBhc9A_QdyzzOzA6Du89773dcP3vnoPDrML4iOj5xvv64FUii41qm75jS0Zc53b8tr9sudW3ZvlLRk3_Zvl_jSZ3g2v7lfdN8t3BNvRSzXXc13P9cq3pRGh7i_NWMjkUcerdtyqX6t6DR99839sMweWOuC9C3IVkk9e_Cv8CJKNEUff3RJ2J9XJW-9FmaKpNujxkw_inVjnMaJFGxoHYXwy_xraTgj5sgQdn8w3gO4dTTdAICekdO0pgvhkLhNB7_i50kBBxAj4FeS9MYQaQ9IxmN6H5E8IwDjW1hFHD9e0yenuc5ZO2Qm5_OxvyHxCLj99GXH07bKS_fKmVlkqdWzRDwvI_hiyO0aSnSEdlCDzM7D0c0j-K1l6too4Olq3SkPy8-tN3wtDl3uVoOV6Fb_VaVY6jNGKaIt2SwRhs8b5zCIZjqHEENSWkFkHmXSQhQ6yxEHEz8u-2_aZR-vNsMNZy_Wp73MRuJ12zXVph7WQsan-IdJkCKaGYGYPidnDjhzCZD_Cbhew3IFNCXq8QC4IckuQU4JcEuQpQd4rjrmyNVs85MpmgTevtXmtFyOddg_psU67IiagZgjDiyOZfGb3wdJLo0Fo7470NNEgPV3erDTbfsX_xBvRgBeHyQV5aWqyc3D9d-yI83LDDxr1ZsurNdu-33bDRsA583k95B5lberBygLSlkCtg4GckDtXfkIiJ-T1j_9AQM9g1RhMXgPNXgXNC9DtAoP4dFvSWEaimmpwXSBJLyPddQ7VBXll9sgf_ulAsMdkHmCmQGIKfCp_Juiqg9E9nZOjezq35Pv1JJWRHNDpAWymNBUvnN4Vu7k2fOWWHX79DpsS0_bRfWHTVRpzGXct-WZZci7MbW2YID-s2C0RbGR2ezkzcZasbrx7eyVKjLBW6ngMKp-8VgOTE3L1KzE77dovNyDNGCYrEGULpVKfgSV7sMliZjWBUQscJA7yrBiZWrAYKkmgxALToID9Dw4W_cjQ6d9UFof2AF1TAk33EUcFeqZATxWgagibXRqliXn89m_1WSBQpVGgTOkoUEZ9MTN5mi7ByvNyWBc15rrtVtOrt0Ph1X3Owkbb7_Amdet1gdROtksP_vk3AAD__2nWLUfBBAAA HTTP/1.1
Host: shotgunchancecruel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hianimez.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 18 Apr 2025 17:08:07 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 3
Host: shotgunchancecruel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 692bb36fee3b274f598ea90acbb07fa4
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML